fc1d1a9c155d7d7d87b5cc057f4556311037c134246c773a4d4f072d374150c7

Sharing

Copy URL Twitter E-mail

General

Target

fc1d1a9c155d7d7d87b5cc057f4556311037c134246c773a4d4f072d374150c7
Size

275KB
MD5

7bbfbda934b56f448fd770ec4d20dd90
SHA1

b2f95c51e0191b396b37ae31472257b2dc9db897
SHA256

fc1d1a9c155d7d7d87b5cc057f4556311037c134246c773a4d4f072d374150c7
SHA512

2389e288e7b217b9072a32d4158d4f455d5eaa101af9545ef8e98a50ff82c2ea9b2166eaf03e8d854f87a4965aca9040b0062cb65012b25660f3e0c529e98a82
SSDEEP

6144:KaogdMAGdnWELT0ba0rYUnJqXa7Jqxqq1hujsHLMC1Ac9+:Ka09tvLQW08+7Jlq1hKCeco

Score

N/A

Malware Config

Signatures

Files

fc1d1a9c155d7d7d87b5cc057f4556311037c134246c773a4d4f072d374150c7
.exe windows x86

1fb669c85ee50a64d281b2fdd01b4776

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
SetConsoleScreenBufferSize
lstrcpyA
AllocConsole
SetErrorMode
lstrcatA
SetConsoleWindowInfo
DuplicateHandle
LocalFree
GetConsoleScreenBufferInfo
CreateFileA
GetProcessHeap
GetSystemTimeAsFileTime
GetProcAddress
WriteConsoleInputW
GetSystemDirectoryA
GetLastError
SetHandleInformation
HeapFree
ReadConsoleOutputA
SetEnvironmentVariableA
ExpandEnvironmentStringsA
FreeLibrary
WaitForMultipleObjects
GetModuleFileNameA
ReadFile
IsDBCSLeadByte
QueryPerformanceCounter
GlobalFindAtomA
WriteConsoleInputA
LoadLibraryExW
VirtualFree
GetExitCodeProcess
WriteConsoleW
GetLocaleInfoW
GetStartupInfoA
GenerateConsoleCtrlEvent
GetTickCount
WideCharToMultiByte
CancelIo
SetLastError
SetEnvironmentVariableW
SetConsoleCtrlHandler
LoadLibraryW
GetCurrentThread
GetOverlappedResult
OpenProcess
lstrcpyW
GetConsoleMode
GetComputerNameW
SetUnhandledExceptionFilter
GetCurrentProcess
GetStdHandle
ReadConsoleOutputW
FormatMessageW
lstrlenW
WriteFile
GetSystemDefaultLCID
MultiByteToWideChar
FreeConsole
LocalAlloc
GlobalFree
HeapAlloc
GlobalAlloc
GetCurrentProcessId
GetCPInfo
CloseHandle
GetModuleHandleA
WaitForSingleObject
CreateNamedPipeW
GetLocalTime
GetACP
ExpandEnvironmentStringsW
ReleaseMutex
GetSystemDirectoryW
FormatMessageA
GetConsoleCP
CreateFileW

advapi32

RegCreateKeyA
IsValidSid
RegSetKeySecurity
LsaClose
GetSidIdentifierAuthority
SetSecurityDescriptorDacl
CreateProcessAsUserW
LookupAccountSidW
CryptGenRandom
ReportEventW
RegOpenKeyExW
EqualSid
RegSetValueExW
GetSidSubAuthorityCount
AdjustTokenPrivileges
RegLoadKeyA
RegCloseKey
LookupAccountNameW
RegisterEventSourceW
InitializeAcl
GetTokenInformation
RegOpenKeyW
GetSecurityDescriptorLength
RegCreateKeyExW
OpenProcessToken
CryptAcquireContextW
GetSidSubAuthority
AddAccessAllowedAce
LookupPrivilegeValueW
InitializeSecurityDescriptor
GetLengthSid
OpenThreadToken
DuplicateTokenEx
FreeSid
GetAce
LsaFreeMemory
CryptReleaseContext
RegQueryValueExW
LogonUserW
RegOpenKeyExA
DeregisterEventSource
LsaOpenPolicy
LsaQueryInformationPolicy
RevertToSelf
RegQueryValueExA
ImpersonateLoggedOnUser
MakeSelfRelativeSD
AllocateAndInitializeSid

netapi32

NetGetAnyDCName
NetApiBufferFree
NetUserGetInfo

msvcrt

wcscpy
wcschr
memchr
_stricmp
_snprintf
towlower
strtoul
_wcsnicmp
__initenv
_itoa
malloc
calloc
_XcptFilter
__setusermatherr
_strcmpi
isdigit
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_except_handler3
wcslen
_c_exit
??2@YAPAXI@Z
??3@YAXPAX@Z
sprintf
wcsrchr
wcscat
wcscmp
wcsncpy
_controlfp
_snwprintf
memmove
_exit
__getmainargs
toupper
strncpy
_cexit
wcsncat
free
strchr
__p__fmode
strrchr
_initterm
_wcsicmp
_adjust_fdiv

mpr

WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum
WNetCancelConnection2W
WNetAddConnection2W

aclui

EditSecurity
IID_ISecurityInformation
CreateSecurityPage

shell32

SHGetFolderPathW

ws2_32

WSASocketW

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fb669c85ee50a64d281b2fdd01b4776

Headers

File Characteristics

Imports

kernel32

advapi32

netapi32

msvcrt

mpr

aclui

shell32

ws2_32

Sections

.text Size: 124KB - Virtual size: 124KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 58KB - Virtual size: 58KB

.rsrc Size: 79KB - Virtual size: 79KB

.text
Size: 124KB - Virtual size: 124KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 58KB - Virtual size: 58KB

.rsrc
Size: 79KB - Virtual size: 79KB