4c0641e616a6b1d979110650808f4394b6315d5d747f860bc00b9e433c82816b

Sharing

Copy URL

Twitter E-mail

General

Target

4c0641e616a6b1d979110650808f4394b6315d5d747f860bc00b9e433c82816b
Size

617KB
MD5

ef3ab9de902f949fa844414a5617e480
SHA1

201743e13f5f000bcaeef8f2fbb6b3112a656f65
SHA256

4c0641e616a6b1d979110650808f4394b6315d5d747f860bc00b9e433c82816b
SHA512

c8ff6a816c74fc52756a6a7cdaefa7bd4f201a415ba567eb35629039d526fcb08e002532877501eb0c8b853d78b512aec521cb7c1c893ce0c501079b1b63c13c
SSDEEP

12288:59jzGDAMA+KaTZA4HDSS6H/SxToJA40fAxwt8AGNKFEHA:Pj8AMALqA4j0juy9no

Score

N/A

Malware Config

Signatures

Files

4c0641e616a6b1d979110650808f4394b6315d5d747f860bc00b9e433c82816b
.exe windows x86

1c0ca08e1c2b11ffdd1846a296ed24d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
CompareStringW
CompareStringA
CreateFileA
CreateProcessA
GetExitCodeProcess
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
RtlUnwind
LCMapStringW
LCMapStringA
FlushFileBuffers
GetConsoleMode
ReadFile
InitializeCriticalSectionAndSpinCount
GetFileType
SetHandleCount
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
SetLastError
GetOEMCP
GetACP
GetCPInfo
GetTimeZoneInformation
GetStdHandle
WriteFile
HeapCreate
GetStartupInfoA
DeleteCriticalSection
GetFullPathNameA
GetDriveTypeA
SetEnvironmentVariableA
IsDebuggerPresent
TerminateProcess
GetFileAttributesA
GetCurrentThreadId
GetCPInfoExA
QueryPerformanceFrequency
LocalAlloc
VirtualAlloc
FindFirstFileA
EnumSystemLanguageGroupsA
EnumSystemCodePagesA
Sleep
EnumUILanguagesA
FormatMessageA
GetTickCount
GetModuleHandleW
QueryPerformanceCounter
CloseHandle
GetConsoleCP
LoadLibraryExA
GetModuleHandleA
GetLastError
InterlockedExchange
RaiseException
FlushInstructionCache
lstrlenW
MultiByteToWideChar
IsDBCSLeadByte
LeaveCriticalSection
FindResourceA
CreateEventA
SizeofResource
TerminateThread
WideCharToMultiByte
FindResourceExA
InitializeCriticalSection
SetEvent
WaitForSingleObject
GetCurrentProcess
InterlockedDecrement
GetQueuedCompletionStatus
InterlockedIncrement
LoadResource
SetCurrentDirectoryA
GetCurrentDirectoryA
ExitProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
CreateThread
ResumeThread
ExitThread
VirtualQuery
VirtualProtect
HeapSize
CreateIoCompletionPort
GetModuleFileNameA
GetSystemInfo
PostQueuedCompletionStatus
LockResource
GetExitCodeThread
LoadLibraryA
ResetEvent
EnterCriticalSection
HeapReAlloc
HeapDestroy
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetProcAddress
GetCommandLineA
lstrcmpiA
FreeLibrary
lstrlenA
IsValidCodePage

user32

GetDlgItem
GetWindowLongA
SetWindowLongA
TranslateMessage
DefWindowProcA
ShowWindow
DispatchMessageA
GetSystemMetrics
IsDialogMessageA
RegisterWindowMessageA
SendMessageA
CharNextA
PostQuitMessage
CreateDialogParamA
PostThreadMessageA
LoadImageA
PeekMessageA
EndPaint
EnumDisplayMonitors
GetUpdateRgn
SetProcessWindowStation
ScreenToClient
OpenDesktopA
SendDlgItemMessageA
SetCapture
CopyImage
LoadIconA
CreateMenu
BeginPaint
GetMonitorInfoA
GetDC
GetCapture
OpenWindowStationA
SetPropA
InvalidateRect
CharLowerA
CreateWindowExA
MonitorFromWindow
GetDesktopWindow
GetSysColor
GetCursorPos
SetMenu
CreatePopupMenu
DrawMenuBar
ReleaseCapture
SetWindowTextA
LoadCursorA
DialogBoxParamA
GetMessagePos
RegisterClassA
DestroyWindow
GetMessageA
UnregisterClassA

gdi32

GetStockObject
CreatePolygonRgn
SetViewportOrgEx
SetTextColor
GetDeviceCaps
GetRegionData
DeleteObject
SelectObject
CreateCompatibleDC
DPtoLP
CreateCompatibleBitmap
Rectangle
EnumFontFamiliesA
CreateRectRgn
CreatePen
GetTextMetricsA
SetTextAlign
GetObjectA

comdlg32

FindTextA

advapi32

OpenProcessToken
RegDeleteKeyA
RegEnumKeyExA
CloseEventLog
RegSetValueExW
ReadEventLogA
CryptGetDefaultProviderA
RegOpenKeyExW
SetServiceStatus
GetOldestEventLogRecord
RegQueryValueExW
OpenEventLogW
RegCloseKey
RegDeleteValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

shell32

SHBrowseForFolderA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoTaskMemRealloc
CoUninitialize
CoCreateInstance

oleaut32

VarUI4FromStr

odbc32

ord9

comctl32

ImageList_DragEnter
ImageList_Create
InitCommonControlsEx
ImageList_BeginDrag
ImageList_ReplaceIcon

crypt32

CertGetNameStringA

winmm

SendDriverMessage

dbghelp

UnDecorateSymbolName
UnmapDebugInformation

netapi32

NetShareGetInfo

userenv

CreateEnvironmentBlock

pdh

PdhGetFormattedCounterValue

wintrust

WinVerifyTrust

setupapi

SetupDiGetClassDevsA

dnsapi

DnsQuery_A
DnsQuery_UTF8

traffic

TcModifyFlow
TcOpenInterfaceW

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 411KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c0ca08e1c2b11ffdd1846a296ed24d7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

odbc32

comctl32

crypt32

winmm

dbghelp

netapi32

userenv

pdh

wintrust

setupapi

dnsapi

traffic

Sections

.text Size: 169KB - Virtual size: 168KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 411KB - Virtual size: 410KB

.text
Size: 169KB - Virtual size: 168KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 411KB - Virtual size: 410KB