15212cf01ec9659a6dc47ed41c2940c480ab9c9558f24706b4a09a9656218e9c

Sharing

Copy URL Twitter E-mail

General

Target

15212cf01ec9659a6dc47ed41c2940c480ab9c9558f24706b4a09a9656218e9c
Size

992KB
MD5

6659b1d37dc3e356df087cbf9c3fc2f0
SHA1

1b492c3bdbca70ab09bd1ac1b062b710665eea62
SHA256

15212cf01ec9659a6dc47ed41c2940c480ab9c9558f24706b4a09a9656218e9c
SHA512

73a7201b456d56badc43cab1db1c132e2fa634222a276a7889ae2fa57cd52c7f9fd3151ed6bf593a5abc16e7c2772c96131dbf11eecc5248cd1f0ca2ad4f2a37
SSDEEP

24576:F0GNaATqgi39MifP8t2h/iXtzwGWrYOHkkkkkkkkkkkkkkUkkkkkkkkkkkkkkkkp:FhaATjz+rYm4

Score

N/A

Malware Config

Signatures

Files

15212cf01ec9659a6dc47ed41c2940c480ab9c9558f24706b4a09a9656218e9c
.exe windows x86

1b8495aef58ebcc7967dff3e69b67536

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ccpbrowserthunk

MDTH_WebView_unfocus
MDTH_WebView_SetViewSourceMode
MDTH_WebView_resize
MDTH_WebView_performCommand
MDTH_WebView_injectMouseWheel
MDTH_WebView_injectMouseMove
MDTH_WebView_injectMouseDown
MDTH_Initialize
MDTH_WebCore_Initialize
MDTH_WebCore_update
MDTH_WebCore_Destroy
MDTH_WebCore_AddToUserAgent
MDTH_WebView_removeHeaderRewriteRulesByDefinitionName
MDTH_WebView_addHeaderRewriteRule
MDTH_WebView_Create
MDTH_WebView_setTransparent
MDTH_WebView_createObject
MDTH_WebView_setObjectCallback
MDTH_WebView_loadURL
MDTH_WebView_setListener
MDTH_WebView_Destroy
MDTH_WebView_isDirty
MDTH_WebView_render
MDTH_WebView_clearAllURLFilters
MDTH_WebView_setURLFilteringMode
MDTH_WebView_addURLFilter
MDTH_WebView_setHeaderDefinition
MDTH_WebView_loadHTML
MDTH_WebView_goToHistoryOffset
MDTH_WebView_StopLoading
MDTH_WebView_injectKeyboardEvent
MDTH_WebView_injectMouseUp
MDTH_WebView_focus

kernel32

GetComputerNameA
OpenFileMappingA
OutputDebugStringA
GetModuleHandleW
GetCurrentThreadId
GetTickCount
SetLastError
CreateProcessW
GetModuleFileNameW
SetFilePointer
CreateFileW
CreateMutexW
WriteFile
InterlockedCompareExchange
InterlockedExchange
SetUnhandledExceptionFilter
LocalFree
GetCommandLineW
GetSystemTimeAsFileTime
GetFileAttributesW
CreateFileMappingW
ReadFile
MultiByteToWideChar
WideCharToMultiByte
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEnvironmentVariableA
LeaveCriticalSection
GetCurrentProcessId
RaiseException
TlsGetValue
TlsAlloc
TlsFree
TlsSetValue
InterlockedExchangeAdd
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
CreateEventW
ConnectNamedPipe
CancelIo
CreateNamedPipeW
GetHandleInformation
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
HeapSize
GetStringTypeW
GetStringTypeA
ExitProcess
GetModuleHandleA
GetProcAddress
LCMapStringW
LCMapStringA
GetCPInfo
HeapReAlloc
GetStartupInfoA
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetCommandLineA
RtlUnwind
UnhandledExceptionFilter
VirtualAlloc
GetModuleFileNameA
OpenEventA
OpenMutexA
GetLastError
MapViewOfFile
QueryPerformanceCounter
SetEvent
ResetEvent
WaitForSingleObject
ReleaseMutex
UnmapViewOfFile
CloseHandle
GetCurrentProcess
TerminateProcess
IsValidCodePage
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
CompareStringA
Sleep
CompareStringW
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetSystemInfo
GetThreadLocale
HeapCreate
EnterCriticalSection
GetTimeZoneInformation
GetACP
GetOEMCP
VirtualFree

user32

ReleaseDC
GetDC
GetGuiResources
SystemParametersInfoW
UnregisterClassW
MsgWaitForMultipleObjectsEx
WaitMessage
RegisterClassExW
CreateWindowExW
DefWindowProcW
SetTimer
GetQueueStatus
PeekMessageW
PostQuitMessage
TranslateMessage
DispatchMessageW
KillTimer
PostMessageW
wsprintfW
MessageBoxW
LoadCursorW
DestroyWindow

gdi32

CreateRectRgnIndirect
PathToRegion
SelectClipRgn
SetPolyFillMode
BeginPath
PolyBezier
AbortPath
EndPath
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetBrushOrgEx
SetArcDirection
SetBkColor
SetTextColor
SetDCBrushColor
SetDCPenColor
SetROP2
GetGlyphOutlineW
GetOutlineTextMetricsW
SetBkMode
GetDeviceCaps
CreateFontIndirectW
CreateDIBSection
CreateCompatibleDC
SelectObject
DeleteObject
GdiFlush
BitBlt
GdiAlphaBlend
DeleteDC
GetObjectW
CreateRectRgn

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW
OpenProcessToken
GetTokenInformation

shell32

CommandLineToArgvW
SHCreateDirectoryExW

winmm

timeGetTime

psapi

GetProcessMemoryInfo

Sections

.text
Size: 584KB - Virtual size: 581KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 348KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b8495aef58ebcc7967dff3e69b67536

Headers

File Characteristics

Imports

ccpbrowserthunk

kernel32

user32

gdi32

advapi32

shell32

winmm

psapi

Sections

.text Size: 584KB - Virtual size: 581KB

.rdata Size: 348KB - Virtual size: 345KB

.data Size: 12KB - Virtual size: 40KB

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 584KB - Virtual size: 581KB

.rdata
Size: 348KB - Virtual size: 345KB

.data
Size: 12KB - Virtual size: 40KB

.rsrc
Size: 44KB - Virtual size: 41KB