93911284a4e7b304d453722ed837c2b4a7c52d2b2b7839bcffd145135f444023

Sharing

Copy URL

Twitter E-mail

General

Target

93911284a4e7b304d453722ed837c2b4a7c52d2b2b7839bcffd145135f444023
Size

4.9MB
MD5

a29cbe7ed068cc619c2bdd3a1d706cf1
SHA1

4e6ec1959202922c7b519d0e3d35d0a012d37869
SHA256

93911284a4e7b304d453722ed837c2b4a7c52d2b2b7839bcffd145135f444023
SHA512

2c255f79428cfd64cdbc92da3db6df5be3745f42b4c62ba266ee96d25c49cf2105b484775f26ca8a7cdb1108eda6feb656f5a84607cb2ffb559acd1c8b024270
SSDEEP

98304:/hwncanyNEuHncHaFXWrtjz4Ih+BKtiBk7Y32BAUZL2qqlv:CnckeEuHncHa23XVFU

Score

N/A

Malware Config

Signatures

Files

93911284a4e7b304d453722ed837c2b4a7c52d2b2b7839bcffd145135f444023
.exe windows x86

5e30c7b07a397171ad7d6c3f8f24ac17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
WaitForSingleObject
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
GetCurrentProcess
RtlMoveMemory
EnterCriticalSection
InterlockedCompareExchange
SwitchToThread
LeaveCriticalSection
InterlockedExchange
VirtualQueryEx
WideCharToMultiByte
CreateWaitableTimerA
SetWaitableTimer
InterlockedIncrement
GetLocalTime
GetLastError
SetLastError
GetSystemInfo
IsWow64Process
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapAlloc
SetEnvironmentVariableA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GetLongPathNameA
GetFileAttributesA
MultiByteToWideChar
IsBadReadPtr
CreateFileW
SetThreadAffinityMask
SetFilePointer
WriteFile
HeapReAlloc
GetFileSizeEx
HeapCreate
HeapFree
ReadFile
CancelWaitableTimer
lstrlenW
RtlZeroMemory
lstrcmpW
lstrcmpiW
InterlockedDecrement
DeleteCriticalSection
SetCriticalSectionSpinCount
TryEnterCriticalSection
CreateEventA
SetEvent
ResetEvent
WaitForMultipleObjects
HeapDestroy
FreeLibrary
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
ExitProcess
GetModuleFileNameA
GetFileSize
GetStdHandle
GetTickCount
GetUserDefaultLCID
LCMapStringA
CloseHandle
CreateThread
CreateFileA
Sleep

shell32

SHGetSpecialFolderPathA
SHCreateDirectoryExA

user32

DispatchMessageA
GetMessageA
TranslateMessage
wsprintfA
MessageBoxA

shlwapi

StrToIntExW
StrToIntW

ole32

CoInitializeEx
CoUninitialize
OleRun
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoInitialize

msvcrt

strtod
strstr
malloc
realloc
strchr
floor
modf
strncmp
strncpy
_atoi64
_CIfmod
atoi
free
sprintf
_ftol
??2@YAPAXI@Z
??3@YAXPAX@Z
strrchr

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

oleaut32

SysAllocString
SafeArrayCreate
VariantCopy
RegisterTypeLi
LHashValOfNameSys
LoadTypeLi
VariantChangeType
VarR8FromBool
VarR8FromCy
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
SafeArrayDestroy

Sections

.text
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.6MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e30c7b07a397171ad7d6c3f8f24ac17

Headers

File Characteristics

Imports

kernel32

shell32

user32

shlwapi

ole32

msvcrt

advapi32

oleaut32

Sections

.text Size: 316KB - Virtual size: 316KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 4.6MB - Virtual size: 4.7MB

.rsrc Size: 512B - Virtual size: 464B

.text
Size: 316KB - Virtual size: 316KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 4.6MB - Virtual size: 4.7MB

.rsrc
Size: 512B - Virtual size: 464B