2ce5cb0272ace74f90c0ce1fe9b7c7467da9b33bee99a3c907f910a7e0901831

Sharing

Copy URL Twitter E-mail

General

Target

2ce5cb0272ace74f90c0ce1fe9b7c7467da9b33bee99a3c907f910a7e0901831
Size

207KB
MD5

670531059ed48988ff98bde3b7e69875
SHA1

4e7370c202b3a48773e6cdc69456078a6ddee2db
SHA256

2ce5cb0272ace74f90c0ce1fe9b7c7467da9b33bee99a3c907f910a7e0901831
SHA512

4ea51e26651ec0840b0603eb910ffbb7d44925205d31028d5db3fba953767ee9b6ef210d7580f451bda2ec37c1b217a0334a53252d2cda8bd8d537e902ef4daf
SSDEEP

3072:warvEqiP7375TmhB75cAvStJ9QgxtiLDN2qOB7C38fNdm3UkMr1:wq8qiP/YjuAKag3ODY71PWk

Score

N/A

Malware Config

Signatures

Files

2ce5cb0272ace74f90c0ce1fe9b7c7467da9b33bee99a3c907f910a7e0901831
.dll windows x86

64f8fafe463fa0892b3b62e460df0bab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
UnmapViewOfFile
GetEnvironmentVariableW
GetFullPathNameW
GetTempFileNameW
DeleteFileW
HeapAlloc
GetFileType
CreateThread
WaitForSingleObject
GetCommandLineW
SetLastError
GetComputerNameExW
CompareFileTime
FindResourceW
CreateFileMappingW
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
GetSystemDirectoryW
GetModuleHandleW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
LocalAlloc
GetConsoleWindow
SuspendThread
lstrcmpiA
CreateFileW
CompareStringW
LockResource
HeapFree
GetTimeFormatW
GetDateFormatW
FileTimeToLocalFileTime
GetACP
WriteConsoleW
GetEnvironmentVariableA
LocalReAlloc
GetVersion
Sleep
QueryPerformanceCounter
UnhandledExceptionFilter
FindResourceExW
GetLocaleInfoW
GetSystemDefaultUILanguage
WideCharToMultiByte
SearchPathW
LocalFree
SetConsoleCtrlHandler
AllocConsole
HeapSetInformation
CloseHandle
SetConsoleCP
SetConsoleOutputCP
GenerateConsoleCtrlEvent
WriteConsoleInputA
SetConsoleMode
GetConsoleMode
GetStdHandle
OpenProcess
HeapDestroy
HeapCreate
GetProcessHeap
GetStartupInfoA
SetEvent
WaitForMultipleObjects
CreateEventW
GetVolumePathNamesForVolumeNameW
GetVolumeNameForVolumeMountPointW
DeviceIoControl
LoadResource

user32

LoadCursorW
LoadStringW
DefWindowProcW
DestroyWindow
UnregisterClassW
LoadIconW
IsCharUpperA
RegisterClassW
CreateWindowExW
ShowWindow
GetSystemMenu
UnregisterClassA
GetForegroundWindow
SetTimer
CharNextW
GetDesktopWindow

advapi32

RegOpenKeyW
IsValidSecurityDescriptor
GetSecurityDescriptorLength
RegCreateKeyW
RegDeleteKeyW
RegConnectRegistryW
RegEnumValueW
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegOpenCurrentUser

ole32

CoTaskMemRealloc
CoSetProxyBlanket
CoTaskMemFree
CoRevokeClassObject
CoInitializeSecurity
CoUninitialize

msvcrt

exit
fseek
vfwprintf
wcsstr
printf
putchar
strchr
getenv
wcscspn
iswspace
iswalpha
memset
rand
wcschr
malloc
free
bsearch
wcsncmp
isdigit
ferror
fputs
fprintf
fopen
strcspn
fwrite
ftell
qsort

crypt32

CertStrToNameW
PFXImportCertStore
CertEnumCertificateContextProperties
CertGetPublicKeyLength
CertDuplicateStore
CertAddCertificateLinkToStore
PFXExportCertStoreEx
CertSaveStore
CertGetNameStringW
CertNameToStrW
CertVerifySubjectCertificateContext
CertGetCertificateChain
CertFreeCertificateChain
CertDeleteCertificateFromStore
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CertAddCertificateContextToStore
CertRegisterPhysicalStore
CertOpenStore
CertCreateCertificateContext
CertCloseStore
CertFindExtension
CertSetCertificateContextProperty
CertGetCertificateContextProperty
CertFindCertificateInStore
CertFreeCertificateContext
CertFindCTLInStore

shlwapi

PathFindExtensionW
PathCombineW
PathFindExtensionA
UrlGetPartW

rpcrt4

UuidCreate

wininet

InternetCreateUrlW
InternetCrackUrlW

ws2_32

WSAStringToAddressA

winscard

SCardReleaseContext
SCardEstablishContext

Exports

Exports

EndorsedTechnologyVersionBe
ItTheMechanismThe
OrgIncludingCommunityPlatform
StandaloneMayThe

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64f8fafe463fa0892b3b62e460df0bab

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

crypt32

shlwapi

rpcrt4

wininet

ws2_32

winscard

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 230KB

.rsrc Size: 44KB - Virtual size: 42KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 230KB

.rsrc
Size: 44KB - Virtual size: 42KB

.reloc
Size: 4KB - Virtual size: 1KB