ce4c289a8e9dbe1dfb507a4d84b5d19360fdc8336c3f6960900f1df7512cfb72

Sharing

Copy URL

Twitter E-mail

General

Target

ce4c289a8e9dbe1dfb507a4d84b5d19360fdc8336c3f6960900f1df7512cfb72
Size

703KB
MD5

19a4e8837058b2b2f02e2a1969d5d7b4
SHA1

7ea9fbb4e6cdf180e021274ca78ad3111258f2ee
SHA256

ce4c289a8e9dbe1dfb507a4d84b5d19360fdc8336c3f6960900f1df7512cfb72
SHA512

2c49dac1fb0deb3e283a12013b6aff3761721fff1ff3a25911e701fd5456cd19ac462f408093cf1c9b8d58a823a61b8b2d09fb70bb3b35c9f8d8f03ebfa14546
SSDEEP

12288:YMBOEbefQBk26ykVMHZmYRe5JFWwxLg1QgVzV3loTxg3t18AFyrzQk+JOME2szH:ztne26ysM5mYRe5Jw0LgqgbloVu8AFa

Score

N/A

Malware Config

Signatures

Files

ce4c289a8e9dbe1dfb507a4d84b5d19360fdc8336c3f6960900f1df7512cfb72
.exe windows x86

afd7576f854d2aadccbaf37a01b18fbf

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapLock
CreateNamedPipeW
TerminateThread
DeactivateActCtx
GetConsoleAliasesLengthA
GetVersionExW
GetConsoleCP
GetDefaultCommConfigW
FindFirstFileExW
GetDriveTypeW
FreeEnvironmentStringsW
GetProcessPriorityBoost
SetVolumeMountPointA
SetCurrentDirectoryW
GetLongPathNameA
TlsGetValue
SetComputerNameExA
FindAtomA
BuildCommDCBAndTimeoutsW
VirtualProtect
LoadLibraryA
GlobalAlloc
TryEnterCriticalSection
TlsSetValue
GetCommandLineA
InterlockedDecrement
GetCalendarInfoA
CopyFileW
ZombifyActCtx
OutputDebugStringA
GetSystemTimeAdjustment
GetPriorityClass
WritePrivateProfileStringW
GetProcessHeaps
GlobalUnWire
GetProcessHeap
GetStartupInfoA
GetDiskFreeSpaceExW
GetCPInfoExW
GetWindowsDirectoryW
GetSystemWow64DirectoryW
GetLastError
GetProfileStringA
WriteProfileSectionA
GetProfileStringW
GetConsoleCursorInfo
SetLastError
DeleteVolumeMountPointA
DebugBreak
GetPrivateProfileSectionW
ReadFileScatter
GetNumberOfConsoleInputEvents
GetSystemWindowsDirectoryA
TerminateProcess
GlobalFindAtomA
FindCloseChangeNotification
CreateActCtxW
SetMailslotInfo
InterlockedExchange
DefineDosDeviceA
FindVolumeMountPointClose
EndUpdateResourceA
WriteConsoleA
GetPrivateProfileSectionA
WritePrivateProfileSectionW
GetPrivateProfileStructA
GetPrivateProfileSectionNamesA
GetFileAttributesExA
FileTimeToLocalFileTime
MoveFileA
GetVolumePathNameW
HeapUnlock
SetDefaultCommConfigA
FindActCtxSectionStringA
SetThreadContext
MoveFileExA
GlobalUnlock
UnregisterWait
BuildCommDCBA
GlobalDeleteAtom
GetBinaryTypeA
OpenEventW
SetCommTimeouts
WaitNamedPipeA
GetPrivateProfileSectionNamesW
FindResourceExW
GetSystemTimeAsFileTime
GetSystemInfo
SetLocalTime
OpenSemaphoreA
lstrcmpW
GetProcAddress
CreateIoCompletionPort
SetFileShortNameW
lstrcpyW
VerLanguageNameW
GetThreadSelectorEntry
SetSystemTime
GetConsoleAliasW
SetConsoleScreenBufferSize
AllocConsole
GetAtomNameA
WriteConsoleInputA
TransactNamedPipe
GetCommState
_lopen
ResetWriteWatch
GetConsoleOutputCP
GetModuleHandleA
EnumDateFormatsW
LockFile
GetConsoleAliasExesLengthA
WriteConsoleOutputCharacterW
HeapReAlloc
OpenMutexA
GetStringTypeW
SetFilePointer
PostQueuedCompletionStatus
SetFileApisToANSI
CancelWaitableTimer
GetCurrentProcess
SetNamedPipeHandleState
GetCompressedFileSizeA
FindNextVolumeMountPointW
GetFullPathNameW
WriteProfileStringW
DeleteAtom
GlobalAddAtomA
TerminateJobObject
QueryDosDeviceW
InitializeCriticalSection
SetFirmwareEnvironmentVariableW
GetBinaryTypeW
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
InterlockedCompareExchange
Sleep
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
LCMapStringA
LCMapStringW
GetCPInfo
HeapValidate
IsBadReadPtr
GetModuleHandleW
TlsAlloc
GetCurrentThreadId
TlsFree
GetStdHandle
WriteFile
WriteConsoleW
GetFileType
OutputDebugStringW
ExitProcess
LoadLibraryW
GetModuleFileNameA
SetHandleCount
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
HeapAlloc
HeapSize
VirtualAlloc
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
FlushFileBuffers
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
SetStdHandle
CloseHandle
CreateFileA
DeleteFileA

user32

OemToCharA

msimg32

AlphaBlend

Sections

.text
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 434KB - Virtual size: 587KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wap
Size: 512B - Virtual size: 5B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afd7576f854d2aadccbaf37a01b18fbf

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msimg32

Sections

.text Size: 211KB - Virtual size: 211KB

.data Size: 434KB - Virtual size: 587KB

.wap Size: 512B - Virtual size: 5B

.rsrc Size: 38KB - Virtual size: 38KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 211KB - Virtual size: 211KB

.data
Size: 434KB - Virtual size: 587KB

.wap
Size: 512B - Virtual size: 5B

.rsrc
Size: 38KB - Virtual size: 38KB

.reloc
Size: 17KB - Virtual size: 17KB