2fd0c878906bc80b3547a82fa3e57f7919e346cb56f378a803dc3c4892569dff

Sharing

Copy URL

Twitter E-mail

General

Target

2fd0c878906bc80b3547a82fa3e57f7919e346cb56f378a803dc3c4892569dff
Size

200KB
MD5

036f47ee4df56b06f58dd0810c4f4976
SHA1

21b95cd6b8bef82afba67613440f40249f8fb68e
SHA256

2fd0c878906bc80b3547a82fa3e57f7919e346cb56f378a803dc3c4892569dff
SHA512

0ce51e70e6613c266e9234eb0212f2cf2e9455521ba87ddae09ba4a3243a99ef5cec83524d0e9b3c2e5b1d84324ffb85605221eb7407a80f89e9153e36d032a2
SSDEEP

3072:mF7nxpBe51jg+4BRgUDXBdSeb5lttbrXsYs8JOLxh:O1pB+154Y6579TvAl

Score

N/A

Malware Config

Signatures

Files

2fd0c878906bc80b3547a82fa3e57f7919e346cb56f378a803dc3c4892569dff
.exe windows x86

cc20ac11b243196264178a539a92cf42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DeferWindowPos
CreateMenu
UnregisterHotKey
LoadCursorA
TranslateMessage
GetWindowLongA
BeginDeferWindowPos
GetClassInfoExA
EnumWindows
CallNextHookEx
RegisterWindowMessageA
DefWindowProcA
ReleaseDC
FillRect
TrackPopupMenu
DrawFrameControl
PostMessageA
SetWindowLongA
IsDialogMessageA
GetActiveWindow
AppendMenuA
SetClipboardData
DestroyWindow
SendMessageA
IsClipboardFormatAvailable
SendDlgItemMessageA
CheckRadioButton
SetForegroundWindow

mprapi

MprAdminInterfaceDelete
MprConfigTransportCreate
MprConfigServerRestore
MprAdminPortGetInfo
MprAdminPortEnum
MprAdminPortDisconnect
MprAdminPortClearStats
MprAdminInterfaceConnect
MprAdminInterfaceCreate
MprConfigTransportDelete
MprAdminInterfaceDeviceGetInfo
MprAdminInterfaceGetCredentialsEx
MprAdminInterfaceSetCredentials

usp10

ScriptStringGetOrder
ScriptStringAnalyse
ScriptJustify
ScriptItemize
ScriptGetGlyphABCWidth
ScriptStringOut

kernel32

GetModuleHandleA
SetConsoleCtrlHandler
ReadFile
SetEndOfFile
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
GetLocaleInfoA
VirtualQuery
InterlockedExchange
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
CreateFileA
FlushFileBuffers
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
HeapSize
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetFilePointer
GetCurrentProcess
TerminateProcess
GetProcAddress
RemoveDirectoryA
TlsAlloc
GetProfileStringW
GetTempPathA
HeapFree
HeapAlloc
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetLastError
CloseHandle
WriteFile
ExitProcess

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 690KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc20ac11b243196264178a539a92cf42

Headers

File Characteristics

Imports

user32

mprapi

usp10

kernel32

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 88KB - Virtual size: 690KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 88KB - Virtual size: 690KB

.reloc
Size: 8KB - Virtual size: 7KB