1a325f53c66a62c320aa136ce44e7e7b55676e4688f251eca84246430b34160d

Sharing

Copy URL Twitter E-mail

General

Target

1a325f53c66a62c320aa136ce44e7e7b55676e4688f251eca84246430b34160d
Size

782KB
MD5

40e7b60873799f87594aaa2f5c2e2ed0
SHA1

65f75c3e3675c38735e9bb3f9dc926177b73bc06
SHA256

1a325f53c66a62c320aa136ce44e7e7b55676e4688f251eca84246430b34160d
SHA512

a7532fad76170ad65172d4fd141806c6cb0fc8d7eeb66bc5c6f1afa7017eaff636184712d878fc42002b3b8cfe06da6cf42a6a091b1446da9c585ad8a13ee78a
SSDEEP

12288:o7/4jB2HDNbjmRVTUa2fRur+eAm5BvEau+QpHBQLY3dl8KWthTD:oze2HDZH/fAfPLAX8Btt

Score

N/A

Malware Config

Signatures

Files

1a325f53c66a62c320aa136ce44e7e7b55676e4688f251eca84246430b34160d
.exe windows x86

cc852324b8bacfbfdd5f2ec37dd804da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
WriteFile
SetEndOfFile
CreateFileW
GetFileAttributesW
UnmapViewOfFile
CreateFileA
GetFileSize
MapViewOfFile
CreateFileMappingA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetStringTypeExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WideCharToMultiByte
GetSystemDirectoryA
InterlockedCompareExchange
SetFilePointer
GetVersion
GetEnvironmentVariableA
Sleep
FindFirstFileA
FindFirstFileW
FindNextFileA
FindResourceW
DeleteCriticalSection
InitializeCriticalSection
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CloseHandle
IsDebuggerPresent
ExitProcess
EnumResourceLanguagesW
EnumResourceNamesW
EnumResourceTypesW
LoadLibraryA
GetProcAddress
GetLastError
FindResourceExW
LoadResource
SizeofResource
SetLastError
LockResource
GetCommandLineW
GetCurrentDirectoryW
MultiByteToWideChar
HeapAlloc
LocalFree
GlobalFree
RaiseException
GetModuleHandleW
FormatMessageW
GetProcessHeap
HeapFree
GetCurrentProcess
lstrlenA
lstrcpyA
lstrlenW
lstrcmpiA
InterlockedIncrement
InterlockedDecrement
FindNextFileW
GetFileInformationByHandle
GetFullPathNameA
RemoveDirectoryA
RemoveDirectoryW
GetFileAttributesA
SetFileAttributesA
SetFileAttributesW
CopyFileA
CopyFileW
DeleteFileA
DeleteFileW
CreateDirectoryA
CreateDirectoryW
AreFileApisANSI
GetOEMCP
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapSize
DebugBreak
OutputDebugStringA
LoadLibraryExA
FreeLibrary
LoadLibraryExW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
GetFullPathNameW
ReadFile
FindClose

msvcrt

memmove
_purecall
??3@YAXPAX@Z
_wcsicmp
_iob
?terminate@@YAXXZ
_controlfp
??1type_info@@UAE@XZ
_onexit
strchr
iswspace
qsort
_snprintf
bsearch
strtoul
malloc
_snwprintf
_itow
atoi
_itoa
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__winitenv
exit
_cexit
_XcptFilter
_exit
_c_exit
memset
strncmp
_wcslwr
_wcsnicmp
wcsrchr
realloc
__CxxFrameHandler
_vsnwprintf
wcsstr
_except_handler3
_CxxThrowException
free
vwprintf
vfprintf
fputs
??2@YAPAXI@Z
printf
fprintf
_vsnprintf
wcstoul
wcsspn
wcschr
_ui64tow

ole32

StringFromIID
CoUninitialize
CoCreateInstance
CoInitialize
StringFromCLSID
CoTaskMemFree
CLSIDFromString

oleaut32

LoadTypeLibEx
VariantClear
VariantChangeType
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysAllocStringLen
VarBstrCat
SysStringLen
SysFreeString

user32

CharNextW
CharNextA
wsprintfW

shell32

CommandLineToArgvW

imagehlp

ImageDirectoryEntryToData
ImageNtHeader
ImageRvaToVa
ImageGetDigestStream

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegEnumValueW
RegEnumValueA
RegQueryValueExW
RegQueryValueExA
RegSetValueExW
RegSetValueExA
RegCreateKeyExW
RegCreateKeyExA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteKeyW
RegDeleteValueW
RegDeleteValueA
RegQueryInfoKeyA
RegCloseKey
CryptGetHashParam
CryptCreateHash
CryptAcquireContextA
CryptHashData
CryptSetHashParam
CryptImportKey
CryptVerifySignatureW
CryptReleaseContext
CryptDestroyHash
CryptDestroyKey
CryptAcquireContextW
CryptExportKey
CryptGenRandom
CryptSignHashA
CryptGetUserKey
RegEnumKeyExW

Sections

.text
Size: 666KB - Virtual size: 665KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cc852324b8bacfbfdd5f2ec37dd804da

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ole32

oleaut32

user32

shell32

imagehlp

advapi32

Sections

.text Size: 666KB - Virtual size: 665KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 43KB - Virtual size: 42KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 666KB - Virtual size: 665KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 43KB - Virtual size: 42KB

.rmnet
Size: 56KB - Virtual size: 60KB