c62ad20230e49194febbf0e2187824cd8cb6bce5a512746be2f046f1ee0c40ba

Sharing

Copy URL Twitter E-mail

General

Target

c62ad20230e49194febbf0e2187824cd8cb6bce5a512746be2f046f1ee0c40ba
Size

244KB
MD5

a2c10ebc477114e1ec23ab45883d4082
SHA1

a007df2489d1b794aab78f38b2b6ada3c7f6888e
SHA256

c62ad20230e49194febbf0e2187824cd8cb6bce5a512746be2f046f1ee0c40ba
SHA512

3994ceb7c8320f9c2863514a06ae63888fcfade8f8416e5db4da7a7d8c0ee7e5a5d0e74f500881a2c4b7c063fe6ac780bf1b4ab9a67efa14fef7a23cabd1750d
SSDEEP

3072:TDYZsqXPx4HvtLC0oxSq37IeJ0oY9shta9Xk2gdWUipF3CitSqUbNA8E3JNOBR1:Tfq/iFuxrIV9sa3TtSqUe3JNOBR1

Score

N/A

Malware Config

Signatures

Files

c62ad20230e49194febbf0e2187824cd8cb6bce5a512746be2f046f1ee0c40ba
.exe windows x86

f6235775427aca426c78dbbb8ac2a55b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
CreatePipe
GetCurrentProcess
GetExitCodeProcess
TerminateProcess
TerminateThread
GlobalFree
GlobalAlloc
ReadFile
WaitForMultipleObjects
WriteFile
OpenProcess
GetProcessVersion
MoveFileA
GetCurrentThread
GetFileTime
CreateFileA
FormatMessageA
GetShortPathNameA
GetProcessHeap
GetDriveTypeA
RaiseException
InterlockedExchange
LocalAlloc
LCMapStringW
LCMapStringA
SetEndOfFile
GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
GetOEMCP
GetUserDefaultLangID
CompareStringW
CompareStringA
GetCPInfo
MultiByteToWideChar
SetStdHandle
IsBadCodePtr
IsBadReadPtr
CreateEventA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
SetFilePointer
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
FlushFileBuffers
GetFileType
GetStdHandle
SetHandleCount
WideCharToMultiByte
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
ExitProcess
GetFileAttributesA
RtlUnwind
CreateThread
LoadLibraryA
GetTempPathA
GetTempFileNameA
GetLocalTime
LocalFree
CopyFileA
GetComputerNameA
GetVersionExA
CreateMutexA
ReleaseMutex
GetPrivateProfileIntA
WritePrivateProfileStringA
SetEnvironmentVariableW
GetModuleHandleA
GetModuleFileNameA
GetPrivateProfileStringA
GetVersion
GetProcAddress
FreeLibrary
GetCurrentDirectoryA
SetCurrentDirectoryA
SetErrorMode
FindFirstFileA
FindNextFileA
FindClose
SetUnhandledExceptionFilter
OutputDebugStringA
DeleteFileA
WaitForSingleObject
CreateProcessA
GetLastError
Sleep
OpenEventA
SetEvent
CloseHandle
GetACP
WinExec

user32

GetWindowThreadProcessId
GetWindowTextA
EnumWindows
CheckDlgButton
EnableWindow
LoadStringA
SetMenuItemInfoA
GetCursorPos
ModifyMenuA
GetWindowRect
SetMenuDefaultItem
TrackPopupMenu
DestroyWindow
KillTimer
IsIconic
SendMessageA
GetWindowLongA
SetWindowLongA
EndDialog
CreateDialogParamA
DialogBoxParamA
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
GetDlgItem
GetClientRect
CheckMenuItem
MessageBoxA
ShowWindow
SetWindowPos
CreateWindowExA
SetForegroundWindow
FindWindowA
PostMessageA
GetKeyState
GetDlgCtrlID
RemovePropA
GetPropA
SetWindowTextA
SetFocus
LoadIconA
GetParent
IsDlgButtonChecked
PostQuitMessage
SetTimer
LoadImageA
SendDlgItemMessageA
GetSystemMenu
DeleteMenu
InsertMenuA
EnableMenuItem
GetMenu
AppendMenuA
LoadMenuA
GetSubMenu
RegisterWindowMessageA
InvalidateRect
PeekMessageA
UpdateWindow
CallWindowProcA
LoadCursorA
SetCursor

gdi32

SetBkColor
GetStockObject
GetObjectA
SetTextColor
SetBkMode
DeleteObject
SelectObject
CreateFontIndirectA
CreateBrushIndirect

shell32

Shell_NotifyIconA
ShellExecuteA

advapi32

RegQueryValueExA
RegCloseKey
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CloseServiceHandle
QueryServiceStatus
OpenSCManagerA
OpenServiceA
StartServiceA
ControlService
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegOpenKeyA

wininet

InternetQueryDataAvailable
InternetOpenA
InternetOpenUrlA
InternetSetOptionA
HttpQueryInfoA
InternetCloseHandle
InternetReadFile

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

InitCommonControlsEx

ws2_32

WSACleanup
htons
socket
WSAStartup
connect
closesocket
inet_addr

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f6235775427aca426c78dbbb8ac2a55b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

wininet

version

comctl32

ws2_32

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 60KB - Virtual size: 57KB

.0rdata Size: 72KB - Virtual size: 72KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 60KB - Virtual size: 57KB

.0rdata
Size: 72KB - Virtual size: 72KB