c1e70eb476c89f316fb3ce7362416ec26a52caf2bca634cb7ea1b223c3bd89e6

Sharing

Copy URL Twitter E-mail

General

Target

c1e70eb476c89f316fb3ce7362416ec26a52caf2bca634cb7ea1b223c3bd89e6
Size

370KB
MD5

6bb6b1ff87f3a726a332f40e68713d20
SHA1

57216a890fe3f3019d0d4095911987318dc6f79c
SHA256

c1e70eb476c89f316fb3ce7362416ec26a52caf2bca634cb7ea1b223c3bd89e6
SHA512

7b661d4b8de2aa91b52e0cddb893f9b5d5aa0b3fe70ef67a23bb3c1830e5718c619235423bcc54bb4ef784c13be69ae8b62e8710d3d31607ab258788e8d5c9f7
SSDEEP

6144:NEZdNUneeBr3TvCeNL60IDGpw9GXj8g4kzRruS9PDH2IIMepa3EkzJfNcn45z:NEXaneeBHvnNG0IDGSIz8g5zRruS9Yp8

Score

N/A

Malware Config

Signatures

Files

c1e70eb476c89f316fb3ce7362416ec26a52caf2bca634cb7ea1b223c3bd89e6
.exe windows x86

d9259f8ff8a8dbf77d6b5b11d22f043c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetModuleFileNameA
GetUserDefaultLCID
GetDateFormatW
SetEvent
GetStdHandle
CompareStringA
GetTimeFormatA
RaiseException
GetCurrentProcess
CopyFileW
GetCommandLineA
FileTimeToSystemTime
GetEnvironmentStringsW
GlobalUnlock
GetVersionExA
HeapFree
VirtualAlloc
HeapDestroy
GetConsoleCP
CreateDirectoryW
LocalUnlock
GetACP
GetOEMCP
SetHandleCount
FreeEnvironmentStringsW
lstrcpynW
FindClose
GlobalSize
GetSystemInfo
GetProcAddress
LoadLibraryA
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
MultiByteToWideChar
GetLocaleInfoA
VirtualProtect
VirtualQuery
InterlockedExchange
LCMapStringW
RtlUnwind
IsBadWritePtr
HeapReAlloc
HeapAlloc
GetCPInfo
GetStringTypeW
VirtualFree
HeapCreate
GetFileType
GetLastError
WideCharToMultiByte
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleHandleA
GetStartupInfoA
ExitProcess
TerminateProcess
WriteFile
UnhandledExceptionFilter

user32

OpenClipboard
DrawMenuBar
IsWindow
ScreenToClient
CallNextHookEx
GetSysColor
GetMenuItemCount
ScrollWindow

comdlg32

GetFileTitleW
ChooseColorW
GetSaveFileNameW
ChooseColorA
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA
ChooseFontW
PrintDlgW
FindTextA
PageSetupDlgA
GetOpenFileNameW
ReplaceTextW
PageSetupDlgW

ole32

StgIsStorageILockBytes

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qtrodqk
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 186KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d9259f8ff8a8dbf77d6b5b11d22f043c

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 122KB - Virtual size: 367KB

.rsrc Size: 31KB - Virtual size: 32KB

qtrodqk Size: - Virtual size: 4KB

.text Size: 186KB - Virtual size: 188KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 122KB - Virtual size: 367KB

.rsrc
Size: 31KB - Virtual size: 32KB

qtrodqk
Size: - Virtual size: 4KB

.text
Size: 186KB - Virtual size: 188KB