1a247db9ae193938318c1935ebca3e258da2b1ba99902422066df28f4245a002

Sharing

Copy URL

Twitter E-mail

General

Target

1a247db9ae193938318c1935ebca3e258da2b1ba99902422066df28f4245a002
Size

52KB
MD5

19660b46a1d17197b4f9f77e0e8b2c58
SHA1

ca057c6880fe2596193c64150d5f4d4b817be94e
SHA256

1a247db9ae193938318c1935ebca3e258da2b1ba99902422066df28f4245a002
SHA512

43614e6589d7c3b444ce19c7922476e2cd1e864d9bf56947d1b2ebd207cecab2a3392f3df8cfbbc67cabb46c218e6320eb8d7a262590fa207542daa098853721
SSDEEP

768:1Kau5Zth5ux0XUtULLaFTt2TwomMrBWGYhyyQEQ2+RC6TIqv59z:YauBXkCanhcchyy7QBRC6TIqv59z

Score

N/A

Malware Config

Signatures

Files

1a247db9ae193938318c1935ebca3e258da2b1ba99902422066df28f4245a002
.exe windows x86

c142a93fd8a1b3fd00db612644f5b0e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalSize
LocalSize
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileAttributesW
Sleep
GetCurrentProcess
GetModuleFileNameW
SetFilePointer
ExitProcess
OpenMutexW
GetCommandLineW
GetProcAddress
GetVolumeInformationW
GetModuleHandleA
SetErrorMode
GlobalLock
WideCharToMultiByte
lstrcmpiW
GlobalUnlock
GetFileSize
ReadFile
SetFileAttributesW
CreateFileW
WriteFile
CloseHandle
CopyFileW
lstrcpyA
lstrcatA
GetLocalTime
GetLocaleInfoA
lstrlenA
GetLocaleInfoW
LocalAlloc
lstrcatW
FindFirstFileW
lstrlenW
lstrcmpW
lstrcpyW
LocalFree
FindNextFileW
FindClose
GetLogicalDrives
GetDriveTypeW
CreateMutexW

advapi32

CryptHashData
CryptGetHashParam
CryptCreateHash
GetUserNameA
CryptExportKey
CryptDestroyKey
CryptEncrypt
CryptGenKey
CryptAcquireContextW
CryptReleaseContext
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
CryptDecrypt
CryptImportKey
CryptDestroyHash

user32

wsprintfA
wsprintfW

shlwapi

StrStrW
StrStrA
StrRChrW

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream

crypt32

CryptDecodeObjectEx
CryptImportPublicKeyInfo
CryptProtectData
CryptUnprotectData
CryptBinaryToStringW
CryptStringToBinaryA
CryptBinaryToStringA

shell32

SHChangeNotify
ShellExecuteExW
SHGetSpecialFolderPathW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

mpr

WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c142a93fd8a1b3fd00db612644f5b0e4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

shlwapi

ole32

crypt32

shell32

version

mpr

Sections

.text Size: 25KB - Virtual size: 25KB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 25KB - Virtual size: 25KB

.rsrc
Size: 512B - Virtual size: 480B