0cdd33de1f17268fe1059e249ea059830df1c7e83448403e680273021cf31fe6

Sharing

Copy URL Twitter E-mail

General

Target

0cdd33de1f17268fe1059e249ea059830df1c7e83448403e680273021cf31fe6
Size

428KB
MD5

91771c736c31bf07c10fe6c81ab08640
SHA1

06c5b82fea3d6872267897669031be836b08ebaf
SHA256

0cdd33de1f17268fe1059e249ea059830df1c7e83448403e680273021cf31fe6
SHA512

2ede6f767397c663bd21eeba99bdb3c70c5549aab8d3b681f4258037db97f29d41edc03d2c12dd3adb0f3decf553ad1a4739308fccf17c07cff20085c07d714a
SSDEEP

6144:/CsBVqk6ZhlMrr5sMZLXUtGh8tdCtd6JVxq:/CsujdzR

Score

N/A

Malware Config

Signatures

Files

0cdd33de1f17268fe1059e249ea059830df1c7e83448403e680273021cf31fe6
.exe windows x86

b1bcc1ded530df529b82c48150be371a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

unrar

RAROpenArchive
RARProcessFile
RARReadHeader
RARCloseArchive

kernel32

InterlockedExchange
MultiByteToWideChar
WideCharToMultiByte
GetLastError
lstrlenW
CompareStringA
CompareStringW
lstrcmpiA
lstrlenA
InitializeCriticalSection
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
SetLastError
OpenEventA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleFileNameA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetFilePointer
IsValidCodePage
GetOEMCP
GetCPInfo
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
SetEvent
ExitProcess
HeapSize
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
HeapCreate
HeapDestroy
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
WriteFile
GetTimeZoneInformation
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetModuleHandleA
CreateThread
CloseHandle
DeleteFileA
GetSystemDefaultLCID
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
VirtualQuery
RaiseException
SetEndOfFile
GetSystemInfo
VirtualProtect
GetStringTypeW
GetStringTypeA
LCMapStringW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
MoveFileA
ReadFile
SetEnvironmentVariableA
ResetEvent
Sleep
FreeEnvironmentStringsA
GetCurrentThreadId
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetACP
GetLocaleInfoA
GetThreadLocale
GetSystemTimeAsFileTime
RtlUnwind
HeapReAlloc
LCMapStringA

user32

DefWindowProcA
CreateDialogParamA
CharNextA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetSystemMetrics
LoadImageA
LoadBitmapA
UnregisterClassA
SetWindowLongA
PostQuitMessage
PostMessageA
IsDialogMessageA
MessageBoxA
GetDlgItem
EnableWindow
ShowWindow
EndPaint
BeginPaint
SetWindowTextA
SendMessageA
DestroyWindow
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
GetParent
GetWindowLongA
GetDC

gdi32

CreateCompatibleDC
SelectObject
BitBlt

advapi32

RegSetValueExA
RegDeleteValueA
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA

shell32

ShellExecuteExW

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarUI4FromStr

shlwapi

PathFileExistsA

comctl32

InitCommonControlsEx

httpdownwtp

DownLoadFiles
IfNeedUpdate
setFilePointer

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

rbtnsl
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 148KB - Virtual size: 145KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1bcc1ded530df529b82c48150be371a

Headers

File Characteristics

Imports

unrar

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

httpdownwtp

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 144KB - Virtual size: 141KB

rbtnsl Size: - Virtual size: 4KB

Size: 148KB - Virtual size: 145KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 144KB - Virtual size: 141KB

rbtnsl
Size: - Virtual size: 4KB