42ccd61f1357d37d8c439082e195eed6eb0d3a6b060852ce57161b469919f778

Sharing

Copy URL

Twitter E-mail

General

Target

42ccd61f1357d37d8c439082e195eed6eb0d3a6b060852ce57161b469919f778
Size

122.5MB
MD5

c893af41e33ca5da0a8acf8ac623c2ae
SHA1

65412f1aa3839e41a00adc2ebc7162880c258be7
SHA256

42ccd61f1357d37d8c439082e195eed6eb0d3a6b060852ce57161b469919f778
SHA512

20474b4ab6e85a7b33d544a5f8cdb5d6b03b86ee67b07a54a17ee6358d51abdcd0711a78999fceb83f971590707c62941f0d2c5d18abc1c091694ea29ceb517f
SSDEEP

3145728:zvTXJ9SA7SJ4rS5rCf5PSiDLJHYbxYUBQDLfy/LEXwzce:zTJsrc56YLJHYVlBQHKN4

Score

N/A

Malware Config

Signatures

Files

42ccd61f1357d37d8c439082e195eed6eb0d3a6b060852ce57161b469919f778
.exe windows x86

ad3427a846d7d2b1db90e6b34d95e738

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

winmm

timeKillEvent
timeSetEvent

userenv

GetUserProfileDirectoryW

ws2_32

WSAAsyncSelect

netapi32

NetApiBufferFree
NetShareEnum

kernel32

InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
Sleep
CreateFileW
FlushFileBuffers
SetFilePointer
WriteFile
CloseHandle
SetEvent
GetStdHandle
DuplicateHandle
GetLastError
WaitForSingleObject
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
GetExitCodeProcess
GetStartupInfoW
OpenProcess
GetConsoleWindow
GetCurrentThreadId
SetThreadPriority
GetExitCodeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CreateDirectoryW
DeleteFileW
GetFileAttributesW
GetFileAttributesExW
RemoveDirectoryW
SetEndOfFile
SetFileAttributesW
SetFileTime
CopyFileW
MoveFileExW
GetCurrentDirectoryW
GetLongPathNameW
GetTempPathW
GetSystemDirectoryW
WideCharToMultiByte
CreateEventW
ReadFile
FindClose
FindFirstFileW
FindNextFileW
LocalFree
FormatMessageW
ResetEvent
ReleaseMutex
WaitForMultipleObjects
OutputDebugStringW
IsProcessorFeaturePresent
GetModuleHandleW
GetProcAddress
WaitForSingleObjectEx
GetCommandLineW
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount64
GetSystemTime
GetLocalTime
CreateThread
GetCurrentThread
GetThreadPriority
TerminateThread
ResumeThread
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
GetCurrencyFormatW
GetUserDefaultLCID
GetUserPreferredUILanguages
GetModuleFileNameW
GetFileInformationByHandle
GetSystemInfo
GetLogicalDrives
GetVolumePathNamesForVolumeNameW
SetErrorMode
DeviceIoControl
MoveFileW
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
GetComputerNameW
GetFileType
SetFilePointerEx
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
UnregisterWaitEx
RegisterWaitForSingleObject
FindFirstFileExW
FreeLibrary
GetModuleHandleExW
LoadLibraryW
LoadLibraryA
CreateFileA
InitializeCriticalSectionEx
EncodePointer
DecodePointer
MultiByteToWideChar
LCMapStringEx
RaiseException
GetLocaleInfoEx
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeSListHead
IsDebuggerPresent
RtlUnwind
InterlockedPushEntrySList
SetLastError
LoadLibraryExW
ExitProcess
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
SetStdHandle
GetFileSizeEx
HeapFree
HeapReAlloc
HeapAlloc
CompareStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
HeapSize
WriteConsoleW
InitOnceComplete
InitOnceBeginInitialize
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
VirtualFree
VirtualAlloc
CreateMutexA
GetUserGeoID
GetGeoInfoW
GetDynamicTimeZoneInformation
LCIDToLocaleName
LocaleNameToLCID
SetEnvironmentVariableW
GetTimeZoneInformation
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetFileInformationByHandleEx
GetFullPathNameW
ResolveLocaleName
GetCurrencyFormatEx
GetNumberFormatEx

user32

TranslateMessage
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
SetWindowLongW
GetWindowLongW
KillTimer
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
DestroyWindow
CreateWindowExW
UnregisterClassW
RegisterClassW
DispatchMessageW
PostMessageW
PeekMessageW
DefWindowProcW

advapi32

GetSidSubAuthorityCount
GetSidSubAuthority
RegSetValueExW
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
BuildTrusteeWithSidW
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
LookupAccountSidW
MapGenericMask
GetTokenInformation
GetLengthSid
FreeSid
DuplicateToken
CopySid
AllocateAndInitializeSid
AccessCheck
OpenProcessToken
SystemFunction036
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitialize

Exports

Exports

icudt69_dat

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29.6MB - Virtual size: 29.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 432KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89.0MB - Virtual size: 89.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad3427a846d7d2b1db90e6b34d95e738

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

shell32

version

winmm

userenv

ws2_32

netapi32

kernel32

user32

advapi32

ole32

Exports

Exports

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 29.6MB - Virtual size: 29.6MB

.data Size: 107KB - Virtual size: 432KB

.rsrc Size: 89.0MB - Virtual size: 89.0MB

.reloc Size: 137KB - Virtual size: 136KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 29.6MB - Virtual size: 29.6MB

.data
Size: 107KB - Virtual size: 432KB

.rsrc
Size: 89.0MB - Virtual size: 89.0MB

.reloc
Size: 137KB - Virtual size: 136KB