cff2e13aa3295ff525e00548d9e70d3c[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

cff2e13aa3295ff525e00548d9e70d3c.exe
Size

401KB
MD5

cff2e13aa3295ff525e00548d9e70d3c
SHA1

83ce362bd0f36576caf78c984a32d9c88693bf86
SHA256

f3f1e859565fca8ff434438e2c331aae55791b6b6b74803652c364cbe99cb9b1
SHA512

7b56dad27805ddaca05252c0181e2b5a87cb1672cb2763fd3f9bc56cca497a0186286cd0e8ca9ef1db036bb3ff522f239fc95f2e1e8402e4d6ede12ad590db38
SSDEEP

6144:gEyD56nU0Q6q9DvKbDwbpbJR1XcTrepr8FsrMDyHCACb0/B5rFvn:g5EU0Q9NibDOlJR1rr8FCeXbaR

Score

N/A

Malware Config

Signatures

Files

cff2e13aa3295ff525e00548d9e70d3c.exe
.exe windows x86

1354bcb42ab98e72b0b8ea45eba87876

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExW
SHGetFileInfoW
Shell_NotifyIconA
ShellExecuteW
SHFileOperationW
SHBrowseForFolderA
Shell_NotifyIconW
SHGetSpecialFolderPathW
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
DragQueryFileW
DragQueryFileA
SHGetPathFromIDListA

advapi32

RegEnumKeyExA
CryptCreateHash
RegEnumKeyExW
CryptReleaseContext
RegCreateKeyExA
RegEnumValueA
DeregisterEventSource
CheckTokenMembership
CryptEncrypt
CryptAcquireContextA
CryptDeriveKey
RegisterEventSourceA
RegSetValueExA
RegEnumValueW
ReportEventA
RegCreateKeyExW
RegCloseKey
RegOpenKeyExA
RegSetValueExW
CryptDecrypt

winmm

waveInStop
waveOutReset
PlaySoundA

gdi32

ExtTextOutA
GetTextExtentPoint32W
DeleteObject
GetICMProfileA
GetDeviceCaps
SelectObject
GetGlyphOutlineA
CreatePen
DeleteDC
TextOutW
CreateCompatibleDC
BitBlt
GetKerningPairsA
CreateFontIndirectA
ExtTextOutW
GetStockObject
SetBkMode
TextOutA
GetTextExtentPoint32A
GetGlyphOutlineW
CreateDIBSection
Rectangle

comctl32

PropertySheetA
InitCommonControlsEx
PropertySheetW

kernel32

EnterCriticalSection
GetFileSize
LoadLibraryExW
UnmapViewOfFile
SetEndOfFile
GetVersionExA
CreateFileW
ExitProcess
Module32Next
VirtualQuery
LoadLibraryW
HeapReAlloc
IsDebuggerPresent
WriteFile
GlobalFree
GetSystemDefaultLCID
RemoveDirectoryA
GetDriveTypeA
SetThreadPriority
Sleep
GetCommandLineA
SetEnvironmentVariableA
HeapAlloc
FindFirstFileExW
GetTimeFormatW
LoadResource
GetConsoleMode
MoveFileWithProgressA
GetFileAttributesW
TlsFree
ResetEvent
HeapDestroy
GetDateFormatW
GetThreadPriority
GetShortPathNameA
CompareStringW
MapViewOfFile
VirtualFree
MoveFileA
InterlockedDecrement
GetCurrentThread
FindFirstFileExA
GetSystemInfo
GetStringTypeA
GetModuleHandleW
SetFilePointer
DeviceIoControl
GetTimeFormatA
CopyFileExW
QueryPerformanceFrequency
FindFirstFileA
GetEnvironmentStringsW
HeapSize
GetTempPathW
GetProcAddress
CreateDirectoryExW
GetStdHandle
LeaveCriticalSection
SizeofResource
GetCPInfo
SetEvent
CompareStringA
LoadLibraryExA
FindFirstChangeNotificationA
MoveFileExA
SetStdHandle
FindResourceA
GetFileAttributesA
GetConsoleCP
CreateFileA
GetConsoleOutputCP
CreateMutexA
TlsSetValue
GetLongPathNameW
LoadLibraryA
CopyFileExA
SearchPathA
OpenMutexA
CloseHandle
DeleteCriticalSection
DebugBreak
CopyFileA
FormatMessageA
Module32First
GetLastError
FreeEnvironmentStringsA
TlsAlloc
SetLastError
GetOEMCP
CopyFileW
GlobalAlloc
GetShortPathNameW
LockResource
SetUnhandledExceptionFilter
GetSystemDirectoryA
GetModuleHandleA
FindFirstChangeNotificationW
TlsGetValue
HeapCreate
ReadFile
HeapFree
GetVersion
GetStringTypeW
GetCurrentProcess
RtlUnwind
SystemTimeToTzSpecificLocalTime
GetLocaleInfoA
CreateDirectoryA
GetTempPathA
RaiseException
OpenEventA
CreateToolhelp32Snapshot
DeleteFileW
FreeLibrary
CreateFileMappingA
OutputDebugStringA
InitializeCriticalSection
GetProcessTimes
GetUserDefaultLCID
GetLongPathNameA
WaitForMultipleObjects
InterlockedExchange
CreateEventA
GetFileAttributesExA
RemoveDirectoryW
CreateProcessW
GetACP
WaitForSingleObject
GetCurrentProcessId
QueryPerformanceCounter
CreateThread
LCMapStringW
FindFirstFileW
InterlockedIncrement
GetFileAttributesExW
FlushFileBuffers
FreeEnvironmentStringsW
GetCurrentThreadId
SetFileAttributesW
FindClose
TzSpecificLocalTimeToSystemTime
WriteConsoleW
SetErrorMode

comdlg32

GetSaveFileNameA
GetOpenFileNameW
GetSaveFileNameW
GetOpenFileNameA

wininet

HttpEndRequestA
HttpAddRequestHeadersA
InternetConnectA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
HttpOpenRequestA
InternetQueryOptionA
InternetWriteFile
InternetOpenA

user32

GetWindowLongA
GetWindow
GetClassNameA
DispatchMessageA
SetDlgItemTextA
LoadIconA
LoadCursorA
FlashWindowEx
MessageBoxW
EnableWindow
SendMessageA
SetWindowTextW
GetParent
SetActiveWindow
IsWindow
GetAsyncKeyState
SetWindowPos
GetDlgItem
GetDC
SetWindowTextA
UnregisterClassW
EnumThreadWindows
CallWindowProcW
GetWindowRect
AppendMenuW
DefWindowProcA
GetWindowTextLengthA
DefWindowProcW
PeekMessageA
AdjustWindowRectEx
SystemParametersInfoA
RegisterClassW
ShowWindow
CallWindowProcA
GetFocus
GetDesktopWindow
CallNextHookEx
GetActiveWindow
SetCursor
BeginPaint
ClientToScreen
MessageBeep
MoveWindow
SendMessageW
SetCapture
PostQuitMessage
GetClientRect
InsertMenuItemW
LoadImageA
IsWindowVisible
PostMessageA
RegisterClassA
MessageBoxA
GetWindowTextA
FindWindowExA
InsertMenuItemA
IsDialogMessageA
DestroyWindow
SetWindowsHookExA
IsIconic
GetMenu
SetWindowLongA
EndPaint
ReleaseCapture
GetMenuItemInfoA
MsgWaitForMultipleObjects
UnregisterClassA
GetWindowLongW
SetFocus
AppendMenuA
GetTopWindow
ScreenToClient
DialogBoxIndirectParamA
CreateWindowExA
GetCursor
ReleaseDC
CreateWindowExW
RedrawWindow
EndDialog
SetForegroundWindow
GetClassInfoA
GetWindowTextW
DialogBoxParamW
SetDlgItemTextW
UnhookWindowsHookEx
SetWindowLongW

version

GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

Sections

.text
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 241KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1354bcb42ab98e72b0b8ea45eba87876

Headers

File Characteristics

Imports

shell32

advapi32

winmm

gdi32

comctl32

kernel32

comdlg32

wininet

user32

version

Sections

.text Size: 74KB - Virtual size: 76KB

.data Size: 20KB - Virtual size: 19KB

.rdata Size: 241KB - Virtual size: 240KB

.bss Size: - Virtual size: 16KB

.idata Size: 8KB - Virtual size: 8KB

.CRT Size: 1024B - Virtual size: 768B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 54KB - Virtual size: 54KB

.text
Size: 74KB - Virtual size: 76KB

.data
Size: 20KB - Virtual size: 19KB

.rdata
Size: 241KB - Virtual size: 240KB

.bss
Size: - Virtual size: 16KB

.idata
Size: 8KB - Virtual size: 8KB

.CRT
Size: 1024B - Virtual size: 768B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 54KB - Virtual size: 54KB