b8cf8c2e4cbe1be16e9e809a973ad45f2bbe6dd8751804c5649f5a36f57e9d30

Sharing

Copy URL

Twitter E-mail

General

Target

b8cf8c2e4cbe1be16e9e809a973ad45f2bbe6dd8751804c5649f5a36f57e9d30
Size

167KB
MD5

0ee7a1a1a568c893fef0393659ab7ca0
SHA1

e74500fddd1cff5c1839feb396e7b8c773ce967c
SHA256

b8cf8c2e4cbe1be16e9e809a973ad45f2bbe6dd8751804c5649f5a36f57e9d30
SHA512

bfcc952679c8677c140e934ec41f62531d3dbcee44f1e8c173f7fba41c33ac6e76070dd5452df18c79138ca2894965418b8c3cd49550f47e28e0ff7e3a4e2121
SSDEEP

3072:8LTKq594eaGmHQ/C3bWjnP9gELQhel1FOiz3VVpGegxA+vC/gu:gKq594elhC3bBelOizlEm+

Score

N/A

Malware Config

Signatures

Files

b8cf8c2e4cbe1be16e9e809a973ad45f2bbe6dd8751804c5649f5a36f57e9d30
.exe windows x86

cef753d8f4b1251d046f026c6a123a5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
AdjustTokenPrivileges
RegOpenKeyA
OpenProcessToken
RegQueryValueExA

kernel32

GetCPInfo
FindClose
lstrcpynA
GlobalLock
WideCharToMultiByte
EnumCalendarInfoA
VirtualAlloc
GetFileSize
FindResourceA
CompareStringA
InitializeCriticalSection
lstrlenA
LeaveCriticalSection
GlobalAddAtomA
GetFileType
InterlockedIncrement
GetVersion
GetDiskFreeSpaceA
UnhandledExceptionFilter
GetCurrentThreadId
LoadLibraryExA
SetConsoleCtrlHandler
FindFirstFileA
SetEvent
GlobalHandle
SetLastError
lstrcmpA
lstrcpyA
LoadResource
SetHandleCount
GetSystemDirectoryA
WriteFile
GetModuleFileNameA
GetVersionExA
CloseHandle
TlsSetValue
LockResource
GetModuleHandleA
DeleteFileA
GlobalUnlock
SetThreadLocale
GlobalDeleteAtom
MulDiv
VirtualFree
GetOEMCP
GetLastError
FormatMessageA
WaitForSingleObject
SetEndOfFile
ExitProcess
FreeLibrary
GetEnvironmentStringsA
LoadLibraryA
HeapFree
SizeofResource
EnterCriticalSection
LocalAlloc
WinExec
FreeResource
Sleep
MultiByteToWideChar
RaiseException
ReadFile
LocalFree
GlobalFree
SetErrorMode
CreateFileA
TlsAlloc
SetFilePointer
GetStdHandle
DeleteCriticalSection
RtlUnwind
GetWindowsDirectoryA
GetProcessHeap
GlobalAlloc
HeapAlloc
GetStringTypeW
GetCommandLineA
CreateEventA
GetLocaleInfoA
GetCurrentProcess
GetStartupInfoA
GetPrivateProfileStringA
GetThreadLocale
TlsGetValue
InterlockedDecrement
GetLocalTime
GetTickCount
GetACP
CreateThread
GetProcAddress
VirtualQuery
TlsFree
GlobalReAlloc
GetSystemInfo

oleaut32

SysAllocStringLen
SysFreeString
VariantCopyInd
SysReAllocStringLen
VariantChangeTypeEx
SysStringLen
VariantClear

ole32

IsEqualGUID

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cef753d8f4b1251d046f026c6a123a5a

Headers

File Characteristics

Imports

advapi32

kernel32

oleaut32

ole32

Sections

.text Size: 141KB - Virtual size: 140KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 10KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 141KB - Virtual size: 140KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 10KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 3KB