caa65917eb222fa0d233ce13b6a2605cadc40fadd83891e4cc0e8fe759cdd70c

Sharing

Copy URL Twitter E-mail

General

Target

caa65917eb222fa0d233ce13b6a2605cadc40fadd83891e4cc0e8fe759cdd70c
Size

589KB
MD5

9af53da95fd0593c1ba0d44f0456bc78
SHA1

1e6b6db8276337c0d54028dd5a8f854a0b002215
SHA256

caa65917eb222fa0d233ce13b6a2605cadc40fadd83891e4cc0e8fe759cdd70c
SHA512

6c83cbe8c237ccc62b6d2791d9472b2f831463fc0008895ad1243effb73b96d042e2cbe5b82b21e94c2a0d809af855c4f6fb7a71f60359d5a0a5e4ae43a2c7a7
SSDEEP

12288:0fHglxny2TcXRIYO/khIHlwk8iDy0nyrcPyxPd53SuFF2QFJxC:wAlxy8cXRIYLWHOIyqOzdv2Q3x

Score

N/A

Malware Config

Signatures

Files

caa65917eb222fa0d233ce13b6a2605cadc40fadd83891e4cc0e8fe759cdd70c
.exe windows x86

18639ece803a7badac01cc16368190e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFileExA
HttpSendRequestExW
HttpQueryInfoA
InternetCrackUrlA
InternetWriteFile
InternetOpenUrlW
InternetSetFilePointer
HttpEndRequestA
FtpRemoveDirectoryA
HttpQueryInfoW
HttpSendRequestExA
InternetReadFile
HttpAddRequestHeadersA
FtpFindFirstFileA
InternetOpenUrlA
HttpSendRequestA
GopherFindFirstFileA
InternetGetConnectedState
FtpSetCurrentDirectoryA
InternetCloseHandle

ws2_32

WSAEventSelect
WSAGetLastError
WSARecv
gethostbyname

kernel32

GlobalLock
GetModuleHandleW
CreateThread
MulDiv
GetCurrentProcessId
VirtualAlloc
GetProcessHeap
FindClose
lstrcmpW
GetDateFormatW
GlobalAlloc
WriteFile
GetCommandLineW
GetProfileStringW
UnhandledExceptionFilter
FreeLibrary
LocalReAlloc
GetComputerNameW
SetUnhandledExceptionFilter
GetModuleHandleA

user32

GetLastActivePopup
DialogBoxParamW
PostQuitMessage
SetDlgItemTextW
GetSystemMenu
LoadAcceleratorsW
ClientToScreen
DestroyCaret
ScreenToClient
OpenClipboard
DefWindowProcW
GetCursorPos
GetDesktopWindow
SetFocus
GetWindowLongW
SystemParametersInfoW
MessageBoxW
GetKeyState
SetClassLongW
InsertMenuItemW
SetWindowPlacement
LoadMenuW
SetMenuDefaultItem
SetRect
SetWindowPos
PeekMessageW
GetMenu
SetMenu
GetDlgItemInt
UpdateWindow
SetMenuItemInfoW
ValidateRect
GetMessageW
GetSysColorBrush
SetCaretPos
CheckDlgButton
DispatchMessageW
GetMessagePos
InflateRect
SetTimer
ReleaseDC
ShowWindow
GetFocus
IsDlgButtonChecked
GetClipboardData
GetKeyboardLayout

gdi32

CreateCompatibleDC
SetBkColor
CreatePen
EndDoc
ExcludeClipRect
EnumFontFamiliesW
SetAbortProc
CreatePatternBrush
SelectClipRgn
SetTextColor
CreateDIBSection
ExtFloodFill
CreateCompatibleBitmap
SetTextAlign
GetStockObject

comdlg32

GetSaveFileNameA
GetFileTitleA

advapi32

RegQueryValueExW

oleaut32

SysAllocStringLen

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 542KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18639ece803a7badac01cc16368190e1

Headers

DLL Characteristics

File Characteristics

Imports

wininet

ws2_32

kernel32

user32

gdi32

comdlg32

advapi32

oleaut32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 542KB - Virtual size: 542KB

.reloc Size: 34KB - Virtual size: 33KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 542KB - Virtual size: 542KB

.reloc
Size: 34KB - Virtual size: 33KB