ac8ab205c4a30d2e788edbaa1884ce3077993cfe924d8735afca737b513e699b

Sharing

Copy URL Twitter E-mail

General

Target

ac8ab205c4a30d2e788edbaa1884ce3077993cfe924d8735afca737b513e699b
Size

136KB
MD5

7352590300625a9aff52984fa1955f15
SHA1

2db739ee93a43c619a88008551d425fd4a4625b4
SHA256

ac8ab205c4a30d2e788edbaa1884ce3077993cfe924d8735afca737b513e699b
SHA512

ae0896de4dbe0b1437f2de99f5f6e03a87d91c282e441f25b5f121c3b146b4f896c7f4aa95e39891c54d3a89df065dae7fc6971f18e360f555e08f46aa29f873
SSDEEP

1536:vtn1mwTkVM6VxRPftvE6JKtlmRNLwJbCyImjxlhFz65:vtuM2S7PmsVvIcxlhFz6

Score

1^/10

Malware Config

Signatures

Files

ac8ab205c4a30d2e788edbaa1884ce3077993cfe924d8735afca737b513e699b
.exe windows x86

803d0b39ccddb7e5169c13b495d4f520

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
FreeLibrary
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
LoadLibraryA
CloseHandle
lstrlenA
GetCurrentThreadId
GetModuleHandleA
lstrcatA
lstrcpyA
GetTickCount
SetEvent
GetLastError
Sleep
CreateEventA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
InterlockedIncrement
FlushFileBuffers
SetStdHandle
SetFilePointer
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetFileType
SetHandleCount
WaitForSingleObject
ResetEvent
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
WriteFile
HeapSize
UnhandledExceptionFilter
GetCurrentProcess
InterlockedExchange
ExitProcess
RtlUnwind
HeapFree
ExitThread
CreateThread
HeapReAlloc
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
TerminateProcess

user32

SetWindowLongA
GetWindowLongA
PostMessageA
UnregisterClassA
DefWindowProcA
PostQuitMessage
CharNextA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
CharLowerA
LoadStringA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
LoadImageA
DestroyIcon
DestroyWindow

advapi32

RegCloseKey
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA

ole32

CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize
CoCreateInstance

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hhqg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

803d0b39ccddb7e5169c13b495d4f520

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 52KB - Virtual size: 48KB

.hhqg Size: 4KB - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 52KB - Virtual size: 48KB

.hhqg
Size: 4KB - Virtual size: 4KB