ce21089b2eca99c1d68ea00bc799fcd6c96a1c36c2f76dac3dd8f8dd38be5018

Sharing

Copy URL Twitter E-mail

General

Target

ce21089b2eca99c1d68ea00bc799fcd6c96a1c36c2f76dac3dd8f8dd38be5018
Size

155KB
MD5

08245cf4f078371577d196cb5e01158f
SHA1

636d275966ffa0cc1d83336de6e6e16e94224a77
SHA256

ce21089b2eca99c1d68ea00bc799fcd6c96a1c36c2f76dac3dd8f8dd38be5018
SHA512

eee98d50290170e51fde039c4a023a828d325d130f9c734ad1a1e3655a170357cbe58300b4062736b4ede0aebd8626a226ea48df16bea739411686ed03bb37c3
SSDEEP

3072:aM8foOAd4zUtYHqNEsZZXToK/G+kWYg0mFuDjf/EcwU/:aTAdkB2RZRToK/GXWYz

Score

N/A

Malware Config

Signatures

Files

ce21089b2eca99c1d68ea00bc799fcd6c96a1c36c2f76dac3dd8f8dd38be5018
.exe windows x86

194208abfa45a69dabe027acfe985ea1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
CreateThread
CreateEventA
lstrcmpiW
GetFileTime
GetTempPathA
FindResourceExW
CreateFileA
SetEnvironmentVariableA
HeapSize
SetCurrentDirectoryA
GetVersionExW
GlobalHandle
ProcessIdToSessionId
WaitForSingleObject
RaiseException
lstrcpynA
ReleaseMutex
HeapAlloc
GetDriveTypeA
GlobalUnlock
ResumeThread
FileTimeToLocalFileTime
ExitProcess
OpenEventW
VirtualAlloc
GetCurrentDirectoryW
GetStringTypeA

version

GetFileVersionInfoA
GetFileVersionInfoW

ole32

CoGetMalloc
DoDragDrop
CoTaskMemAlloc
CLSIDFromString
PropVariantClear
CoUninitialize
CreateBindCtx
OleInitialize
CLSIDFromProgID
CoInitializeEx
OleUninitialize
CoInitialize

msvcrt

localtime
_chdrive
_initterm
bsearch
_except_handler3
strtol
iswctype
__p__fmode
_beginthread
_iob
strcspn
swscanf
_ftol
_open_osfhandle
__p__commode
_dstbias
_splitpath

user32

MapWindowPoints
GetDC
MessageBoxW
CheckMenuItem
LoadStringA
IsIconic
GetMessagePos
FindWindowW
MessageBeep
SetCapture
CharUpperW
GetClientRect
ReleaseCapture
DispatchMessageW
SetDlgItemTextW
DestroyWindow
GetParent
SystemParametersInfoW
InflateRect
GetClassNameW

advapi32

RegEnumKeyExW
AllocateAndInitializeSid
RegQueryValueW
RegQueryInfoKeyW
InitializeSecurityDescriptor
RegQueryInfoKeyA
GetTokenInformation
CloseServiceHandle
RegEnumValueA
RegDeleteKeyW
ChangeServiceConfigA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyW
EnumServicesStatusExA
RegFlushKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueW
RegEnumValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
LookupAccountSidW
RegQueryValueExA
RegOpenKeyW
RegCreateKeyExW
GetAce
GetSecurityDescriptorControl
EqualSid

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

194208abfa45a69dabe027acfe985ea1

Headers

File Characteristics

Imports

kernel32

version

ole32

msvcrt

user32

advapi32

Sections

.text Size: 6KB - Virtual size: 5KB

.data Size: 39KB - Virtual size: 39KB

.bss Size: 87KB - Virtual size: 86KB

.idata Size: 17KB - Virtual size: 16KB

.reloc Size: 512B - Virtual size: 454B

.rsrc Size: 4KB - Virtual size: 8KB

.text
Size: 6KB - Virtual size: 5KB

.data
Size: 39KB - Virtual size: 39KB

.bss
Size: 87KB - Virtual size: 86KB

.idata
Size: 17KB - Virtual size: 16KB

.reloc
Size: 512B - Virtual size: 454B

.rsrc
Size: 4KB - Virtual size: 8KB