cc7ac3ee37efbb26c7c12a5474e6b367abf1bd3730e938ca60114421d24e9495

Sharing

Copy URL

Twitter E-mail

General

Target

cc7ac3ee37efbb26c7c12a5474e6b367abf1bd3730e938ca60114421d24e9495
Size

292KB
MD5

3b3529e2b60336dbf5344d559e586213
SHA1

4b290465206d63e21472849774b051529bd775a5
SHA256

cc7ac3ee37efbb26c7c12a5474e6b367abf1bd3730e938ca60114421d24e9495
SHA512

cf919e3f543e1c5c791a305c96cf497b609fdafdcf1a3b3e506990e7198d053098ddbb1cf18b486f0e2a90a76a0d78d0403384fa457d41bfec5cfd2e978b2fdf
SSDEEP

3072:Yf5OpeLKUGRyRaqGErB0hXabObuSoh4VQbRUX6OApAUZRq8abqXPBFpWeE/W2Y0v:B0rNf4VQbR0cGJbqXfpVp6xR

Score

N/A

Malware Config

Signatures

Files

cc7ac3ee37efbb26c7c12a5474e6b367abf1bd3730e938ca60114421d24e9495
.exe windows x86

330d6702ec2382b0f750c26f161a0f81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsA
FindClose
FindNextFileA
FindFirstFileA
LocalFree
FormatMessageA
GetSystemDefaultLangID
GetExitCodeProcess
CreateProcessA
GetTempPathA
GetFileInformationByHandle
CreateFileA
GetPrivateProfileStringA
FlushInstructionCache
TerminateThread
SetLastError
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLocalTime
SetEvent
CreateThread
CreateEventA
SetThreadPriority
LocalAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
SetStdHandle
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
InterlockedExchange
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetStdHandle
WriteFile
HeapCreate
GetDiskFreeSpaceExA
GetComputerNameA
GetFileAttributesA
GetVersionExA
FindResourceExA
LockResource
TerminateProcess
OpenProcess
SystemTimeToFileTime
CompareFileTime
GetTickCount
WaitForSingleObject
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
MultiByteToWideChar
IsDBCSLeadByte
GetCurrentThreadId
SetConsoleCtrlHandler
Sleep
GetModuleHandleW
GetModuleFileNameA
GetCurrentThread
GetCurrentProcess
CloseHandle
lstrcmpiA
lstrlenA
GetModuleHandleA
GetProcAddress
InterlockedDecrement
InterlockedIncrement
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
WriteConsoleA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCommandLineA
ExitProcess
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualQuery
GetSystemInfo
VirtualProtect
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapAlloc
HeapDestroy
GetProcessHeap
HeapFree
ReadFile

user32

RegisterClassExA
PostThreadMessageA
CharNextA
CharNextW
MessageBoxA
DispatchMessageA
GetMessageA
wsprintfA
TranslateMessage
PeekMessageA
wvsprintfA
SetWindowLongA
SetTimer
KillTimer
CallWindowProcA
GetWindowLongA
CreateWindowExA
GetClassInfoExA
DefWindowProcA
DestroyWindow
LoadCursorA
UnregisterClassA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoCreateInstanceEx
CoDisconnectObject
CoUninitialize
CoInitializeSecurity
CoInitialize
CoRevertToSelf
CoImpersonateClient
StringFromGUID2

advapi32

OpenThreadToken
RegRestoreKeyA
RegSaveKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegFlushKey
RegQueryValueExA
ReportEventA
RegisterEventSourceA
LookupAccountSidA
DeregisterEventSource
AllocateAndInitializeSid
EqualSid
FreeSid
CreateServiceA
DeleteService
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
ControlService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
StartServiceA
QueryServiceStatus
OpenProcessToken
RegEnumKeyExA
GetTokenInformation
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
IsValidSid
GetLengthSid
CopySid
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
SetServiceStatus

shell32

SHGetSpecialFolderPathA

oleaut32

SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
SafeArrayDestroy
SafeArrayCreateVector
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
GetErrorInfo
LoadRegTypeLi

shlwapi

PathAppendA
PathRemoveBackslashA
PathRemoveFileSpecA
PathFindFileNameA
PathFindExtensionA

secur32

GetUserNameExA

Sections

.text
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

330d6702ec2382b0f750c26f161a0f81

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

advapi32

shell32

oleaut32

shlwapi

secur32

Sections

.text Size: 210KB - Virtual size: 209KB

.rdata Size: 46KB - Virtual size: 45KB

.data Size: 10KB - Virtual size: 31KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 210KB - Virtual size: 209KB

.rdata
Size: 46KB - Virtual size: 45KB

.data
Size: 10KB - Virtual size: 31KB

.rsrc
Size: 24KB - Virtual size: 24KB