c3e510777ec6da0e23a097c1408d0a801bc85cef0451cac02d4cc459faac7123

Sharing

Copy URL Twitter E-mail

General

Target

c3e510777ec6da0e23a097c1408d0a801bc85cef0451cac02d4cc459faac7123
Size

385KB
MD5

06dab58b89c3dcc28de2f323a799cb24
SHA1

01ab67070ada99b892b36a56356304ba120e3257
SHA256

c3e510777ec6da0e23a097c1408d0a801bc85cef0451cac02d4cc459faac7123
SHA512

c45ec3229d2a3b61f1bd691ccb4ec439d03ecb0e1ffa92e0981d8653d21dcf698110e094a54347edac6cd3e2c429b686b7f916ee959ae48f922601f14039cb2d
SSDEEP

6144:FGgezhaeZIvg4iBf3Z2DfghEeh79743OuH1yT1aN8qrV0:FGfks4NiBh2DKEiWODS8

Score

N/A

Malware Config

Signatures

Files

c3e510777ec6da0e23a097c1408d0a801bc85cef0451cac02d4cc459faac7123
.exe windows x86

1fecf71488bf3db44716f37c51a6201d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindNextFileA
FindFirstFileA
CopyFileA
GetDriveTypeA
PeekConsoleInputA
GetTickCount
CompareStringW
CompareStringA
ReadFile
SetEndOfFile
SetFilePointer
GetConsoleOutputCP
WriteConsoleA
WinExec
Sleep
GetSystemWindowsDirectoryA
GetSystemDirectoryA
SetEnvironmentVariableA
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
MoveFileA
DeleteFileA
GetModuleFileNameW
WriteConsoleW
GetFileType
GetStdHandle
GetModuleHandleW
GetProcAddress
ExitProcess
GetLocalTime
GetLogicalDrives
RaiseException
RtlUnwind
GetCommandLineA
GetStartupInfoA
HeapValidate
IsBadReadPtr
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
DebugBreak
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryA
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
GetModuleHandleA
GetCurrentDirectoryA
LoadLibraryW
WriteFile
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
FreeLibrary
InitializeCriticalSectionAndSpinCount
CloseHandle
SetHandleCount
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
OutputDebugStringA
OutputDebugStringW
GetProcessHeap
VirtualQuery
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
CreateFileA
GetNumberOfConsoleInputEvents

user32

PostMessageA
FindWindowA
FindWindowExA
GetAsyncKeyState
EnableWindow
MessageBoxA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
SetCursorPos
SendMessageA
ShowWindow

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

shell32

SHFileOperationA

Sections

.text
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ksifwrt
Size: 4KB - Virtual size: 72KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1fecf71488bf3db44716f37c51a6201d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 208KB - Virtual size: 208KB

.rdata Size: 57KB - Virtual size: 56KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 108KB - Virtual size: 109KB

ksifwrt Size: 4KB - Virtual size: 72KB

.text
Size: 208KB - Virtual size: 208KB

.rdata
Size: 57KB - Virtual size: 56KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 108KB - Virtual size: 109KB

ksifwrt
Size: 4KB - Virtual size: 72KB