cf71cb8ddaaec9b3f89d7b74bd726a770616cbdd9f760fa5aa90c8a1851a108e

Sharing

Copy URL Twitter E-mail

General

Target

cf71cb8ddaaec9b3f89d7b74bd726a770616cbdd9f760fa5aa90c8a1851a108e
Size

1.3MB
MD5

65547e61f0184398cdbb52767e86f8f0
SHA1

109420817d967f7e60c61984aeae0d0a42048021
SHA256

cf71cb8ddaaec9b3f89d7b74bd726a770616cbdd9f760fa5aa90c8a1851a108e
SHA512

e18257795787200578a145363ab655a3970ef6faa70e63a2c550200829e20d24c32a23acfe7e7407b5ae69cc0af33d5846b4de741678d9d216ade333842cffa8
SSDEEP

24576:WCrreYv1Si6GZz+a12bTfU7G0Er+qr2i1smvx1sKyYiLgt2C4:WCrreYtSi6Gs/U7GHrVnyem

Score

N/A

Malware Config

Signatures

Files

cf71cb8ddaaec9b3f89d7b74bd726a770616cbdd9f760fa5aa90c8a1851a108e
.exe windows x86

f46bfff0a0b061406fdd324acff2c3f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryExA
GetProcAddress
GetStdHandle
DeleteTimerQueueEx
GlobalMemoryStatus
OpenSemaphoreA
SetNamedPipeHandleState
GetConsoleCP
MulDiv
IsDBCSLeadByte
GetVolumePathNameA
ResetWriteWatch
GetDiskFreeSpaceA
GetTimeFormatA
GetFileAttributesExW
OpenFileMappingA
GetWindowsDirectoryA
GetShortPathNameW
DosDateTimeToFileTime
GetDriveTypeA
GetPrivateProfileStructA
CancelWaitableTimer
GetConsoleAliasesA
FindFirstVolumeA
ResumeThread
CreateWaitableTimerW
ExpandEnvironmentStringsW
GetStartupInfoA
GetLogicalDriveStringsA
SetFileTime
GetEnvironmentVariableW
GetConsoleAliasesW
VerSetConditionMask
GetConsoleOutputCP
SetErrorMode
GetVolumePathNameW
GetDateFormatA
FindResourceExA
IsValidCodePage
GetEnvironmentStrings
CreateSemaphoreA
GetUserDefaultLangID
GetProcessWorkingSetSize
VirtualAlloc
QueryInformationJobObject
GetACP
FindAtomW
EnumCalendarInfoExA
OpenSemaphoreW
GetPrivateProfileIntA
MapUserPhysicalPagesScatter
GetProfileSectionA
CreateMutexW
SetThreadIdealProcessor
GetProcessTimes
MultiByteToWideChar
CreateFileMappingW
GetCommandLineA
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetOEMCP
HeapAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

comctl32

ord17
ImageList_AddMasked
FlatSB_GetScrollPos
ImageList_DrawIndirect
FlatSB_SetScrollProp
ImageList_DragEnter
PropertySheetW
InitCommonControlsEx
ImageList_GetIconSize

advapi32

GetSidSubAuthorityCount
RegQueryValueExW
RegCreateKeyW
SetNamedSecurityInfoW
SetEntriesInAclW
RegNotifyChangeKeyValue
LookupAccountSidW
RegDeleteValueA
AddAccessAllowedAce
AdjustTokenPrivileges
OpenServiceW
SetSecurityDescriptorOwner
GetSecurityDescriptorOwner
RegisterEventSourceW
RegFlushKey
EqualSid
RegEnumKeyExA
CryptGetHashParam
RegOpenKeyA
ReportEventW
RegCloseKey
RegEnumValueA
CheckTokenMembership
RegDeleteKeyW
LsaClose
SetFileSecurityW
RegEnumKeyExW
CloseServiceHandle
RegQueryInfoKeyA
CreateWellKnownSid
GetSecurityDescriptorLength
FreeSid
GetSidLengthRequired
CryptCreateHash
SetSecurityDescriptorGroup
AddAce
GetAclInformation
OpenSCManagerA
GetSecurityDescriptorDacl
GetLengthSid
StartServiceA
LookupAccountNameW
RegCreateKeyExA
RegEnumKeyA
CryptReleaseContext
RegDeleteValueW
ChangeServiceConfigW
SetThreadToken

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 758KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.7qp0
Size: 414KB - Virtual size: 413KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f46bfff0a0b061406fdd324acff2c3f9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

advapi32

Sections

.text Size: 159KB - Virtual size: 159KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 758KB - Virtual size: 760KB

.7qp0 Size: 414KB - Virtual size: 413KB

.rsrc Size: 39KB - Virtual size: 38KB

.text
Size: 159KB - Virtual size: 159KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 758KB - Virtual size: 760KB

.7qp0
Size: 414KB - Virtual size: 413KB

.rsrc
Size: 39KB - Virtual size: 38KB