fc2521f7b78aec04e42abf9df060e9fd8ebef4e348769b382872f78b439aeb5d

Sharing

Copy URL

Twitter E-mail

General

Target

fc2521f7b78aec04e42abf9df060e9fd8ebef4e348769b382872f78b439aeb5d
Size

166KB
MD5

20bfab5a8df1330611d7e3f2c9ae622f
SHA1

3e1ee42e94c019513ecb4590f7e884d36f1b6f17
SHA256

fc2521f7b78aec04e42abf9df060e9fd8ebef4e348769b382872f78b439aeb5d
SHA512

06b56a59f54f800b1a5c484ac9324cb6326a5079e0f7a14120f9a67d66a7362b708ce5e05fd675eeb9da817755c883888aa24648ebba03043ad8fc6ae183e5cb
SSDEEP

3072:uOMw1EEXxmsZhpO7Sd/aAm4Sv35hTFLHscDYPvn5Lb+MrWKvQvld4+QuJ:uQhnZhpgq/2nnTF1S5+TKvQvldFQu

Score

N/A

Malware Config

Signatures

Files

fc2521f7b78aec04e42abf9df060e9fd8ebef4e348769b382872f78b439aeb5d
.exe windows x86

a93dee9ad3f18df0a35fbc912cce32fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetDiskFreeSpaceExA
FreeLibrary
ExitThread
WriteFile
CopyFileA
GetStdHandle
InitializeCriticalSection
GetFullPathNameA
DuplicateHandle
GetWindowsDirectoryA
SetFilePointer
GetDateFormatA
ResumeThread
DeleteFileA
GetLastError
GetCurrentProcess
GetCompressedFileSizeA
LeaveCriticalSection
FindClose
GetProcessHeap
QueryPerformanceCounter
SetErrorMode
GetFileType
GetModuleHandleA
ReleaseMutex
VirtualQuery
SetEndOfFile
CreateSemaphoreA
GetModuleFileNameA
GetCurrentThreadId
InterlockedDecrement
GetCurrentProcessId
MoveFileExA
EnterCriticalSection
GetConsoleScreenBufferInfo
SetThreadPriority
GetSystemTimeAsFileTime
MapViewOfFile
FreeConsole
VirtualAlloc
GetACP
CreateThread
IsBadWritePtr
GetEnvironmentVariableA
FileTimeToSystemTime
CreateFileMappingA
LockResource
HeapWalk
GetComputerNameA
OpenProcess
GetFileSize
DeviceIoControl
FormatMessageA
FindFirstFileA
GetLogicalDriveStringsA
FindResourceA
ExpandEnvironmentStringsW
ReadFile
LockFile
SearchPathA
LocalUnlock
GetUserDefaultLangID
GetVolumeInformationA
SetConsoleCtrlHandler
GetVersionExA
GlobalFindAtomA
LoadLibraryW
VirtualProtectEx
DeleteCriticalSection
GetFileAttributesA
GetTickCount
GetSystemDirectoryA
Sleep
CreateEventA
GetExitCodeProcess
FlushFileBuffers
SetConsoleTitleA
DefineDosDeviceA
GetVersion
MultiByteToWideChar
SetVolumeLabelA
GetCurrentDirectoryA
ReleaseSemaphore
CreateMutexA
QueryPerformanceFrequency
WaitForSingleObject
InterlockedIncrement
TerminateThread
GetCommandLineA
ExitProcess
UnmapViewOfFile
GetSystemInfo
SetLastError
GetFileAttributesExA
GetLocalTime
GetCurrentThread
GetProcAddress
SetPriorityClass
SizeofResource
GetPriorityClass
LocalAlloc
GetLogicalDrives
Beep
GetTimeFormatA
LocalFree
OpenEventA
GetDriveTypeA
CreateFileA
SetFileTime
SetUnhandledExceptionFilter
VirtualFree
lstrlenA
QueryDosDeviceA
LoadLibraryA
SetEvent
DebugBreak
GetSystemDefaultLangID
SystemTimeToFileTime
GetConsoleTitleA
CreateProcessA
GetDiskFreeSpaceA
HeapValidate
SetFileAttributesA
LocalLock
FindNextFileA
LoadResource
CloseHandle

user32

IsDlgButtonChecked
CallWindowProcA
LoadIconA
SetFocus
SetForegroundWindow
ReleaseDC
MessageBoxA
IsWindowVisible
SendMessageA
TrackMouseEvent
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
GetSystemMenu
RegisterClassExA
ClientToScreen
MessageBeep
GetWindowRect
PostMessageA
GetProcessWindowStation
SetCursor
CheckDlgButton
BroadcastSystemMessageA
SetWindowLongA
KillTimer
wvsprintfA
ScreenToClient
SetScrollInfo
LoadCursorA
DefWindowProcA
SetWindowTextA
LoadStringA
InvalidateRect
GetDC
GetDesktopWindow
UpdateWindow
CreateWindowExA
RegisterClassA
GetParent
ExitWindowsEx
wsprintfA
SetScrollPos
GetKeyboardLayout
EnableMenuItem
GetDialogBaseUnits
GetCursor
AppendMenuA
DrawTextA
DialogBoxParamA
ShowWindow
GetDlgItemInt
IsWindow
SystemParametersInfoA
EndDialog
DestroyWindow
GetClientRect
GetUserObjectInformationA
SetRect
DrawIcon
GetDlgItem
GetWindowLongA
FindWindowA
DialogBoxIndirectParamA
BeginPaint
SetWindowPos
RedrawWindow
GetWindowTextA
TrackPopupMenu
GetKeyState
EnableWindow
CreatePopupMenu
GetActiveWindow

gdi32

TextOutA
CreateBrushIndirect
CreateDCA
DeleteObject
CreatePen
DeleteDC
SelectObject
CreateRectRgn
GetStockObject
GetTextExtentPoint32A
SetBkMode
SelectClipRgn
CreateFontIndirectA
CreateSolidBrush
SetTextColor
LineTo
SetBkColor
RoundRect
MoveToEx

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

CreateServiceA
RegEnumKeyA
RegOpenKeyExA
RegLoadKeyA
RegEnumKeyExA
LookupPrivilegeValueA
RegSetValueExA
LogonUserW
SetSecurityInfo
AdjustTokenPrivileges
LogonUserA
ImpersonateLoggedOnUser
GetUserNameA
RegFlushKey
RegDeleteValueA
SetEntriesInAclA
ControlService
RegCreateKeyA
RegEnumValueA
GetSecurityInfo
AllocateAndInitializeSid
DeleteService
OpenProcessToken
RegCloseKey
RegSetValueA
CloseServiceHandle
RegUnLoadKeyA
RegQueryValueA
RegDeleteKeyA
OpenSCManagerA
OpenServiceA
StartServiceA
RegOpenKeyA
QueryServiceStatus
RegQueryValueExA

shell32

SHChangeNotify
SHGetSpecialFolderLocation
ShellExecuteA
SHBrowseForFolderA
ShellExecuteExA
SHGetPathFromIDListA

ole32

CoInitializeSecurity
CoUninitialize
CoInitializeEx

oleaut32

SysFreeString

msvcrt

_setjmp3
isspace
_kbhit
_getch
_filelength
wcslen
_strdup
strncpy
__set_app_type
__getmainargs
memcpy
rewind
_makepath
_except_handler3
isalnum
_getche
__p__fmode
strncat
malloc
wcstombs
_vsnprintf
strstr
_controlfp
localtime
atol
memset
__dllonexit
??3@YAXPAX@Z
fwrite
_read
_memicmp
_fileno
strrchr
_strlwr
__p__commode
fgets
isalpha
sscanf
fprintf
_access
wcscmp
_initterm
_onexit
__CxxFrameHandler
realloc
strcpy
tolower
_unlink
fclose
exit
_wsplitpath
_XcptFilter
printf
_ui64toa
_stricmp
_adjust_fdiv
__p___initenv
bsearch
_CIcos
__setusermatherr
isprint
system
qsort
_snprintf
wcsstr
_splitpath
calloc
fflush
vprintf
_iob
_close
_local_unwind2
strlen
strncmp
_open
strcmp
strcat
_lrotl
_wcsicmp
fopen
??2@YAPAXI@Z
_snwprintf
setvbuf
_write
_spawnlp
atoi
free
time
putchar
_ftol
wcscat
sprintf
_msize
_isatty
memmove
mbstowcs
toupper
swprintf
_stat
rand
_lseek
_strnicmp
_exit
isdigit
_beginthread
longjmp
isupper
memcmp
srand
_fullpath
fread
strchr
asctime

Sections

CODE
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a93dee9ad3f18df0a35fbc912cce32fe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

msvcrt

Sections

CODE Size: 139KB - Virtual size: 138KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 9KB

.rsrc Size: 16KB - Virtual size: 15KB

CODE
Size: 139KB - Virtual size: 138KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 9KB

.rsrc
Size: 16KB - Virtual size: 15KB