cf2c6b529e31eb27fef382b0c70797e5fbdc5bc302dc26a65b87c63cc6f7ed80

Sharing

Copy URL Twitter E-mail

General

Target

cf2c6b529e31eb27fef382b0c70797e5fbdc5bc302dc26a65b87c63cc6f7ed80
Size

212KB
MD5

db96381bd45a830dc004cc211a73982a
SHA1

4e03e568941d1951dbbce5baa2ae0f88b6257c88
SHA256

cf2c6b529e31eb27fef382b0c70797e5fbdc5bc302dc26a65b87c63cc6f7ed80
SHA512

40911bf4c8f34c5ed85a9841664667981faaad1a727eed9174cfce1409c2acb8730fa0625e444455bdf5f4a18744d436b7c388f88b53afaa792df3395a8ebb12
SSDEEP

6144:3tGOBvF2MUIAx4O6p7ja2NTl5dfIU07fh:3PFsIopW7ja2NTl5dfzup

Score

N/A

Malware Config

Signatures

Files

cf2c6b529e31eb27fef382b0c70797e5fbdc5bc302dc26a65b87c63cc6f7ed80
.exe windows x86

f0291de02b0c8c7475394a83fe9fc8a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateGuid
CoUninitialize
CoInitializeEx
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoTaskMemRealloc
CoCreateInstance

kernel32

DeleteCriticalSection
lstrcpyA
GetCurrentProcess
OpenProcess
GetExitCodeProcess
GetExitCodeThread
DuplicateHandle
CloseHandle
Sleep
GetProcAddress
CreateEventA
GetCurrentThreadId
GetCurrentProcessId
HeapAlloc
HeapFree
GetProcessHeap
ExitProcess
lstrlenA
GetWindowsDirectoryA
GetFileAttributesA
lstrcatA
CopyFileA
GetModuleFileNameA
DeleteFileA
WaitForSingleObject
CreateMutexA
ResumeThread
CreateThread
TerminateThread
FindResourceA
GetLocaleInfoA
lstrcpynA
LoadResource
InterlockedIncrement
InterlockedDecrement
GetSystemTimeAsFileTime
GetCommandLineA
SizeofResource
IsDBCSLeadByte
GetACP
MultiByteToWideChar
RaiseException
InterlockedExchange
GetLastError
SetLastError
GetThreadLocale
GetModuleHandleA
LoadLibraryExA
GetVersionExA
GlobalSize
GlobalAlloc
GlobalFree
CreateFileA
WriteFile
FindResourceExA
LockResource
LoadLibraryA
CreateDirectoryA
GetTempPathA
GetVolumeInformationA
GetLocalTime
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
GetThreadContext
SetThreadContext
CreateProcessA
FlushInstructionCache
GetShortPathNameA
VirtualProtectEx
WriteProcessMemory
SetFilePointer
SetFileTime
ReadFile
GetFileTime
TerminateProcess
Process32First
Process32Next
CreateToolhelp32Snapshot
VirtualFree
VirtualAlloc
GetTimeFormatA
GetDateFormatA
FileTimeToSystemTime
GetFileAttributesExA
GetStartupInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
HeapReAlloc
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate
IsBadWritePtr
HeapSize
GetOEMCP
GetCPInfo
RtlUnwind
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
LocalFree
EnterCriticalSection
lstrcmpiA
lstrlenW
LeaveCriticalSection
WideCharToMultiByte
InitializeCriticalSection
FreeLibrary
lstrcmpA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetTickCount
VirtualFreeEx

user32

MsgWaitForMultipleObjects
CharNextA
TranslateMessage
GetMessageA
SetTimer
IsChild
KillTimer
IsWindowEnabled
SetWinEventHook
wsprintfA
EnumWindows
GetWindowLongA
GetDesktopWindow
IsWindowVisible
GetWindowModuleFileNameA
GetWindowThreadProcessId
wvsprintfA
DispatchMessageA

advapi32

AdjustTokenPrivileges
RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyExA

oleaut32

VarBstrCat
SysAllocStringByteLen
SysStringLen
VarUI4FromStr
SysFreeString
VariantInit
VariantClear
SysStringByteLen
SysAllocString
SysAllocStringLen

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 84KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f0291de02b0c8c7475394a83fe9fc8a5

Headers

File Characteristics

Imports

ole32

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 84KB - Virtual size: 96KB

.rsrc Size: 4KB - Virtual size: 512B

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 84KB - Virtual size: 96KB

.rsrc
Size: 4KB - Virtual size: 512B

.reloc
Size: 12KB - Virtual size: 9KB