95276f51959260cb55e9f476eb5b334301b789ed91dab04bf8572e5a8bcaf1b8

Sharing

Copy URL

Twitter E-mail

General

Target

95276f51959260cb55e9f476eb5b334301b789ed91dab04bf8572e5a8bcaf1b8
Size

81KB
MD5

faeee06fff51027dec9b5492fe32e50e
SHA1

11b12a67786d8ba6dfd3587dfb62d1804f118127
SHA256

95276f51959260cb55e9f476eb5b334301b789ed91dab04bf8572e5a8bcaf1b8
SHA512

9f6c32fe427f52bc20b9e1bc6b3fe8b66843ccc1174e016e23fdda1d41d1cb93622ec0bd48b85a6995ba0b38422d1e329ee7382e5a6eb81431710250bbf9622e
SSDEEP

1536:VTW/lHIvblB3JbS+Sqglp+Agd1kY4zwPuiu7XJ0wLUk538Hg:Vi/FITPNKqglp+Agd1kY2wGNXUk538

Score

N/A

Malware Config

Signatures

Files

95276f51959260cb55e9f476eb5b334301b789ed91dab04bf8572e5a8bcaf1b8
.exe windows x86

e2c1b25eb49294e6baed6055b9bffac1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AllocateAndInitializeSid
CheckTokenMembership
CloseServiceHandle
EnumServicesStatusW
FreeSid
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
GetUserNameW
OpenProcessToken
OpenSCManagerA
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegEnumKeyExW
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegSetValueExW
RegSetValueW
SystemFunction036

gdiplus

GdipAlloc
GdipCloneBrush
GdipCloneImage
GdipCreateBitmapFromScan0
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateLineBrushFromRectI
GdipCreateStringFormat
GdipDeleteBrush
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeleteStringFormat
GdipDisposeImage
GdipDrawString
GdipFree
GdipGetImageGraphicsContext
GdipGraphicsClear
GdipSaveImageToFile
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdiplusStartup

kernel32

AttachConsole
CloseHandle
CreateFileW
CreateMutexA
CreateProcessW
CreateThread
CreateToolhelp32Snapshot
DeleteFileW
EnterCriticalSection
ExitProcess
ExitThread
GetCommandLineW
GetComputerNameW
GetConsoleWindow
GetCurrentProcess
GetDriveTypeW
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileSize
GetFileSizeEx
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetShortPathNameW
GetStdHandle
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
GetUserDefaultUILanguage
GetVersionExW
HeapAlloc
HeapFree
HeapReAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MoveFileExW
MultiByteToWideChar
OpenProcess
Process32First
Process32Next
ReadFile
ReleaseMutex
SetFileAttributesW
SetFilePointerEx
SleepEx
TerminateProcess
TerminateThread
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrlenA
lstrlenW

ole32

CoCreateInstance
CoInitialize

shell32

CommandLineToArgvW
SHChangeNotify
SHGetFolderPathW
ShellExecuteExW
ShellExecuteW
StrChrA
StrRChrW
StrStrA
StrStrIW

user32

CharUpperBuffW
GetForegroundWindow
GetKeyboardLayoutList
GetSystemMetrics
ShowWindow
SystemParametersInfoW

winhttp

WinHttpAddRequestHeaders
WinHttpCloseHandle
WinHttpConnect
WinHttpOpen
WinHttpOpenRequest
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpReadData
WinHttpReceiveResponse
WinHttpSendRequest

ws2_32

WSAStartup
closesocket
connect
freeaddrinfo
getaddrinfo
getsockopt
htons
recv
send
sendto
socket

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 161B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e2c1b25eb49294e6baed6055b9bffac1

Headers

File Characteristics

Imports

advapi32

gdiplus

kernel32

ole32

shell32

user32

winhttp

ws2_32

Sections

.text Size: 48KB - Virtual size: 48KB

.data Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 161B

.idata Size: 5KB - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 48KB

.data
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 161B

.idata
Size: 5KB - Virtual size: 4KB