cabd222e1ce0494d66dc81d37493c0b4226f636ea147beac6d81466d68d467bb

Sharing

Copy URL Twitter E-mail

General

Target

cabd222e1ce0494d66dc81d37493c0b4226f636ea147beac6d81466d68d467bb
Size

259KB
MD5

856a1c1a633c48ccdd61f9d26eb802d3
SHA1

f7c2cabd6332b7f829e65ef9a9cbb4f21f2bc2a1
SHA256

cabd222e1ce0494d66dc81d37493c0b4226f636ea147beac6d81466d68d467bb
SHA512

f21964137791644931111ef2d319f8975a01fb4fbae3c0f1bb1f4094bd05a80dc0605273499af8dc5a0509eca5bb4eaa8d8ba29d7fd00676b35992dfbe712fa9
SSDEEP

6144:8wZgCbMLFTajcpsXHcjexBfXbmi7duv2Jhy3tOO9:8TCY0As3c8BfKB4XM

Score

N/A

Malware Config

Signatures

Files

cabd222e1ce0494d66dc81d37493c0b4226f636ea147beac6d81466d68d467bb
.exe windows x86

824806166df847cf3eb07ce68f04b9ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassInfoW
FindWindowExW
GetClassLongA
FindWindowA
LoadCursorA
ShowWindow

advapi32

CryptSignHashA
StartServiceW
GetUserNameW
CreateServiceA
CryptGetProvParam
CryptReleaseContext
LookupAccountSidW
RegConnectRegistryW
CryptHashData
RegEnumKeyW
RegQueryInfoKeyA
GetUserNameA
RegCreateKeyW
RegOpenKeyExA
RegSaveKeyA
CryptGetHashParam
CryptEnumProviderTypesA
LookupSecurityDescriptorPartsW
CryptGenKey
LookupSecurityDescriptorPartsA
RegQueryValueW

gdi32

GetTextCharacterExtra
GetWindowExtEx
SaveDC
CreateDIBSection
CreateEllipticRgn
GetTextMetricsW

wininet

HttpSendRequestW
CreateUrlCacheGroup
GetUrlCacheEntryInfoExA

kernel32

LeaveCriticalSection
SetUnhandledExceptionFilter
GetCurrentThreadId
GetVersionExA
IsValidCodePage
lstrcmpiW
HeapSize
GetCommandLineW
HeapFree
DeleteCriticalSection
GetDateFormatA
TlsAlloc
GetCurrentProcess
GetStdHandle
GetACP
GlobalDeleteAtom
GetCPInfo
GetOEMCP
GetEnvironmentStringsW
WriteFile
GetModuleFileNameA
GetLastError
GetTickCount
GetStringTypeW
IsDebuggerPresent
EnterCriticalSection
GetEnvironmentStrings
CompareStringW
RtlUnwind
EnumSystemLocalesA
GetModuleHandleA
lstrcmpW
SetEnvironmentVariableA
GetProfileSectionW
GetFileType
LoadLibraryA
HeapAlloc
GetLocaleInfoW
IsValidLocale
GetTimeZoneInformation
SetConsoleCtrlHandler
FreeLibrary
TlsFree
GetCurrentDirectoryA
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetCurrentProcessId
InterlockedExchange
OutputDebugStringA
FreeEnvironmentStringsA
GetProcAddress
TerminateProcess
MultiByteToWideChar
LCMapStringW
LCMapStringA
EnumTimeFormatsW
VirtualAlloc
VirtualFree
InitializeCriticalSection
ExitProcess
GetStartupInfoA
SetLastError
SetHandleCount
GetSystemTimeAsFileTime
GetCurrentThread
GetTimeFormatA
GetStartupInfoW
HeapDestroy
GetUserDefaultLCID
WideCharToMultiByte
GetProcessHeap
TlsGetValue
VirtualQuery
QueryPerformanceCounter
GetStringTypeA
TlsSetValue
InterlockedDecrement
GetLocaleInfoA
InterlockedIncrement
GetModuleFileNameW
GlobalFree
WriteProfileStringA
GetCommandLineA
WriteConsoleOutputCharacterA
HeapCreate
FindFirstFileExA
HeapReAlloc
Sleep
CompareStringA

shell32

SHGetSpecialFolderPathA
RealShellExecuteA
SHFileOperationA
DragQueryFile
SHGetDataFromIDListA
SHGetNewLinkInfo

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

824806166df847cf3eb07ce68f04b9ba

Headers

File Characteristics

Imports

user32

advapi32

gdi32

wininet

kernel32

shell32

Sections

.text Size: 118KB - Virtual size: 118KB

.data Size: 138KB - Virtual size: 156KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 118KB - Virtual size: 118KB

.data
Size: 138KB - Virtual size: 156KB

.rsrc
Size: 2KB - Virtual size: 1KB