1cfc3323fefe660362f132cc7ddb9ef62043aceb54e7dc7746c983034aea29c1

Sharing

Copy URL Twitter E-mail

General

Target

1cfc3323fefe660362f132cc7ddb9ef62043aceb54e7dc7746c983034aea29c1
Size

712KB
MD5

6bc9f2c9c474f15116e74c860875039a
SHA1

7851b1a558fdb33b5872c5ef81f0c08ade82b484
SHA256

1cfc3323fefe660362f132cc7ddb9ef62043aceb54e7dc7746c983034aea29c1
SHA512

be7af555df891cb5fa49b1241f57fc20b76a0d278a4da554ba0834d4bd8a28ea9a9831e10c75f2276720adc00a9fedaa34e8cf4585e1cff3f12960566a7f3bac
SSDEEP

12288:lL/BlH7EOUMJNAoRhcRZyQZLYxv0rxteSWBokrGc6qNELJ:lL/BlbEOTNd+xZLYx8rxMtBo64J

Score

N/A

Malware Config

Signatures

Files

1cfc3323fefe660362f132cc7ddb9ef62043aceb54e7dc7746c983034aea29c1
.exe windows x86

42c7d240489b32e0fb8fbb98c1830c1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
CreateToolhelp32Snapshot
Process32FirstW
GetModuleHandleW
LoadLibraryW
GetProcAddress
FreeLibrary
Process32NextW
CloseHandle
GetConsoleWindow
ExitThread
CreateThread
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FlushInstructionCache
GetCurrentThreadId
GetLastError
lstrcmpiW
SetLastError
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
CreateDirectoryW
DeleteFileW
OpenProcess
CreateProcessW
CreateEventW
WaitForSingleObject
GetExitCodeProcess
TerminateProcess
FindFirstFileW
FindClose
OutputDebugStringW
DebugBreak
lstrlenA
InterlockedIncrement
InterlockedDecrement
CreateMutexW
CopyFileW
CreatePipe
CreateProcessA
SetHandleInformation
GetEnvironmentVariableA
CreateFileMappingA
GetOverlappedResult
GetProcessTimes
GetWindowsDirectoryA
GlobalMemoryStatus
GetThreadTimes
GetSystemTimeAdjustment
SetConsoleMode
FindFirstFileA
CreateEventA
lstrlenW
MultiByteToWideChar
FindNextFileA
ReleaseMutex
FindResourceA
LocalAlloc
GlobalAlloc
GlobalFree
GetSystemTime
GetVersionExW
LocalFree
GetLocalTime
UnmapViewOfFile
MapViewOfFile
lstrcpyW
GetFileSize
CreateFileW
ReadFile
Sleep
GetTickCount
SetEvent
LoadLibraryA
GetModuleHandleA
LockResource
GetTempFileNameW
GetVersionExA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
WideCharToMultiByte
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetStartupInfoW
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeA
GetStringTypeW
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThread
GetOEMCP
IsValidCodePage
HeapDestroy
HeapCreate
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
GetTimeZoneInformation
SetEndOfFile
DeleteFileA

user32

CharNextW
wvsprintfW
LoadStringW
GetWindowLongW
SendMessageW
GetWindowTextW
SetWindowPos
InvalidateRect
ShowWindow
EnableWindow
SetWindowTextW
wsprintfW
UnregisterClassA
CopyImage
GetForegroundWindow
GetCapture
GetQueueStatus
GetClipboardOwner
SendMessageA
FindWindowA
GetDlgItem
MessageBoxW
GetActiveWindow
DialogBoxParamW
GetCursorPos
ClientToScreen
CreateWindowExW
IsMenu
GetSubMenu
SetMenuDefaultItem
TrackPopupMenu
RegisterClassExW
LoadCursorW
GetClassInfoExW
CallWindowProcW
KillTimer
SetTimer
IsWindow
DefWindowProcW
DestroyMenu
DestroyWindow
SetWindowLongW
EndPaint
BeginPaint
GetDC
EndDialog
DrawTextW
GetSystemMetrics
LoadImageW
DestroyIcon
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints

gdi32

CreateBitmap
GetMapMode
DeleteDC
GetDIBits
SetTextColor
SetBkMode
DPtoLP
DeleteObject
GetObjectW
SetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SetMapMode
StretchBlt
SelectObject

advapi32

CryptDestroyKey
RegOpenKeyA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegCreateKeyExW
RegOpenKeyW
RegCloseKey
GetUserNameW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextW
CryptGetKeyParam
CryptDeriveKey
CryptEncrypt
CryptReleaseContext
CryptDecrypt
RegQueryValueExW
RegCreateKeyW
RegCreateKeyA
RegQueryValueExA
RegSetValueExA

shell32

ShellExecuteExW
Shell_NotifyIconW
SHGetFolderPathW

ole32

CreateStreamOnHGlobal
OleRun
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance

oleaut32

GetErrorInfo
SysFreeString
SysAllocString
VarUI4FromStr
OleLoadPicture
VariantClear

netapi32

NetLocalGroupGetMembers
NetApiBufferFree

shlwapi

PathSearchAndQualifyW

comctl32

InitCommonControlsEx

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExW

wininet

InternetOpenW
InternetCloseHandle
DeleteUrlCacheEntryW
InternetReadFile
InternetQueryDataAvailable
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
HttpQueryInfoW

urlmon

URLDownloadToFileW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Sections

.text
Size: 328KB - Virtual size: 326KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

42c7d240489b32e0fb8fbb98c1830c1a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

netapi32

shlwapi

comctl32

psapi

wininet

urlmon

version

Sections

.text Size: 328KB - Virtual size: 326KB

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 12KB - Virtual size: 30KB

.rsrc Size: 204KB - Virtual size: 201KB

.rrdata Size: 60KB - Virtual size: 60KB

.text
Size: 328KB - Virtual size: 326KB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 12KB - Virtual size: 30KB

.rsrc
Size: 204KB - Virtual size: 201KB

.rrdata
Size: 60KB - Virtual size: 60KB