24330bfb426b2287239e6a9729f472a288ac78a87599a6c7a67c4f79b8ff5ec6

Sharing

Copy URL Twitter E-mail

General

Target

24330bfb426b2287239e6a9729f472a288ac78a87599a6c7a67c4f79b8ff5ec6
Size

270KB
MD5

763fc33549f8d7e8e954d397eb1a4016
SHA1

178caf00c0f448c81440558a5a61b2fd0a4b2b4d
SHA256

24330bfb426b2287239e6a9729f472a288ac78a87599a6c7a67c4f79b8ff5ec6
SHA512

b45c0afde0ae9bea85b2402f19c6147e4ce42090f2182700f4fab427164c38768e23436c91f1ff6e8ceeb04d2c07f0fdc9f538c886b9ef0aa7c4b19838fe27bd
SSDEEP

6144:Rjp541Vrf1uwKe189KSKdy8tziwSM/cdYPde864oYzX3C:tLOxf1uwKe189K5dyozITn49zC

Score

N/A

Malware Config

Signatures

Files

24330bfb426b2287239e6a9729f472a288ac78a87599a6c7a67c4f79b8ff5ec6
.exe windows x86

f48de6b78e569804c7d021b7f75129bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

CreateFormatEnumerator
CoInternetQueryInfo
IsLoggingEnabledA

wininet

InternetSetOptionA
FtpRemoveDirectoryA
FtpCommandW
CreateUrlCacheGroup
InternetCheckConnectionW
InternetOpenUrlW
SetUrlCacheEntryInfoW

gdi32

AddFontResourceA
ArcTo
CheckColorsInGamut
Arc
CloseFigure
CreateCompatibleDC

crypt32

CryptBinaryToStringA
CertAddEnhancedKeyUsageIdentifier
CryptFindLocalizedName
CertUnregisterSystemStore
CertFindCRLInStore

mpr

WNetCloseEnum
WNetGetUniversalNameA
WNetGetConnectionA
WNetAddConnection3A
WNetGetResourceInformationA
WNetGetConnectionW

kernel32

HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
RaiseException
HeapSize
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW
GetLastError
HeapAlloc
LoadLibraryW
RtlUnwind
GetCPInfo
SetTimerQueueTimer
VirtualQueryEx
GetCurrentProcess
GetLongPathNameA
GetModuleHandleA
MoveFileA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
IsProcessorFeaturePresent
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapFree
Sleep

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f48de6b78e569804c7d021b7f75129bc

Headers

DLL Characteristics

File Characteristics

Imports

urlmon

wininet

gdi32

crypt32

mpr

kernel32

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 179KB - Virtual size: 178KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 179KB - Virtual size: 178KB