c962c0e287e26d0cee9d8ea80673e992d84c93a2509c813155ee519e31265f91

Sharing

Copy URL Twitter E-mail

General

Target

c962c0e287e26d0cee9d8ea80673e992d84c93a2509c813155ee519e31265f91
Size

509KB
MD5

6f858384d71dcfc95183d1335dfb716a
SHA1

30e30ff391b396f90cf95c9ca6da1b8353dc80bc
SHA256

c962c0e287e26d0cee9d8ea80673e992d84c93a2509c813155ee519e31265f91
SHA512

8d34b0a3bbe05d682bb86075ab10e81e1cc625295203e71359823040353c218db69d38d8112225453a757d735954913738a2d6db3d8f3f9a3be0fcba7cac0c28
SSDEEP

6144:ZTDcqsC6Iy3Ocx1W+c6ftKSLGL3S3aSGtZGtVGGNidJIaGTGK7GspbVGwd8FYtHz:ZMqQbOK1Wi6qtxClherNeHHxA

Score

N/A

Malware Config

Signatures

Files

c962c0e287e26d0cee9d8ea80673e992d84c93a2509c813155ee519e31265f91
.exe windows x86

7670fae5d4768c038f4821dd3ffc41e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetWaitableTimer
CreateWaitableTimerA
LeaveCriticalSection
GetTickCount
EnterCriticalSection
WaitForSingleObject
CreateThread
InitializeCriticalSection
CreateEventA
ReleaseMutex
WideCharToMultiByte
lstrcmpW
DisconnectNamedPipe
FlushFileBuffers
WriteFile
ConnectNamedPipe
CreateNamedPipeA
ProcessIdToSessionId
GetCurrentProcessId
GetSystemDirectoryA
lstrcatA
lstrlenA
lstrcpyA
CreateFileA
GetFileSize
ReadFile
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
OpenProcess
OpenEventA
Sleep
SetEvent
WaitForMultipleObjects
CreateFileW
WriteConsoleW
SetStdHandle
MultiByteToWideChar
LCMapStringW
LoadLibraryW
HeapReAlloc
GetStringTypeW
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
QueryPerformanceCounter
HeapCreate
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
HeapSize
InterlockedDecrement
ExitProcess
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersion
ResetEvent
CreateMutexA
GetLastError
GetCurrentThreadId
SetLastError
GetModuleHandleW
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
CloseHandle
RaiseException
RtlUnwind
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
HeapFree
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter

advapi32

ChangeServiceConfig2A
RegSetValueExA
RegCreateKeyExA
OpenSCManagerA
DeleteService
OpenServiceA
RegCloseKey
StartServiceA
CreateServiceA
CloseServiceHandle
RegQueryValueExA
RegOpenKeyExA

user32

CharUpperW
RegisterWindowMessageA
LoadIconA
LoadCursorA
GetSystemMetrics
RegisterClassExA
BeginPaint
SetRect
DrawEdge
EndPaint
PostQuitMessage
SystemParametersInfoA
DestroyWindow
DefWindowProcA
CreateWindowExA
SendMessageA
SetWindowTextW
ShowWindow
UpdateWindow
SetWindowPos
GetMessageA
DispatchMessageA
TranslateMessage
SetForegroundWindow
GetCursorPos
TrackPopupMenu
PostMessageA
GetMenuItemCount
DeleteMenu
AppendMenuW
EnableMenuItem
CreatePopupMenu
LoadImageA
AppendMenuA
MessageBoxA
GetMenuState
CheckMenuItem
GetSystemMenu

gdi32

SelectObject
GetObjectA
BitBlt
DeleteDC
CreateFontIndirectA
GetStockObject
DeleteObject
CreateCompatibleDC

shell32

ShellExecuteA
Shell_NotifyIconA

shlwapi

PathQuoteSpacesA
SHRegGetPathA
SHGetValueA
SHDeleteValueA
SHSetValueA
PathUnquoteSpacesA

comctl32

InitCommonControlsEx

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.irdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7670fae5d4768c038f4821dd3ffc41e1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

shell32

shlwapi

comctl32

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 5KB - Virtual size: 16KB

.rsrc Size: 303KB - Virtual size: 303KB

.reloc Size: 9KB - Virtual size: 8KB

.irdata Size: 76KB - Virtual size: 76KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 5KB - Virtual size: 16KB

.rsrc
Size: 303KB - Virtual size: 303KB

.reloc
Size: 9KB - Virtual size: 8KB

.irdata
Size: 76KB - Virtual size: 76KB