c6ce1bcd9a4f63772bdbd031b3c15ae0e8780235797a34377e5b2dcbf2edae38

Sharing

Copy URL Twitter E-mail

General

Target

c6ce1bcd9a4f63772bdbd031b3c15ae0e8780235797a34377e5b2dcbf2edae38
Size

198KB
MD5

6695e938fe385e5b3f185906898d7b59
SHA1

36d292baa7b859e2617fb08343aa9872e70b448e
SHA256

c6ce1bcd9a4f63772bdbd031b3c15ae0e8780235797a34377e5b2dcbf2edae38
SHA512

633601198cba165c4cc272108112ee98e67e99f9e96e5495fd8063f6ace91a0b12a941e1ec36a743db2eb0ab78bd4d5cf878eea0ded977bdb9f70b476b852e1c
SSDEEP

6144:O7KE/I3cyLoL4CnT2zPMOnuNgQ3eUVCzxSx:O78c/cCnT9SQuUEzxa

Score

N/A

Malware Config

Signatures

Files

c6ce1bcd9a4f63772bdbd031b3c15ae0e8780235797a34377e5b2dcbf2edae38
.exe windows x86

ca0254ff776d2d2eb6e0413eb340eac9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptImportKey
CryptAcquireContextA
RegEnumKeyExA
RegCloseKey
RegQueryInfoKeyA
CryptDestroyHash
RegOpenKeyExA
CryptDestroyKey
RegEnumValueA
CryptCreateHash
CryptGetHashParam
RegCreateKeyExA
CryptEncrypt
RegQueryValueExA
RegSetValueExA
CryptHashData
CryptReleaseContext
RegDeleteValueA
RegDeleteKeyA

user32

CharNextA
GetDlgItem
GetParent
GetDesktopWindow
ReleaseCapture
SetWindowTextA
LoadCursorA
SetParent
MoveWindow
DrawTextA
GetActiveWindow
EnumDisplayDevicesA
PostMessageA
RegisterClassExA
SendNotifyMessageA
SetTimer
CopyRect
SetCapture
EqualRect
SetFocus
GetSysColor
MsgWaitForMultipleObjects
SendMessageTimeoutA
FindWindowA
CreateAcceleratorTableA
wvsprintfA
PeekMessageA
SendMessageA
wsprintfA
GetQueueStatus
SetWindowLongA
GetClientRect
EndPaint
ShowWindow
GetWindowLongA
UnregisterClassA
CreateWindowExA
PostThreadMessageA
SetRect
GetWindowRect
IsWindow
GetWindow
CreateDialogParamA
DestroyWindow
BeginPaint
DispatchMessageA
RedrawWindow
GetWindowTextLengthA
IsChild
GetClassInfoExA
InvalidateRect
GetFocus
DefWindowProcA
CallWindowProcA
DestroyAcceleratorTable
InvalidateRgn
KillTimer
GetDC
FillRect
GetWindowTextA
RegisterWindowMessageA
GetClassNameA
ReleaseDC
SetWindowPos

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

gdi32

GetDIBits
StretchDIBits
CreateDIBitmap
CreateSolidBrush
RealizePalette
ExtEscape
SelectPalette
BitBlt
CreateCompatibleBitmap
GetObjectA
SetStretchBltMode
SelectObject
GetDeviceCaps
CreateCompatibleDC
GetStockObject
DeleteDC
CreateFontA
CreateDIBSection
DeleteObject
SetBkMode

gdiplus

GdipCreateBitmapFromFileICM
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromFile
GdipFree
GdipGetImagePixelFormat
GdipCloneImage

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

winmm

timeGetTime
timeSetEvent

shlwapi

PathFileExistsW
PathCombineW

version

GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueW
VerQueryValueA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

ole32

OleInitialize
OleLockRunning
CoCreateInstance
OleUninitialize
CLSIDFromProgID
CreateStreamOnHGlobal
BindMoniker
CoTaskMemRealloc
GetRunningObjectTable
CoInitialize
CoSetProxyBlanket
CoInitializeSecurity
CoGetClassObject
CoTaskMemAlloc
StgOpenStorage
CreateItemMoniker
StgCreateDocfile
CreateBindCtx
CoTaskMemFree
CoUninitialize
StringFromGUID2
StgIsStorageFile
CLSIDFromString

kernel32

MultiByteToWideChar
VirtualProtect
GetShortPathNameW
IsBadReadPtr
SetEnvironmentVariableW
LoadLibraryExA
SetThreadPriority
GetSystemTimeAsFileTime
MulDiv
GetCurrentThread
QueryPerformanceCounter
IsDebuggerPresent
CreateFileMappingA
WaitForSingleObject
GetSystemTime
FreeLibrary
OutputDebugStringW
WideCharToMultiByte
RaiseException
WaitForMultipleObjects
lstrcpyA
CreateDirectoryA
Sleep
MapViewOfFile
OutputDebugStringA
GlobalLock
GetThreadLocale
InterlockedIncrement
GetModuleFileNameA
GetACP
LoadResource
GetProcessAffinityMask
FindResourceA
Beep
GlobalAlloc
VirtualFree
TerminateProcess
DeleteCriticalSection
InterlockedExchange
GetDriveTypeW
ReadFile
lstrcmpA
VirtualAlloc
LocalFree
EnterCriticalSection
lstrlenA
CreateSemaphoreA
SetEvent
LoadLibraryA
OpenFileMappingA
lstrcpynA
GetSystemInfo
ExitProcess
EnumResourceTypesW
GetCurrentProcess
GlobalUnlock
DeleteFileA
GetModuleHandleA
CreateEventA
CreateThread
GetLocaleInfoA
GetTickCount
GetProcAddress
CreateFileA
GetLastError
ResetEvent
GetProcessHeap
GetFileAttributesA
CreateDirectoryW
SizeofResource
LeaveCriticalSection
HeapFree
GetFileAttributesW
GetCurrentProcessId
FlushInstructionCache
WriteFile
VirtualQuery
GetTempPathA
IsBadWritePtr
GlobalFree
GetTempPathW
InterlockedDecrement
GetCurrentThreadId
lstrcmpiA
GlobalSize
_llseek
GlobalReAlloc
CloseHandle
LoadLibraryW
GetModuleFileNameW
InitializeCriticalSection
HeapAlloc
GetThreadPriority
DeviceIoControl
IsDBCSLeadByte
WriteProcessMemory
GetVolumeInformationW
GetVersionExA
lstrlenW

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca0254ff776d2d2eb6e0413eb340eac9

Headers

File Characteristics

Imports

advapi32

user32

wininet

gdi32

gdiplus

shell32

winmm

shlwapi

version

setupapi

ole32

kernel32

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 7KB - Virtual size: 6KB

.bss Size: 75KB - Virtual size: 74KB

.tls Size: 1024B - Virtual size: 348KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 7KB - Virtual size: 6KB

.bss
Size: 75KB - Virtual size: 74KB

.tls
Size: 1024B - Virtual size: 348KB