cb87e2818e09008a5f27523785feb665fe7c313276bac384a8c097a9225a111c

Sharing

Copy URL Twitter E-mail

General

Target

cb87e2818e09008a5f27523785feb665fe7c313276bac384a8c097a9225a111c
Size

230KB
MD5

d4c93ed49d5f831b71069cfac600c989
SHA1

5af4c721ccb5c2f2294fc391b1425e3554683173
SHA256

cb87e2818e09008a5f27523785feb665fe7c313276bac384a8c097a9225a111c
SHA512

3f28e259ef728b3245a417c88f4effd912d476a2832f405bc59d5b404822ec5b3a21ce75a03e82f23e16055c6677f93af512cbf8e03e0804011b9537a6b8c232
SSDEEP

6144:jBt3TUJdnY4U0MRsdpBKuG6EUmxFs/9ehBxP3o4LV7M59On4:jBtDU7Yt0MMKuGTxzyO

Score

N/A

Malware Config

Signatures

Files

cb87e2818e09008a5f27523785feb665fe7c313276bac384a8c097a9225a111c
.exe windows x86

9ef499b0179e928873fbf49d0d081440

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathW
SHGetDesktopFolder
SHAddToRecentDocs

kernel32

GetTapeParameters
GetThreadContext
FormatMessageA
GetCPInfo
ReadFileScatter
EnumResourceNamesA
TryEnterCriticalSection
CreateDirectoryA
SetThreadAffinityMask
GetEnvironmentVariableW
EnumCalendarInfoW
OutputDebugStringA
DeleteFiber
SetEnvironmentVariableW
CreateNamedPipeW
VirtualProtect
SystemTimeToFileTime
SetSystemTime
GetStringTypeExW
FlushFileBuffers
SetTimeZoneInformation
WaitNamedPipeA
EnumResourceLanguagesW
WriteProcessMemory
EndUpdateResourceA
SearchPathW
GetFileAttributesExA
GetBinaryTypeA
GetProcessTimes
_lread
WriteConsoleOutputW
CreateProcessA
GetOverlappedResult
_hread
SuspendThread
LoadResource
CreateFileW
EnumDateFormatsW
LocalFileTimeToFileTime
ExpandEnvironmentStringsW
GetCompressedFileSizeW
ReadConsoleA
CancelIo
ClearCommBreak
SetCommTimeouts
SetConsoleActiveScreenBuffer
GlobalFlags
GetCommState
CloseHandle
GetCommandLineW
SwitchToFiber
GetSystemDirectoryW
LocalLock
ReleaseSemaphore
OutputDebugStringW
FindFirstFileA
GetComputerNameW
WritePrivateProfileSectionA
QueryDosDeviceW
GetSystemDefaultLangID
GetCurrentDirectoryW
GetCommModemStatus
LocalReAlloc
IsBadReadPtr
ConnectNamedPipe
SetConsoleMode
CreateMutexW
SetCurrentDirectoryA
GetModuleFileNameW
FindResourceExA
ReadFile
EnumSystemCodePagesW
EnumTimeFormatsW
GetStartupInfoA
GetTempPathW
SetConsoleWindowInfo
RemoveDirectoryA
FindResourceExW
GetConsoleMode
GetDateFormatA
GetFullPathNameA
GetUserDefaultLCID
VirtualAlloc
GetModuleHandleA
GlobalFree

ws2_32

WSAEventSelect
WSARecvDisconnect
WSAGetServiceClassNameByClassIdA
WSARecv
WSACleanup

ole32

OleCreate
ProgIDFromCLSID
StringFromGUID2
OleSetContainedObject
OleGetIconOfClass
CreateOleAdviseHolder
MkParseDisplayName
RevokeDragDrop
PropVariantCopy
CoCreateInstanceEx

advapi32

LogonUserW
OpenThreadToken
IsValidSid
MakeAbsoluteSD
OpenServiceW
MapGenericMask
CryptAcquireContextA
EnumDependentServicesW
CryptImportKey
SetSecurityDescriptorSacl
RegDeleteValueW
InitiateSystemShutdownW
BuildTrusteeWithNameW
RegisterServiceCtrlHandlerW
GetSidSubAuthority
InitializeSecurityDescriptor
SetNamedSecurityInfoA
SetEntriesInAclW
StartServiceW
RegUnLoadKeyA

oleaut32

SafeArrayGetLBound

user32

CloseWindow
GetAncestor
SetScrollInfo
GetSystemMetrics
RegisterDeviceNotificationA
IsWindowUnicode
IsWindow
GetSysColorBrush
SetClipboardViewer
RemoveMenu
InflateRect
CreateMenu
SystemParametersInfoA
EnableMenuItem
GetMonitorInfoW
DrawFrameControl
GetMessageA
InSendMessage
PostThreadMessageW
UnloadKeyboardLayout
HideCaret
GetIconInfo
InsertMenuItemW
MessageBoxExA
CloseDesktop
EndMenu
ChangeMenuA
TranslateMessage
IsCharAlphaW
CreateIcon
PostThreadMessageA
InvalidateRgn
GetKeyNameTextA
SetWindowContextHelpId
RemovePropA
CharUpperW
LoadKeyboardLayoutA
MenuItemFromPoint
IsWindowVisible
MessageBoxA
SetClassLongW
DrawCaption
RegisterHotKey
DestroyCaret
SetWindowsHookW
ActivateKeyboardLayout
CreateWindowExA
IsCharAlphaNumericW
SetMenuDefaultItem
UnionRect

version

GetFileVersionInfoSizeA

msvcrt

fscanf
_mbsnextc
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_iob
puts
tolower
wcsspn
mbtowc
_umask
iswctype
fgetws
_sys_errlist
ceil
isalpha
_strupr
_wsopen
_mbstrlen
freopen
_wfullpath
_i64tow
_strnicmp
_mbslen
_exit
_lseek
longjmp
calloc
getenv
vswprintf
isalnum
remove
localtime
_sleep
_wcsnicmp
_wtoi64
_pipe

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9ef499b0179e928873fbf49d0d081440

Headers

File Characteristics

Imports

shell32

kernel32

ws2_32

ole32

advapi32

oleaut32

user32

version

msvcrt

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 32KB - Virtual size: 32KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 32KB - Virtual size: 32KB