1c783da2b8458f9e6b5d62d17bdfe10fb67210464be709c9de1e4a0cec9c838e

Sharing

Copy URL

Twitter E-mail

General

Target

1c783da2b8458f9e6b5d62d17bdfe10fb67210464be709c9de1e4a0cec9c838e
Size

196KB
MD5

71255a9dbdf1ba35ced48e70177fe290
SHA1

d8204c7af65f426efb43a87d33a5ae9703e59620
SHA256

1c783da2b8458f9e6b5d62d17bdfe10fb67210464be709c9de1e4a0cec9c838e
SHA512

1b5d936fa2a040e702d6c89450c7a56f4a618fefeb59e676ccb636e80a935c963028a26216da1cd55533c84b9e4b1ffe1310c2f3e97135077b45fb2fc3e5e3fc
SSDEEP

3072:aM65zTN7RH9AvfmE3fpp0dL5qxpubZyejITv9fXFg1:1mTNJ0fmE3Bp0dLiobP+v9fVa

Score

N/A

Malware Config

Signatures

Files

1c783da2b8458f9e6b5d62d17bdfe10fb67210464be709c9de1e4a0cec9c838e
.exe windows x86

559ea2d92c5991a634b8d2ac3b9a7cef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
PathQuoteSpacesA
PathUnquoteSpacesA
PathAppendA
PathRemoveArgsA
StrRChrA

kernel32

SetEvent
GetTickCount
IsBadReadPtr
ExpandEnvironmentStringsA
GetWindowsDirectoryA
WriteFile
InitializeCriticalSection
OpenProcess
FindResourceExA
WideCharToMultiByte
GetVolumeInformationA
Sleep
SizeofResource
CreateEventA
LeaveCriticalSection
GetFileAttributesA
GetExitCodeProcess
CreateProcessA
TerminateProcess
IsDBCSLeadByte
ReadFile
GetSystemDirectoryA
GetEnvironmentVariableA
MultiByteToWideChar
lstrlenW
RaiseException
GetShortPathNameA
FindFirstFileA
GetLastError
lstrcmpiA
GetProcAddress
EnterCriticalSection
GetTempFileNameA
FindClose
LoadLibraryA
GetProcessId
CreateFileMappingA
GetExitCodeThread
WaitForSingleObject
CreateEventW
GetModuleFileNameA
FindNextFileA
GetModuleHandleA
LoadLibraryExA
VirtualProtect
OpenEventW
DeleteCriticalSection
GetCurrentThreadId
DuplicateHandle
GetVersionExA
CloseHandle
GetTempPathA
GetSystemTime
DeleteFileA
lstrcpyA
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
LoadResource
FreeLibrary
lstrcpynA
MapViewOfFile
lstrlenA
lstrcmpA
GetProcessHeap
FindResourceA
GetFileSize
CreateFileA
GetComputerNameA
ExitProcess
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
SetFilePointer
GetLocaleInfoA
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
LockResource
HeapFree
HeapAlloc
VirtualAlloc
GetModuleHandleW
GetSystemInfo
VirtualQuery
GetCommandLineA
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
HeapReAlloc
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStringTypeA
GetStringTypeW
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount

user32

PostMessageA
GetMessageA
CharNextA
DefWindowProcA

advapi32

StartServiceA
CloseServiceHandle
RegCloseKey
GetUserNameA
QueryServiceConfigA
OpenSCManagerA
QueryServiceStatusEx
RegDeleteValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
EnumServicesStatusExA
CreateServiceA
RegSetValueExA
GetTokenInformation
OpenProcessToken
OpenServiceA

shell32

ShellExecuteA
SHGetSpecialFolderPathA
ShellExecuteExA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
CoCreateInstance
CoTaskMemRealloc
StringFromGUID2
CoInitialize

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

559ea2d92c5991a634b8d2ac3b9a7cef

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 172KB - Virtual size: 179KB

.rsrc Size: 8KB - Virtual size: 8KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 172KB - Virtual size: 179KB

.rsrc
Size: 8KB - Virtual size: 8KB