fa27f2fbd8e1c9ff42ba1a31ebae4cf1e60167724507d12822790ddb2d991c30

Sharing

Copy URL Twitter E-mail

General

Target

fa27f2fbd8e1c9ff42ba1a31ebae4cf1e60167724507d12822790ddb2d991c30
Size

368KB
MD5

979d8917737137863b0df33714e55f86
SHA1

1e2e9f5a00ce994addd4b46b445f4923cf9f9598
SHA256

fa27f2fbd8e1c9ff42ba1a31ebae4cf1e60167724507d12822790ddb2d991c30
SHA512

1a3b0c1e1a8c47d593477573f8abcbf174d3d9e1d3cd90f9b93d15e75dfe1b669e44cf79e4d36c63f9d464028737553ba79f437c1122ff3c1928e571e7a1c0e1
SSDEEP

6144:XvZmEWFHZRWXi2CzPlzirYfydqz9z/qUTFJ4ttdcuvF36xS:XkJfWS2CcKhCURSvN

Score

N/A

Malware Config

Signatures

Files

fa27f2fbd8e1c9ff42ba1a31ebae4cf1e60167724507d12822790ddb2d991c30
.exe windows x86

90286a1bd4ba021f82989739c47ff536

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetForegroundWindow
PostQuitMessage
SetWindowPos
DispatchMessageA
EndPaint
GetDC
ReleaseDC
ScreenToClient
GetActiveWindow
DestroyWindow
GetMessageA
GetParent
UpdateWindow
ShowWindow
SetCapture
EnableWindow
TranslateMessage
IsWindowEnabled
LoadStringA
IsIconic
RegisterClassA
GetSubMenu
SetTimer
FillRect
PtInRect
MapWindowPoints
BeginPaint
DefWindowProcA
GetSystemMetrics
GetWindowRect
PostMessageA
ReleaseCapture
SetWindowLongA
EndDialog
GetWindowLongA
CreateWindowExA
GetDlgItem
ClientToScreen
MessageBoxA
GetFocus
GetSysColor
SystemParametersInfoA
EnableMenuItem
InvalidateRect
SendMessageA
DrawTextA
GetClientRect
SetCursor

advapi32

RegOpenKeyExW
RegDeleteValueA
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegCreateKeyExW
RegCloseKey
RegDeleteKeyA
RegOpenKeyExA

gdi32

DeleteDC
GetDeviceCaps
DeleteObject
SetBkColor
SetTextColor
BitBlt

kernel32

WaitForSingleObject
GetDriveTypeA
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
ExpandEnvironmentStringsA
ExitProcess
SetErrorMode
FreeEnvironmentStringsW
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetFileAttributesA
GetCommandLineA
HeapReAlloc
GetStringTypeW
GetFullPathNameA
FreeLibrary
LocalFree
FormatMessageW
GetExitCodeProcess
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
FormatMessageA
SetLastError
InterlockedDecrement
GetModuleFileNameW
FileTimeToSystemTime
GetConsoleOutputCP
GetStdHandle
GetEnvironmentVariableA
RtlUnwind
GetSystemTimeAsFileTime
LCMapStringW
GetOEMCP
VirtualAlloc
Sleep
InterlockedIncrement
CreateProcessW
HeapCreate
SizeofResource
SetStdHandle
GetModuleHandleW
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
VirtualFree
lstrlenW
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
GetLastError
LeaveCriticalSection
GetCurrentThreadId
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
RemoveDirectoryA
GlobalLock
FindFirstFileW
CreateFileMappingA
lstrcpyA
FindFirstFileA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
GetVersion
GetLocaleInfoA
SetEndOfFile
VirtualQuery
WriteConsoleA
TerminateProcess
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
SetFileAttributesA
CreateThread
GetModuleHandleA
GetLocalTime
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
VirtualProtect

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90286a1bd4ba021f82989739c47ff536

Headers

File Characteristics

Imports

user32

advapi32

gdi32

kernel32

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 308KB - Virtual size: 308KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 308KB - Virtual size: 308KB

.rsrc
Size: 8KB - Virtual size: 5KB