6c074b9e937c7c3f0ee503fe9679d2577ece245fbab09417aa233af53b241a7c

Sharing

Copy URL Twitter E-mail

General

Target

6c074b9e937c7c3f0ee503fe9679d2577ece245fbab09417aa233af53b241a7c
Size

1.1MB
MD5

7c4a17b1ba6e7f96dfa024a65d68a860
SHA1

bede13a6f296ab2a192b342bf4e8e0ab1ea724e9
SHA256

6c074b9e937c7c3f0ee503fe9679d2577ece245fbab09417aa233af53b241a7c
SHA512

61260800f60568c54854278cca8709d9c54192dc53e4daa1bba4593898306e1d982d8e6012ec243865b802152af61b60c6bc787c95e786cfb975bc41e93cf9df
SSDEEP

24576:eRkp1FS412aAXcdu7PFk8+ihVhKGemIbDZBBKB9WLQncTvKNp:Xp1FS4128u7Pu2Vh/9IHHkB9lcTvKNp

Score

N/A

Malware Config

Signatures

Files

6c074b9e937c7c3f0ee503fe9679d2577ece245fbab09417aa233af53b241a7c
.exe windows x86

f1103502f93b78c5d7cd4d7cc43ad913

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

wininet

DeleteUrlCacheEntryW
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
InternetOpenW
InternetReadFile
InternetConnectW
HttpSendRequestW
InternetSetOptionW
HttpAddRequestHeadersW
InternetCloseHandle
HttpOpenRequestW
HttpQueryInfoW

kernel32

DeleteCriticalSection
GetLastError
GetProcAddress
GetModuleHandleW
lstrcmpiW
Sleep
CreateThread
CreateEventW
GetCurrentThreadId
InterlockedIncrement
SetEvent
FreeLibrary
MultiByteToWideChar
LoadLibraryExW
GetCommandLineW
CreateProcessW
EnterCriticalSection
LeaveCriticalSection
GetEnvironmentVariableW
lstrlenA
CreateDirectoryW
WriteFile
OpenProcess
WideCharToMultiByte
LoadLibraryW
FormatMessageW
GetVersionExW
GetExitCodeProcess
TerminateProcess
CreateFileW
GetEnvironmentVariableA
SetLastError
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
DeleteFileW
LocalFree
GetFileSize
FindFirstFileW
SetFilePointer
GetFileAttributesW
FindClose
RemoveDirectoryW
FindNextFileW
GetWindowsDirectoryW
SetFileAttributesW
CopyFileW
ReadFile
CopyFileA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetFullPathNameW
GetFullPathNameA
CreateFileA
MapViewOfFile
InitializeCriticalSection
SetEndOfFile
QueryPerformanceCounter
InterlockedCompareExchange
UnlockFile
LockFile
GetTickCount
UnlockFileEx
GetSystemTimeAsFileTime
FormatMessageA
GetFileAttributesA
FlushFileBuffers
GetTempPathW
LockFileEx
GetDiskFreeSpaceW
LoadLibraryA
CreateFileMappingW
GetDiskFreeSpaceA
GetSystemInfo
GetFileAttributesExW
GetCurrentProcessId
GetTempPathA
GetSystemTime
AreFileApisANSI
DeleteFileA
CreateDirectoryA
FindFirstFileA
RemoveDirectoryA
FindNextFileA
CreateMutexW
OpenMutexW
ReleaseMutex
GetCurrentProcess
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
LCMapStringW
LCMapStringA
CompareStringW
GetModuleFileNameA
GetCPInfo
CompareStringA
GetDateFormatA
GetTimeFormatA
GetStdHandle
GetFileType
WriteConsoleW
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
RtlUnwind
GetProcessHeap
RaiseException
lstrlenW
WaitForSingleObject
CloseHandle
GetModuleFileNameW
InterlockedDecrement
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GetLocaleInfoW
SetEnvironmentVariableA
TlsSetValue
HeapCreate
TlsFree
VirtualAlloc
VirtualFree
UnmapViewOfFile
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation

user32

FindWindowW
wsprintfW
PostMessageW
EnumWindows
GetClassNameW
IsWindow
CharUpperW
PostThreadMessageW
GetMessageW
DispatchMessageW
TranslateMessage
CharNextW
LoadStringW

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
SetNamedSecurityInfoW
OpenProcessToken
FreeSid
SetEntriesInAclW
AllocateAndInitializeSid
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptReleaseContext
CryptAcquireContextW
CryptGetHashParam
RegFlushKey
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

shell32

SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CLSIDFromProgID

oleaut32

SysAllocString
SysFreeString
BSTR_UserFree
BSTR_UserUnmarshal
BSTR_UserMarshal
BSTR_UserSize
SysStringLen
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
GetActiveObject
VariantClear
VariantInit

shlwapi

PathFileExistsW

rpcrt4

UuidToStringW
NdrStubCall2
NdrStubForwardingFunction
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrCStdStubBuffer2_Release

Sections

.text
Size: 799KB - Virtual size: 799KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 512B - Virtual size: 51B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rorpc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f1103502f93b78c5d7cd4d7cc43ad913

Headers

DLL Characteristics

File Characteristics

Imports

version

wininet

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

rpcrt4

Sections

.text Size: 799KB - Virtual size: 799KB

.orpc Size: 512B - Virtual size: 51B

.rdata Size: 168KB - Virtual size: 167KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 34KB - Virtual size: 33KB

.rorpc Size: 60KB - Virtual size: 60KB

.text
Size: 799KB - Virtual size: 799KB

.orpc
Size: 512B - Virtual size: 51B

.rdata
Size: 168KB - Virtual size: 167KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 34KB - Virtual size: 33KB

.rorpc
Size: 60KB - Virtual size: 60KB