8d2fcd4ed0a3f1d4de742a6fdc141a56196794a340f819c2ce1eaab3fda4887d

Sharing

Copy URL Twitter E-mail

General

Target

8d2fcd4ed0a3f1d4de742a6fdc141a56196794a340f819c2ce1eaab3fda4887d
Size

503KB
MD5

4a833ef713a8f3082456d1eed8b61865
SHA1

27e189d4affcdd9e68ba4148ef2a506220d06c9b
SHA256

8d2fcd4ed0a3f1d4de742a6fdc141a56196794a340f819c2ce1eaab3fda4887d
SHA512

14b8d3ccea9e4bddd8fd9627aae464d1fe9d8d1d135ad156ce28a4d677475cb4382cb1cd20205933bb4f6f27870005ea32b4cb9fd01464db1cbaf56b87ca3c2f
SSDEEP

6144:GJWsTBJIgcArtHgujeHe63DM0ykXJf0fUpiuADvBMJzyJo7+iTxEUWTSVUgQ987L:GJWsTrkACfe6M0lJfS2iXDMHTavmG983

Score

N/A

Malware Config

Signatures

Files

8d2fcd4ed0a3f1d4de742a6fdc141a56196794a340f819c2ce1eaab3fda4887d
.exe windows x86

f08db7b6512378e999297586336e818a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertOpenSystemStoreA
CertEnumCertificatesInStore
PFXExportCertStoreEx
CertNameToStrA
CertDuplicateCertificateContext
CertDeleteCertificateFromStore
CertGetCertificateContextProperty
CertOpenStore
CertAddCertificateContextToStore
CertCloseStore

ntdll

NtQueryObject
NtDuplicateObject
NtQuerySystemInformation
RtlAdjustPrivilege
NtAllocateVirtualMemory
strncpy
_itoa
strtoul
_strcmpi
RtlCompareUnicodeString
NtQueryInformationProcess
NtQueryInformationThread
NtFreeVirtualMemory
_alldiv
_allmul
isalnum
RtlInitUnicodeString
NtOpenFile
NtCreateSection
NtMapViewOfSection
NtClose
NtQueryInformationFile
sprintf
memmove
LdrFindEntryForAddress
NtReadVirtualMemory
NtWriteVirtualMemory
NtProtectVirtualMemory
sscanf
memcpy
memset
_chkstk
_snprintf
_vsnprintf
wcsstr
strstr
strncmp
_strlwr
NtUnmapViewOfSection
atoi

ws2_32

WSAGetLastError
getpeername
ntohs
inet_ntoa
inet_addr
htons

wininet

InternetSetStatusCallback
InternetQueryOptionA
FindCloseUrlCache
FindNextUrlCacheEntryA
InternetCrackUrlA
DeleteUrlCacheEntry
FindFirstUrlCacheEntryA
InternetSetCookieA
InternetSetOptionA
GetUrlCacheEntryInfoW
InternetCanonicalizeUrlA

shlwapi

SHDeleteValueA
SHRegSetUSValueA
StrSpnA
StrCmpNA
StrStrA
StrStrIA
PathCombineA
StrRStrIA
StrCmpNIA
StrPBrkA

kernel32

VirtualQuery
ExitProcess
TerminateProcess
SetErrorMode
OpenThread
lstrcpyW
FindFirstFileW
FindNextFileW
CreateProcessA
CreateEventA
GetTickCount
GetVersionExA
GetUserDefaultLangID
GetModuleHandleA
IsBadWritePtr
SetFileTime
CreateRemoteThread
GetTimeZoneInformation
CreateSemaphoreA
ReleaseSemaphore
VirtualQueryEx
VirtualAllocEx
TryEnterCriticalSection
ResumeThread
FlushInstructionCache
OpenProcess
lstrlenW
GetFileInformationByHandle
GetLocalTime
FileTimeToSystemTime
lstrcpyA
DuplicateHandle
CreateDirectoryW
CreateDirectoryA
LocalFileTimeToFileTime
lstrcmpA
SystemTimeToFileTime
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
GetExitCodeThread
GetCurrentProcessId
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcatA
WideCharToMultiByte
FindResourceExA
LoadResource
OutputDebugStringA
GetCurrentThreadId
GetLastError
CloseHandle
CreateThread
Sleep
HeapFree
HeapValidate
HeapAlloc
GetProcessHeap
TerminateThread
IsBadReadPtr
SetUnhandledExceptionFilter
ReadFile
SetFilePointer
GetFileSize
CreateFileA
LeaveCriticalSection
EnterCriticalSection
GetEnvironmentVariableA
SetEnvironmentVariableA
SuspendThread
SetThreadPriority
WaitForSingleObject
UnmapViewOfFile
MapViewOfFile
GetSystemInfo
CreateFileMappingA
GetModuleFileNameA
InitializeCriticalSection
MultiByteToWideChar
ReadProcessMemory
GetThreadSelectorEntry
GetThreadContext
ExitThread
WriteProcessMemory
VirtualProtectEx
CreateMutexA
SetLastError
HeapReAlloc
lstrlenA
DeleteFileW
SetFileAttributesW
WriteFile
CreateFileW
SetEvent
GetTempFileNameA
OpenMutexA
GetThreadPriority
DisconnectNamedPipe
FlushFileBuffers
RemoveDirectoryA
MoveFileExA
DeleteFileA
ConnectNamedPipe
CreateNamedPipeA
WaitNamedPipeA
FindClose
FindNextFileA
FindFirstFileA
QueryDosDeviceA
GetLogicalDriveStringsA
GetFileAttributesW
SizeofResource

user32

MsgWaitForMultipleObjects
GetKeyboardState
DispatchMessageW
TranslateMessage
PeekMessageW
CharLowerA
wsprintfA
DrawIcon
GetIconInfo
LoadCursorA
EnumWindows
GetWindowThreadProcessId
SetWindowLongA
GetWindowLongA
CallWindowProcA
GetWindowDC
GetWindowRect
GetCursorPos
ReleaseDC
LoadStringW
LoadStringA
ToUnicode

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
DeleteDC

advapi32

CryptGetKeyParam
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegEnumValueA
RegQueryValueExA
RegOpenKeyExA
CryptDestroyKey
CryptGetUserKey
CryptReleaseContext
CryptAcquireContextW
RegCloseKey

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetFolderPathA

ole32

CreateStreamOnHGlobal

Sections

.text
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f08db7b6512378e999297586336e818a

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

ntdll

ws2_32

wininet

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 291KB - Virtual size: 290KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 291KB - Virtual size: 290KB

.reloc
Size: 8KB - Virtual size: 8KB