1ccbd9ae243be5abdbd35f38a3cbfc8e341506a9ed040424c87494e4963fb70c

Sharing

Copy URL

Twitter E-mail

General

Target

1ccbd9ae243be5abdbd35f38a3cbfc8e341506a9ed040424c87494e4963fb70c
Size

559KB
MD5

c87b435d527dbdd73a17f816f38d8efb
SHA1

15d6378b731ae7630249681ffd7d5e1f63b3597f
SHA256

1ccbd9ae243be5abdbd35f38a3cbfc8e341506a9ed040424c87494e4963fb70c
SHA512

2454799833b21c1482571492ec4dccaf2a0f957976dfde5fa74156c44364c5be0bd9b2c36100a7e943b1e6d471fb315acf256aa47493d2f3287638970bcd4701
SSDEEP

12288:8qG6v/tLSvdHdQpeGQIwjmLNyBbCIbDg/PwpHtUoyYTSbG:mU/tOVHdsU5mLNObCIbDg/P0cYUG

Score

N/A

Malware Config

Signatures

Files

1ccbd9ae243be5abdbd35f38a3cbfc8e341506a9ed040424c87494e4963fb70c
.exe windows x86

2d91964cc105dcbe60335c4824a9acfa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetDefaultProviderW
RegQueryInfoKeyW
GetUserNameW
RegQueryInfoKeyA
CryptDestroyKey
CryptHashSessionKey
CryptAcquireContextA
RegEnumValueA

comctl32

InitCommonControlsEx

kernel32

SetVolumeLabelW
MultiByteToWideChar
FreeEnvironmentStringsW
IsValidCodePage
GetDateFormatA
GetTempFileNameA
WriteFile
SetLastError
SetFilePointer
GetStartupInfoA
GetTimeZoneInformation
VirtualAlloc
SetHandleCount
GetLastError
GetCompressedFileSizeA
ReadConsoleOutputAttribute
SetConsoleCtrlHandler
TlsGetValue
InitializeCriticalSection
WaitCommEvent
GetCurrentProcessId
GetStringTypeA
EnumCalendarInfoA
CreateMutexA
HeapDestroy
GetCommandLineA
GetModuleHandleA
GetEnvironmentStringsW
GetTickCount
FreeLibrary
SetStdHandle
GetStringTypeW
GetConsoleMode
IsValidLocale
GetLocaleInfoA
CreateFileA
LCMapStringA
ExitProcess
GetOEMCP
GetACP
HeapReAlloc
GetCurrentThread
SetEnvironmentVariableA
GetModuleFileNameA
GetConsoleCP
TlsAlloc
LCMapStringW
WideCharToMultiByte
GetConsoleOutputCP
GlobalHandle
GetProcAddress
InterlockedExchange
FlushFileBuffers
VirtualQuery
CloseHandle
HeapCreate
WriteConsoleA
WriteConsoleW
OpenMutexA
UnhandledExceptionFilter
GetVersionExA
GetTimeFormatA
QueryPerformanceCounter
DeleteCriticalSection
HeapFree
HeapSize
VirtualFree
LoadLibraryA
IsDebuggerPresent
CompareStringW
GetFileType
InterlockedIncrement
GetCurrentThreadId
CreateMailslotA
GetProcessHeap
HeapAlloc
GetStdHandle
ReadFile
RtlUnwind
TerminateProcess
InterlockedDecrement
EnumSystemLocalesA
TlsFree
EnterCriticalSection
CompareStringA
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetCPInfo
GetEnvironmentStrings
SetUnhandledExceptionFilter
LeaveCriticalSection
IsBadWritePtr
GetLocaleInfoW
GetCurrentProcess
TlsSetValue
FreeEnvironmentStringsA
Sleep

wininet

UnlockUrlCacheEntryFileA

gdi32

ColorMatchToTarget
SetGraphicsMode
DeleteMetaFile
ResetDCW
StartDocW
ArcTo
RestoreDC
GetMapMode
Escape
CreatePolyPolygonRgn
ResizePalette
SetBkColor

user32

SetWinEventHook
GetClassInfoExA
RegisterClassA
RegisterClassExA
DlgDirSelectComboBoxExW
WaitMessage
VkKeyScanW

Sections

.text
Size: 222KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 322KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d91964cc105dcbe60335c4824a9acfa

Headers

File Characteristics

Imports

advapi32

comctl32

kernel32

wininet

gdi32

user32

Sections

.text Size: 222KB - Virtual size: 221KB

.rdata Size: 10KB - Virtual size: 14KB

.data Size: 322KB - Virtual size: 321KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 222KB - Virtual size: 221KB

.rdata
Size: 10KB - Virtual size: 14KB

.data
Size: 322KB - Virtual size: 321KB

.rsrc
Size: 4KB - Virtual size: 4KB