446db16cd6b2e65a3d33083625f449307baf244003d023ac41e3a7dea7e56a53

Sharing

Copy URL Twitter E-mail

General

Target

446db16cd6b2e65a3d33083625f449307baf244003d023ac41e3a7dea7e56a53
Size

798KB
MD5

0283cbeab3d6756502e2f226c7f1b760
SHA1

d0afae669f2ae2db1cc8f056de67b5de6d5306da
SHA256

446db16cd6b2e65a3d33083625f449307baf244003d023ac41e3a7dea7e56a53
SHA512

37f65c8b28229605dae4177c3f86ccccd430ff3f24b55b9d55bcb6d89d820290c94d2834336cc19bfaa6b3c23f5b1d499b33762a8fa600f0ab8d811e772ab76b
SSDEEP

12288:f7/4jB2HDNbjmRVTY2fRur+eAm5BvEau+QpHBQLY3d+vnp:fze2HDZyfAfPLAwh

Score

N/A

Malware Config

Signatures

Files

446db16cd6b2e65a3d33083625f449307baf244003d023ac41e3a7dea7e56a53
.exe windows x86

cc852324b8bacfbfdd5f2ec37dd804da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
WriteFile
SetEndOfFile
CreateFileW
GetFileAttributesW
UnmapViewOfFile
CreateFileA
GetFileSize
MapViewOfFile
CreateFileMappingA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetStringTypeExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WideCharToMultiByte
GetSystemDirectoryA
InterlockedCompareExchange
SetFilePointer
GetVersion
GetEnvironmentVariableA
Sleep
FindFirstFileA
FindFirstFileW
FindNextFileA
FindResourceW
DeleteCriticalSection
InitializeCriticalSection
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CloseHandle
IsDebuggerPresent
ExitProcess
EnumResourceLanguagesW
EnumResourceNamesW
EnumResourceTypesW
LoadLibraryA
GetProcAddress
GetLastError
FindResourceExW
LoadResource
SizeofResource
SetLastError
LockResource
GetCommandLineW
GetCurrentDirectoryW
MultiByteToWideChar
HeapAlloc
LocalFree
GlobalFree
RaiseException
GetModuleHandleW
FormatMessageW
GetProcessHeap
HeapFree
GetCurrentProcess
lstrlenA
lstrcpyA
lstrlenW
lstrcmpiA
InterlockedIncrement
InterlockedDecrement
FindNextFileW
GetFileInformationByHandle
GetFullPathNameA
RemoveDirectoryA
RemoveDirectoryW
GetFileAttributesA
SetFileAttributesA
SetFileAttributesW
CopyFileA
CopyFileW
DeleteFileA
DeleteFileW
CreateDirectoryA
CreateDirectoryW
AreFileApisANSI
GetOEMCP
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapSize
DebugBreak
OutputDebugStringA
LoadLibraryExA
FreeLibrary
LoadLibraryExW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
GetFullPathNameW
ReadFile
FindClose

msvcrt

memmove
_purecall
??3@YAXPAX@Z
_wcsicmp
_iob
?terminate@@YAXXZ
_controlfp
??1type_info@@UAE@XZ
_onexit
strchr
iswspace
qsort
_snprintf
bsearch
strtoul
malloc
_snwprintf
_itow
atoi
_itoa
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__winitenv
exit
_cexit
_XcptFilter
_exit
_c_exit
memset
strncmp
_wcslwr
_wcsnicmp
wcsrchr
realloc
__CxxFrameHandler
_vsnwprintf
wcsstr
_except_handler3
_CxxThrowException
free
vwprintf
vfprintf
fputs
??2@YAPAXI@Z
printf
fprintf
_vsnprintf
wcstoul
wcsspn
wcschr
_ui64tow

ole32

StringFromIID
CoUninitialize
CoCreateInstance
CoInitialize
StringFromCLSID
CoTaskMemFree
CLSIDFromString

oleaut32

LoadTypeLibEx
VariantClear
VariantChangeType
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysAllocStringLen
VarBstrCat
SysStringLen
SysFreeString

user32

CharNextW
CharNextA
wsprintfW

shell32

CommandLineToArgvW

imagehlp

ImageDirectoryEntryToData
ImageNtHeader
ImageRvaToVa
ImageGetDigestStream

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegEnumValueW
RegEnumValueA
RegQueryValueExW
RegQueryValueExA
RegSetValueExW
RegSetValueExA
RegCreateKeyExW
RegCreateKeyExA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteKeyW
RegDeleteValueW
RegDeleteValueA
RegQueryInfoKeyA
RegCloseKey
CryptGetHashParam
CryptCreateHash
CryptAcquireContextA
CryptHashData
CryptSetHashParam
CryptImportKey
CryptVerifySignatureW
CryptReleaseContext
CryptDestroyHash
CryptDestroyKey
CryptAcquireContextW
CryptExportKey
CryptGenRandom
CryptSignHashA
CryptGetUserKey
RegEnumKeyExW

Sections

.text
Size: 666KB - Virtual size: 665KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cc852324b8bacfbfdd5f2ec37dd804da

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ole32

oleaut32

user32

shell32

imagehlp

advapi32

Sections

.text Size: 666KB - Virtual size: 665KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 115KB - Virtual size: 116KB

.text
Size: 666KB - Virtual size: 665KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 115KB - Virtual size: 116KB