27e86b33e98cd8d695016383da01be3e4856771f9f191faa25b71130d6268ba3

Sharing

Copy URL Twitter E-mail

General

Target

27e86b33e98cd8d695016383da01be3e4856771f9f191faa25b71130d6268ba3
Size

5.0MB
MD5

11d19bd7630574873d05b35e07965261
SHA1

2c6cc72e1c6c3c67e36b377cd7088b8ae4b8c921
SHA256

27e86b33e98cd8d695016383da01be3e4856771f9f191faa25b71130d6268ba3
SHA512

68d4bdb990e622d9d0d34eb7060590a9a20b1dbfeb62ef0a9290d7098dfbd0e1cc008a5da0992c10b828c3bff18f7c6484ba74f9c298682aa2ad5cfab142ce43
SSDEEP

98304:d/9b1Y0opbDUE8ZIxL+xvbbkXXXAgEjl9vQJ6MTqL/RTj:dFRop8fOdYjbiX6l/l

Score

N/A

Malware Config

Signatures

Files

27e86b33e98cd8d695016383da01be3e4856771f9f191faa25b71130d6268ba3
.exe windows x86

ac6ec1138dac8d6e3f066aebe6e60a2b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetLastError
InterlockedDecrement
FreeEnvironmentStringsW
LoadLibraryW
LocalFree
OutputDebugStringA
GetSystemTimeAsFileTime
GetModuleHandleA
SetEvent
GlobalFree
InterlockedIncrement
GetTickCount
InterlockedExchange
GetModuleFileNameA
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
DisableThreadLibraryCalls
GetStartupInfoA
LocalAlloc
GetStringTypeW
FreeEnvironmentStringsA
LCMapStringW
RtlUnwind
GetEnvironmentStrings
GetModuleHandleW
VirtualAlloc
HeapCreate
ExitProcess
TlsAlloc
VirtualFree

user32

BeginPaint
GetWindowThreadProcessId
RegisterClassW
OffsetRect
IsIconic
GetParent
LoadStringW
EndDialog
GetDlgCtrlID
MessageBoxA
GetKeyState
SetFocus

gdi32

GetCharWidthA
DeleteDC
GetStockObject
SetROP2
GetTextAlign
SetMapMode
MoveToEx
GetTextExtentPointW
SetTextAlign

advapi32

CryptAcquireContextW
AllocateAndInitializeSid
RegEnumKeyExA
ImpersonateLoggedOnUser
ChangeServiceConfigW
GetLengthSid
CryptCreateHash
CryptGenKey
CryptAcquireContextA

msvcrt

_initterm
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_exit
_XcptFilter
exit
_acmdln
__getmainargs
__setusermatherr

Sections

a17
Size: 4.4MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

a18
Size: 133KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

a19
Size: 74KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

a20
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac6ec1138dac8d6e3f066aebe6e60a2b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

a17 Size: 4.4MB - Virtual size: 4.9MB

a18 Size: 133KB - Virtual size: 172KB

a19 Size: 74KB - Virtual size: 103KB

a20 Size: 1KB - Virtual size: 3KB

.rsrc Size: 17KB - Virtual size: 16KB

a17
Size: 4.4MB - Virtual size: 4.9MB

a18
Size: 133KB - Virtual size: 172KB

a19
Size: 74KB - Virtual size: 103KB

a20
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 17KB - Virtual size: 16KB