a2e04a4cb65a10d69e295b3562edbdb4d637883a96423c0e5226dc4283f5a653

Sharing

Copy URL

Twitter E-mail

General

Target

a2e04a4cb65a10d69e295b3562edbdb4d637883a96423c0e5226dc4283f5a653
Size

305KB
MD5

c178414468fccfede403392318fe5ad6
SHA1

81b3de83f0c67d8de0e14bdc300e107684e44cb0
SHA256

a2e04a4cb65a10d69e295b3562edbdb4d637883a96423c0e5226dc4283f5a653
SHA512

c5e671361e83a86959e7e26e6019058a057937405d34805a6f8f9d7d6354f82d8d3951228790c94ae3507daf7cdaaaac53f0c2f3728bb8fcf243ec7f15ce051a
SSDEEP

3072:8OpkgdyAPPsYZwoMqaHpZSlPf/Z+k8c6r:8OpFAAsYZ8LU5oc6r

Score

N/A

Malware Config

Signatures

Files

a2e04a4cb65a10d69e295b3562edbdb4d637883a96423c0e5226dc4283f5a653
.exe windows x86

493ad34d95a4baf97b4dba90a28413cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32First
GetModuleFileNameA
FreeResource
CloseHandle
OutputDebugStringW
GetShortPathNameA
CreateToolhelp32Snapshot
ExitProcess
DisconnectNamedPipe
GetModuleFileNameA
Process32Next
LoadModule
InterlockedCompareExchange
LoadLibraryA
GetProcAddress
GlobalLock
CreateFileA
GetVersion

user32

DispatchMessageW
DestroyCaret
DefWindowProcA
GetIconInfo
RegisterClassExA
DdeInitializeW
ShowWindow
GetClipboardFormatNameA
AllowSetForegroundWindow
InSendMessage
ClientToScreen
CreateWindowExA
DispatchMessageW
DialogBoxIndirectParamW
AttachThreadInput
FindWindowW
DdeGetLastError
CharNextA
GetMessageA
ChangeDisplaySettingsA
CharNextA
GetDesktopWindow
DefFrameProcA
TranslateMessage
GetClassInfoExW
CreateIconFromResourceEx
CreateDialogParamA
UpdateWindow
DispatchMessageA
CreateWindowExA

advapi32

DeleteAce
RegEnumKeyExW
CloseEventLog
RegRestoreKeyA
CryptDestroyHash
RegDeleteKeyW
CryptVerifySignatureA
RegOpenCurrentUser
CryptSetKeyParam
GetTrusteeTypeA
CryptGenRandom
QueryServiceStatus
RegSaveKeyW
InitializeSid
GetSecurityDescriptorGroup

shell32

SHCreateProcessAsUserW
SHChangeNotifyRegister
Control_RunDLL
ExtractAssociatedIconW
SheGetDirExW
ExtractAssociatedIconA
SHGetShellStyleHInstance
Options_RunDLLA
SHGetInstanceExplorer
SHCreatePropSheetExtArray
SHLoadOLE
SHBrowseForFolderA
SHGetRealIDL
SHGetDiskFreeSpaceExA
IsLFNDriveW
Control_RunDLLA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

493ad34d95a4baf97b4dba90a28413cf

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 192KB - Virtual size: 192KB

.idata Size: 96KB - Virtual size: 96KB

.rdata Size: 4KB - Virtual size: 4KB

.aspack Size: 4KB - Virtual size: 4KB

.adata Size: - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 192KB - Virtual size: 192KB

.idata
Size: 96KB - Virtual size: 96KB

.rdata
Size: 4KB - Virtual size: 4KB

.aspack
Size: 4KB - Virtual size: 4KB

.adata
Size: - Virtual size: 4KB