c2c31909da3c13fed4e20a1ab1cd8c9e89e487c050b102ccbc1de3fb865defcb

Sharing

Copy URL

Twitter E-mail

General

Target

c2c31909da3c13fed4e20a1ab1cd8c9e89e487c050b102ccbc1de3fb865defcb
Size

111KB
MD5

8089cc39fd52402d2c881c288fef9580
SHA1

067016455869c5814ac00ebf6b07113f08525186
SHA256

c2c31909da3c13fed4e20a1ab1cd8c9e89e487c050b102ccbc1de3fb865defcb
SHA512

70535b21ccf1777404f953e5a99c3d8438cc221474b3f9385bf1bc5d1726cd00d0979b68bf6b137a5912741a1d9b718b6b1e42152e60ec550b78e1e2867d2cb5
SSDEEP

3072:54crk7PTUxriZiPeM27LlNi8SikblPS3FLpM2H752QsAL:5pSGe/7LlNi8Mx63FO2HkyL

Score

N/A

Malware Config

Signatures

Files

c2c31909da3c13fed4e20a1ab1cd8c9e89e487c050b102ccbc1de3fb865defcb
.exe windows x86

1101b5ccf082394a67f3b350d2a2714e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CopySid
GetLengthSid
IsValidSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetTokenInformation
AddAce
GetAce
GetAclInformation
AddAccessAllowedAce
InitializeAcl
EventRegister
EventUnregister
EventWrite
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenProcessToken
OpenThreadToken
LookupAccountNameW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RevertToSelf
GetSecurityDescriptorLength
ImpersonateLoggedOnUser
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegEnumValueW
RegQueryValueExW
RegDeleteKeyExW
LookupAccountSidW
CreateWellKnownSid
ConvertStringSecurityDescriptorToSecurityDescriptorA

kernel32

GlobalUnlock
GlobalLock
MapViewOfFile
GlobalFree
GlobalAlloc
GetHandleInformation
SetErrorMode
GetCurrentProcessId
HeapSetInformation
RaiseException
InitializeCriticalSection
DeleteCriticalSection
SearchPathW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetVersionExW
CreateFileW
CreateFileMappingW
FindResourceExW
WaitForSingleObject
ReleaseMutex
WaitForMultipleObjects
OutputDebugStringW
CopyFileA
DeleteFileA
FlushViewOfFile
GetLocalTime
CreateFileA
UnmapViewOfFile
FormatMessageW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
LocalFree
SetPriorityClass
SetLastError
ExpandEnvironmentStringsW
OutputDebugStringA
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
lstrlenA
GetLastError
WideCharToMultiByte
InterlockedIncrement
InterlockedExchange
GetVersionExA
GetModuleFileNameW
SetEvent
GetProcessTimes
GetCurrentProcess
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection
lstrlenW
InterlockedDecrement
CloseHandle
GetModuleHandleW
GetProcAddress
GetCurrentThread
GetThreadTimes

msvcrt

_iob
fprintf
_wcsnicmp
_purecall
malloc
free
_itow_s
strncmp
wcsncmp
bsearch
_controlfp
_onexit
_lock
__dllonexit
_unlock
_errno
realloc
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
memcpy
_wtoi
memset
wcsncpy_s
_CxxThrowException
memcpy_s
__CxxFrameHandler3
_vsnwprintf
_ultow
_wcsicmp
_vsnprintf
strerror

user32

UnregisterClassA
LoadStringW
CharNextW

ole32

CoTaskMemAlloc
CoTaskMemFree
StringFromCLSID
CoTaskMemRealloc
CoUninitialize
CoReleaseMarshalData
CoMarshalInterface
CreateStreamOnHGlobal
CoGetMarshalSizeMax
CoInitializeSecurity
CoInitializeEx
CoCreateInstance

oleaut32

VarUI4FromStr

tquery

?ciDelete@@YGXPAX@Z
?ciNewNoThrow@@YGPAXI@Z

imm32

ImmDisableIME

msshooks

LoadMSSearchHooks

mscoree

LockClrVersion

shlwapi

SHRegGetValueW

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vxevsby
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1101b5ccf082394a67f3b350d2a2714e

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

ole32

oleaut32

tquery

imm32

msshooks

mscoree

shlwapi

Sections

.text Size: 75KB - Virtual size: 74KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 32KB - Virtual size: 33KB

vxevsby Size: - Virtual size: 4KB

.text
Size: 75KB - Virtual size: 74KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 32KB - Virtual size: 33KB

vxevsby
Size: - Virtual size: 4KB