2c9a32dfa886c40596ae8327fdb9c1b13637dce02a9bbacab5bad1b2cd4c268a

Sharing

Copy URL Twitter E-mail

General

Target

2c9a32dfa886c40596ae8327fdb9c1b13637dce02a9bbacab5bad1b2cd4c268a
Size

825KB
MD5

4f73776611b9aad008bdba2a44a792b4
SHA1

00f5dd9e8069b2380c1cfe560b0da50a0bb5aa37
SHA256

2c9a32dfa886c40596ae8327fdb9c1b13637dce02a9bbacab5bad1b2cd4c268a
SHA512

ae5234f76f95343b5813fab7a48021b9a0093e93b922eb5d890323110e4f16926137278ae6f1e0fd426032885d56d8f0f073e2554e60f0ed6e3153aea0fff1d1
SSDEEP

12288:s49OOve4N/lCmZu/mqYDcL7HfOfDjfd5FHy0rKRGt2XyhqS/kp17r3w3I6OlIrQM:s49OOtfMmfcL6r/FHReHChR/kpF37kQy

Score

N/A

Malware Config

Signatures

Files

2c9a32dfa886c40596ae8327fdb9c1b13637dce02a9bbacab5bad1b2cd4c268a
.exe windows x86

5aa7539ff094bb51d38e58169ff8d2dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
HeapCreate
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
RaiseException
WideCharToMultiByte
LockResource
SizeofResource
FileTimeToLocalFileTime
GlobalUnlock
GetEnvironmentStringsW
LCMapStringA
GetConsoleCP
lstrlenA
UnmapViewOfFile
LCMapStringW
InterlockedIncrement
HeapAlloc
TlsSetValue
GetFileType
CreateEventW
ExpandEnvironmentStringsA
DuplicateHandle
FindFirstFileW
ResetEvent
FindFirstFileA
CompareStringW
GetProcAddress
DeleteFileW
SetEvent
GetStartupInfoW
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
WriteConsoleW
LeaveCriticalSection
Sleep
GlobalAlloc
TerminateProcess
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
GetSystemTime
SetLastError
OutputDebugStringA
FormatMessageA
TlsGetValue
FindClose
LoadResource
GetEnvironmentVariableA
GetOEMCP
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
GetCPInfo
SetStdHandle
FreeEnvironmentStringsW
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapFree
WaitForSingleObject
GetFileAttributesA
GetConsoleOutputCP
GetStdHandle
VirtualAlloc
ExitProcess
GetTickCount
GetVersion
GetCurrentThread
GetModuleHandleA
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
SetEndOfFile
GetLastError

advapi32

RegCreateKeyExW
RegQueryValueExA
RegCreateKeyExA
RegQueryValueExW
RegCloseKey
OpenProcessToken
RegDeleteKeyA
RegDeleteKeyW
RegSetValueExA
RegOpenKeyExA

user32

SetForegroundWindow
ClientToScreen
GetDlgItem
CreateWindowExA
SetWindowTextA
PostMessageA
GetSystemMetrics
GetMessageA
EndPaint
InvalidateRect
SetTimer
GetWindowLongA
EnableMenuItem
LoadStringA
ReleaseDC
ShowWindow
UpdateWindow
DestroyWindow
GetDC
SendMessageA
GetClientRect
DispatchMessageA
SetCursor

msvcrt

_cexit
_controlfp
exit

Sections

.text
Size: 787KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5aa7539ff094bb51d38e58169ff8d2dc

Headers

File Characteristics

Imports

kernel32

advapi32

user32

msvcrt

Sections

.text Size: 787KB - Virtual size: 1.1MB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 787KB - Virtual size: 1.1MB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 18KB - Virtual size: 17KB