a498e886e2cc86cca540632ea88b51aecb5f990ee8110d57a7090550d9514943

Sharing

Copy URL Twitter E-mail

General

Target

a498e886e2cc86cca540632ea88b51aecb5f990ee8110d57a7090550d9514943
Size

236KB
MD5

7370badc73ecfa4c94970ec27b0155a0
SHA1

7aa878641b6de382fe29a4683a9f8a76045fb8a0
SHA256

a498e886e2cc86cca540632ea88b51aecb5f990ee8110d57a7090550d9514943
SHA512

d935b4712bc775d4de060ed0229ea650c90efb3db25f43ab582672b79adbb5e7c1bd224ca607ab45d18ff832635f156edb0c37381f1514a68d345f7b6a0f2457
SSDEEP

3072:1DxvbumkJf+VU1W3O4m6ZgPx1Itku9B8V0yIB5wEsAYrvV5IGBmdDQ+rI5zlalXV:1DBum0kUZ1hteyIBjerzciQXdf

Score

N/A

Malware Config

Signatures

Files

a498e886e2cc86cca540632ea88b51aecb5f990ee8110d57a7090550d9514943
.exe windows x86

1f1cccefb0b5e4206f08f96282088bf1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetFileSizeEx
GetLastError
CreateDirectoryA
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
LocalFree
FormatMessageA
GetSystemInfo
GetProcAddress
GetModuleHandleA
InterlockedDecrement
SetEvent
CreateEventA
OutputDebugStringA
ResumeThread
SetThreadPriority
InitializeCriticalSection
DeleteCriticalSection
FlushInstructionCache
lstrlenW
InterlockedIncrement
lstrlenA
lstrcmpiA
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
LoadLibraryA
HeapAlloc
HeapFree
InterlockedCompareExchange
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
ReadFile
WriteFile
SetFileAttributesA
CopyFileA
DeleteFileA
CreateProcessA
CreateFileA
GetFileSize
GetCurrentThreadId
CreateToolhelp32Snapshot
Process32First
CloseHandle
Process32Next
Sleep
OpenProcess
TerminateProcess
GetCurrentProcess
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
ExitProcess
LCMapStringW
GetVersionExA
VirtualFree
VirtualAlloc
InterlockedExchange
GetACP
LCMapStringA
IsValidCodePage
GetProcessHeap
RaiseException
GetOEMCP
GetCPInfo
HeapSize
HeapCreate
HeapDestroy
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineA
VirtualQuery
VirtualProtect
CreateThread
ExitThread
GetSystemTimeAsFileTime
RtlUnwind
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetThreadLocale
GetLocaleInfoA
IsProcessorFeaturePresent

user32

CreateDialogParamA
DefWindowProcA
TranslateMessage
DispatchMessageA
ShowWindow
SetWindowLongA
KillTimer
GetWindowLongA
SendMessageA
IsDialogMessageA
SetWindowPos
MapWindowPoints
CharNextA
GetClientRect
SystemParametersInfoA
GetWindowRect
GetWindow
GetParent
GetWindowThreadProcessId
FindWindowA
DestroyWindow
PostQuitMessage
LoadImageA
GetSystemMetrics
PostMessageA
PeekMessageA
UnregisterClassA
SetTimer
GetMessageA

advapi32

CryptHashData
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
CryptDecrypt
CryptAcquireContextA
CryptCreateHash
AdjustTokenPrivileges
CryptDeriveKey
CryptDestroyHash
CryptEncrypt
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

VarUI4FromStr
VariantClear

shlwapi

PathFileExistsA

comctl32

InitCommonControlsEx

ws2_32

ioctlsocket
recvfrom
ntohs
htonl
bind
WSACleanup
select
WSAGetLastError
htons
sendto
socket
WSAStartup

winmm

timeGetTime

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

<R
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1f1cccefb0b5e4206f08f96282088bf1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

comctl32

ws2_32

winmm

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 8KB - Virtual size: 6KB

<R Size: 92KB - Virtual size: 92KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 8KB - Virtual size: 6KB

<R
Size: 92KB - Virtual size: 92KB