1c3921407e00691f38cb90999d75e9b13fea674287f0155974dee5a27e70d311

Sharing

Copy URL Twitter E-mail

General

Target

1c3921407e00691f38cb90999d75e9b13fea674287f0155974dee5a27e70d311
Size

1.5MB
MD5

72a869bf2d919c5f2c87850868536e93
SHA1

ea3aa57105a57ea8e86a345072fc79c3e16407ab
SHA256

1c3921407e00691f38cb90999d75e9b13fea674287f0155974dee5a27e70d311
SHA512

2594e0a9b6c6e7cb60b836b5558413fadafa7814f381fd1b9d2ad423bcfbb3c79f7e597afab271f5f3e4b2067699e8b9b821de9758059462b3206c3378b1e051
SSDEEP

12288:xhDg2MOgSmWfvxTSgz/jhHYGep3YXNKJoqS3wATH4AIWQ/BHqf23i1fCFxXT5h:rgSL8gzrajYDk55vv

Score

N/A

Malware Config

Signatures

Files

1c3921407e00691f38cb90999d75e9b13fea674287f0155974dee5a27e70d311
.exe windows x86

6c2e231f63a627a377d4c7c56089e97c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCtrlHandler
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetCPInfo
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
GetStdHandle
WriteFile
TerminateProcess
ExitProcess
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
VirtualQuery
InterlockedExchange
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
SetLastError
TlsAlloc
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
DeleteCriticalSection
GetVersionExA
FlushFileBuffers
GetLocaleInfoW
ReadFile
CompareStringA
CompareStringW
GetCommandLineW
GetVersionExW
WaitForSingleObject
ReleaseMutex
DeleteFileW
FindNextFileW
RemoveDirectoryW
FindFirstFileW
FindClose
SetFileAttributesW
MoveFileExW
GetWindowsDirectoryW
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
SetFilePointer
SetEndOfFile
CreateFileW
CreateProcessW
GetExitCodeProcess
CloseHandle
GetCurrentThread
LocalAlloc
LocalFree
WideCharToMultiByte
GetCurrentProcess
lstrcmpiW
GetUserDefaultLCID
lstrcpynW
lstrcatW
Sleep
lstrlenW
CreateMutexW
GetLastError
lstrcmpW
OutputDebugStringW
MultiByteToWideChar
GetModuleHandleW
GetProcAddress
FreeLibrary
GetUserDefaultLangID
lstrcpyW
LoadLibraryW
GetSystemDirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetModuleFileNameA
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
RtlUnwind
GetModuleHandleA
SetEnvironmentVariableA

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

user32

FindWindowExW
IsWindowVisible
PostQuitMessage
PtInRect
MessageBoxW
SystemParametersInfoW
ReleaseDC
SendDlgItemMessageW
wvsprintfW
wsprintfA
ExitWindowsEx
GetClassNameW
MapWindowPoints
MapDialogRect
InvalidateRect
CallWindowProcW
LoadImageW
IsWindowEnabled
SetFocus
DestroyWindow
KillTimer
SetWindowTextW
GetClientRect
GetWindowRect
ScreenToClient
CheckDlgButton
MoveWindow
IsDlgButtonChecked
CheckRadioButton
EnableWindow
LoadStringW
SetWindowLongW
DialogBoxParamW
SetDlgItemTextW
EndDialog
SetTimer
GetDlgItem
IsWindow
GetDC
LoadCursorW
RegisterClassExW
CreateWindowExW
ShowWindow
UpdateWindow
DefWindowProcW
BeginPaint
EndPaint
GetParent
FindWindowW
SendMessageW
PostMessageW
EnumDisplaySettingsW
GetSystemMetrics
ChangeDisplaySettingsW
wsprintfW
GetWindowLongW

gdi32

CreateFontW
GetDeviceCaps
GetObjectW
CreateBrushIndirect
PatBlt
GetPixel
CreateCompatibleDC
CreateBitmap
CreateCompatibleBitmap
SetStretchBltMode
StretchBlt
BitBlt
SetBkColor
GetStockObject
CreateFontIndirectW
SelectObject
SetTextColor
GetTextExtentPoint32W
TextOutW
DeleteObject
CreateDCW
DeleteDC
SetBkMode

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegDeleteValueW
RegFlushKey
RegEnumKeyExW
RegLoadKeyW
RegUnLoadKeyW
RegDeleteKeyW
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
FreeSid
RegCreateKeyExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey

shell32

ShellExecuteW

Sections

.text
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6c2e231f63a627a377d4c7c56089e97c

Headers

File Characteristics

Imports

kernel32

version

user32

gdi32

comctl32

advapi32

shell32

Sections

.text Size: 232KB - Virtual size: 229KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 12KB - Virtual size: 48KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.text
Size: 232KB - Virtual size: 229KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 12KB - Virtual size: 48KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB