11c22361afdfaafdc3f2af7d7e87f9865119411e6934cff323ccd0775f489f76

Sharing

Copy URL Twitter E-mail

General

Target

11c22361afdfaafdc3f2af7d7e87f9865119411e6934cff323ccd0775f489f76
Size

94KB
MD5

4aeb325b3f848410bab10700b73d56c0
SHA1

49403335473e29565be104b53c4c9bf11918845a
SHA256

11c22361afdfaafdc3f2af7d7e87f9865119411e6934cff323ccd0775f489f76
SHA512

db55cd49d19bfba23561db8c3d4cbcd5ccb116965789a93a981dbb2dc7f6ee146ffa105ef37d2af0e423bbc6e0fe0776c06899dfb0a849b72ecfe1b4ebaa8d08
SSDEEP

1536:WrScT9HeVXyCVXhfJYUqS/KvjoQmzYgLlMXXaWjG+:4RTteVXDhfPKc2gLlYXak

Score

N/A

Malware Config

Signatures

Files

11c22361afdfaafdc3f2af7d7e87f9865119411e6934cff323ccd0775f489f76
.exe windows x86

4d714f78ddb84c32ac62650164b5e3ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_onexit
__dllonexit
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_beginthreadex
strncmp
rand
atoi
free
realloc
strncat
strchr
exit
strcpy
_iob
malloc
strrchr
_local_unwind2
strncpy
strcat
_except_handler3
memcmp
??2@YAPAXI@Z
memset
__CxxFrameHandler
strstr
strlen
memcpy
memmove
ceil
_ftol
??1type_info@@UAE@XZ
_CxxThrowException
??3@YAXPAX@Z
wcslen
_strcmpi
_strnicmp
_strupr

kernel32

CreateToolhelp32Snapshot
LocalAlloc
FreeLibrary
WideCharToMultiByte
lstrlenW
GetCurrentThreadId
OpenProcess
lstrcmpiA
MultiByteToWideChar
OutputDebugStringA
CopyFileA
WinExec
GetShortPathNameA
GetEnvironmentVariableA
SetPriorityClass
GetCurrentThread
SetThreadPriority
ResumeThread
InterlockedDecrement
CreateMutexA
OpenEventA
GetVersionExA
GetSystemInfo
GlobalMemoryStatus
GetModuleHandleA
DeviceIoControl
HeapFree
GetProcessHeap
HeapAlloc
WriteFile
GetSystemDirectoryA
GetTempPathA
MoveFileA
MoveFileExA
RaiseException
Process32First
Process32Next
TerminateThread
GetCurrentProcess
GetTickCount
GetStartupInfoA
InitializeCriticalSection
DeleteCriticalSection
VirtualFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
CreateEventA
CloseHandle
WaitForSingleObject
Sleep
ResetEvent
lstrcpyA
SetEvent
InterlockedExchange
CancelIo
GetProcAddress
LoadLibraryA
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
SetLastError
DeleteFileA
lstrlenA
LocalFree
lstrcatA
GetLastError
GetWindowsDirectoryA
GetFileSize
GetFileAttributesA
CreateProcessA

user32

OpenDesktopA
PostMessageA
EnumWindows
CloseDesktop
ExitWindowsEx
wsprintfA
GetUserObjectInformationA
GetWindowTextA
SetThreadDesktop
GetThreadDesktop
OpenInputDesktop

shell32

ShellExecuteA
SHGetSpecialFolderPathA

urlmon

URLDownloadToFileA

iphlpapi

GetIfTable

ole32

CoInitialize
CoCreateInstance
CoUninitialize
OleRun
CLSIDFromProgID
CLSIDFromString

oleaut32

SetErrorInfo
CreateErrorInfo
VariantChangeType
GetErrorInfo
SysAllocString
VariantClear
SysFreeString
VariantInit

wtsapi32

WTSQuerySessionInformationA
WTSFreeMemory

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d714f78ddb84c32ac62650164b5e3ea

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

shell32

urlmon

iphlpapi

ole32

oleaut32

wtsapi32

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 8KB

.idata Size: 5KB - Virtual size: 5KB

.didat Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 8KB

.idata
Size: 5KB - Virtual size: 5KB

.didat
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB