f1cc4b7c75c5768eb590f2e051a85ece09f4903cee3d4118abd1cc77c41b5a72

Sharing

Copy URL Twitter E-mail

General

Target

f1cc4b7c75c5768eb590f2e051a85ece09f4903cee3d4118abd1cc77c41b5a72
Size

540KB
MD5

7c551fb46a90814ff89eefaa6991c1b4
SHA1

156c10caad1aeff2cc5d9bada192fa145ff8ac1c
SHA256

f1cc4b7c75c5768eb590f2e051a85ece09f4903cee3d4118abd1cc77c41b5a72
SHA512

971613914240a214bf95850db19b26714019be2de4e69fe81ab488a80126757fbfc6d4f9e0fe4758fc74ae253847f4d6d0b31b4fd95a1277696f06af4a868491
SSDEEP

12288:0npccMAziCmg89V5bLYlRdyyO4lp5sABg:IpccjziCmg8/1LYlRQGNsD

Score

N/A

Malware Config

Signatures

Files

f1cc4b7c75c5768eb590f2e051a85ece09f4903cee3d4118abd1cc77c41b5a72
.exe windows x86

e23147bcc799715d247063468275266c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetDragImage
ImageList_Read
ImageList_Write
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_EndDrag
ImageList_DragShowNolock
ord17

setupapi

SetupDiOpenDevRegKey
SetupDiGetClassDevsExW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList

wininet

HttpEndRequestA
InternetCloseHandle

kernel32

GetTempPathW
GetCurrentProcess
lstrcatW
DeleteFileW
CreateDirectoryW
OpenEventW
SetEvent
InterlockedDecrement
GetTempPathA
GetSystemInfo
GetStringTypeExA
FreeResource
InterlockedIncrement
CreateFileMappingA
GetCurrentThreadId
GetCurrentProcessId
ReadFile
SetFilePointer
FlushFileBuffers
SetStdHandle
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
HeapReAlloc
HeapAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetModuleFileNameA
GetStartupInfoA
GetModuleHandleA
HeapFree
GetCommandLineW
GetModuleHandleW
VirtualAlloc
WriteFile
SetErrorMode
GetVersion
GetProcAddress
GetVersionExA
GetSystemTimeAsFileTime
GetCommandLineA
CloseHandle
lstrcmpiA
QueryPerformanceCounter
GetLastError
GetTickCount
ExitProcess
CreateFileA
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetCPInfo

user32

ShowWindow
RegisterClassExA
GetCapture
SetScrollPos
GetClassNameA
GetSystemMenu
GetWindowLongA
GetWindowPlacement
SetWindowPlacement
SetScrollRange
SetWindowLongA
SetWindowPos
GetSystemMetrics
MessageBoxA
WindowFromPoint
WaitMessage
ValidateRect
TranslateMessage
ShowOwnedPopups
ShowScrollBar
GetClassInfoA
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
IntersectRect
InvalidateRect
IsChild
IsDialogMessageA
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
CharNextW
ShowCursor

gdi32

CreateFontIndirectA
SetDIBColorTable
DeleteEnhMetaFile
SetBkMode
SetBkColor
SelectPalette
TextOutW
OffsetWindowOrgEx
DeleteMetaFile
GetLogColorSpaceW
SetAbortProc
SetEnhMetaFileBits
Rectangle
UnrealizeObject
StretchBlt
SetROP2
SetBrushOrgEx
SetPixel

comdlg32

PageSetupDlgW
GetOpenFileNameA
GetSaveFileNameA
FindTextW
ChooseFontA
ReplaceTextW

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExW
AllocateAndInitializeSid

shell32

SHGetFileInfoW
StrStrIA
ShellExecuteA

oleaut32

SafeArrayGetLBound
VariantInit
VarDecRound
VarRound
VarNumFromParseNum
SafeArrayRedim
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayPutElement
VariantChangeType
SafeArrayCreate

Sections

.text
Size: 352KB - Virtual size: 351KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e23147bcc799715d247063468275266c

Headers

File Characteristics

Imports

comctl32

setupapi

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 352KB - Virtual size: 351KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 58KB

.rsrc Size: 4KB - Virtual size: 3KB

.text Size: 160KB - Virtual size: 160KB

.text
Size: 352KB - Virtual size: 351KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 58KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 160KB - Virtual size: 160KB