71206ae3606b603f39f58eafbda26fa15e8aea468050829b8a855c314c19d710

Sharing

Copy URL Twitter E-mail

General

Target

71206ae3606b603f39f58eafbda26fa15e8aea468050829b8a855c314c19d710
Size

64KB
MD5

53202c8d92426ed1263f82581fe3663c
SHA1

7ed3fa0b061c3cb91b7c91c294c6dfd9f3ade040
SHA256

71206ae3606b603f39f58eafbda26fa15e8aea468050829b8a855c314c19d710
SHA512

76d564a3dc416c95ceea5a4548bef32a446336d133a107f6d6a5420ae636137a337aa3455738f0797f5bdbb6554ae02124224e65027a0116f8df58aa96beef02
SSDEEP

1536:3Btj5DwnFLf+nljDBJ25Z38uth3O+X9j6FDh:3twBGnlPBwjkDh

Score

N/A

Malware Config

Signatures

Files

71206ae3606b603f39f58eafbda26fa15e8aea468050829b8a855c314c19d710
.exe windows x86

e5bbf16c976184c043d5317e2bde0536

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
OpenProcess
GetCurrentProcessId
WaitForSingleObject
CreateEventA
CompareStringW
CompareStringA
GetTimeZoneInformation
GetCurrentDirectoryA
GetFullPathNameA
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
HeapCompact
FlushFileBuffers
GetSystemInfo
VirtualProtect
GetLocaleInfoA
LCMapStringW
LCMapStringA
HeapSize
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
SetFilePointer
VirtualQuery
SetProcessWorkingSetSize
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
GetStartupInfoA
CreateProcessA
GetVersionExA
OpenEventA
SetEvent
CloseHandle
Sleep
FindClose
GetModuleFileNameA
InterlockedExchange
SetEnvironmentVariableA
ExitProcess
GetLastError
GetModuleHandleA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
GetProcAddress
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
LoadLibraryA
RtlUnwind

user32

RegisterWindowMessageA
GetCursorPos
SetForegroundWindow
TrackPopupMenu
GetSubMenu
LoadIconA
DestroyWindow
FindWindowA
LoadMenuA
SetTimer
SetMenuItemInfoA
GetMessageA
DispatchMessageA
KillTimer
DestroyMenu
RegisterClassA
CreateWindowExA
DefWindowProcA
PostQuitMessage
LoadStringA
EnableMenuItem
EnumWindows
GetWindowTextA
GetClassNameA
PostMessageA
TranslateMessage

advapi32

SetSecurityDescriptorDacl
StartServiceA
ControlService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
InitializeSecurityDescriptor

shell32

Shell_NotifyIconA

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5bbf16c976184c043d5317e2bde0536

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 8KB