0cf993ae2045c7d8c626ffda33e63ea141f2ebd8a870a025c8af4ede27ca982b

Sharing

Copy URL Twitter E-mail

General

Target

0cf993ae2045c7d8c626ffda33e63ea141f2ebd8a870a025c8af4ede27ca982b
Size

955KB
MD5

800ed9b88a28618fd6b82648b4a48fd0
SHA1

972f31f96e0c399bddde619c6482a756d4e76d05
SHA256

0cf993ae2045c7d8c626ffda33e63ea141f2ebd8a870a025c8af4ede27ca982b
SHA512

fe9588eea2f048df6a506fbe8cc5c3d8bd9772abe610d64fab328ac86b45daf1faa28ba02ad97d0a16dcc80f60ddbe7723a3830cf86b05d13259b3fbf8b0b5b9
SSDEEP

24576:dlGyYd7YFh3OAqlAP4kI88JRPD1ATnUcjRGHg1:nHFy/kI88J5DCTDkg1

Score

N/A

Malware Config

Signatures

Files

0cf993ae2045c7d8c626ffda33e63ea141f2ebd8a870a025c8af4ede27ca982b
.exe windows x86

c92ab2161118a804d95df39a4009a847

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
CreateFileW
lstrlenW
GetProcAddress
GetLocalTime
lstrcatW
IsDebuggerPresent
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
lstrcpyW
CreateDirectoryW
SetLastError
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
GetTempPathW
InterlockedIncrement
InterlockedCompareExchange
WideCharToMultiByte
MultiByteToWideChar
MoveFileExW
WaitForSingleObject
GlobalAlloc
Sleep
CopyFileW
GetExitCodeProcess
FileTimeToSystemTime
GlobalFree
GetFileTime
DeleteFileW
SetFileAttributesW
ExitThread
CreateEventW
WaitForMultipleObjects
DuplicateHandle
LocalFree
CreateThread
WriteFile
FindClose
LocalAlloc
FindNextFileW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetSystemDirectoryW
RemoveDirectoryW
CreateMutexW
OpenMutexW
ReleaseMutex
GetFileSize
ReadFile
FlushFileBuffers
FreeLibrary
GetVersionExW
GlobalLock
GlobalUnlock
GlobalHandle
CreateFileA
FormatMessageW
HeapAlloc
GetTimeZoneInformation
HeapReAlloc
GetSystemTimeAsFileTime
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
FileTimeToLocalFileTime
GetDriveTypeW
ResumeThread
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
RtlUnwind
GetDriveTypeA
GetFileType
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
LCMapStringW
GetModuleHandleA
SetStdHandle
GetConsoleCP
GetConsoleMode
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetModuleHandleW
GetCurrentProcess
SetUnhandledExceptionFilter
CreateProcessW
VirtualQuery
SetFilePointer
HeapFree
LoadLibraryW
GetLastError
FindFirstFileW
GetSystemDefaultLangID

user32

wvsprintfW
FillRect
DefWindowProcW
CallWindowProcW
EndPaint
DestroyWindow
GetWindowRect
GetWindowDC
DrawTextW
SetForegroundWindow
IsWindow
GetParent
TrackMouseEvent
IsWindowEnabled
GetClientRect
BeginPaint
GetDC
GetForegroundWindow
InvalidateRect
GetWindowLongW
GetWindowTextW
ReleaseDC
ScrollWindow
SetWindowLongW
EndDialog
SetWindowPos
CheckDlgButton
IsDlgButtonChecked
CreateWindowExW
EnumWindows
GetSystemMetrics
SystemParametersInfoW
DialogBoxParamW
SendMessageW
MessageBoxW
GetFocus

gdi32

StretchBlt
CreateSolidBrush
GetStockObject
CreatePen
Rectangle
SelectObject
DeleteObject
SetBkMode
CreateFontIndirectW
SetTextColor
GetTextExtentPoint32W
CreateDIBSection
BitBlt
DeleteDC
GetObjectW
StretchDIBits
CreateCompatibleBitmap
SelectClipRgn
CreateCompatibleDC

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

imm32

ImmDisableIME

comctl32

InitCommonControlsEx

msimg32

TransparentBlt
AlphaBlend
GradientFill

advapi32

RegOpenKeyExW
RegEnumKeyW
RegCreateKeyExW
RegQueryValueExW
RegQueryInfoKeyW
SetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetSidLengthRequired
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeAcl
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAceEx
LookupAccountSidW
GetTokenInformation
OpenProcessToken
RegSetValueExW
RegCloseKey

shell32

ShellExecuteExW
SHFileOperationW
SHGetFolderPathW
ShellExecuteW

Sections

.text
Size: 687KB - Virtual size: 686KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c92ab2161118a804d95df39a4009a847

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

version

imm32

comctl32

msimg32

advapi32

shell32

Sections

.text Size: 687KB - Virtual size: 686KB

.rdata Size: 187KB - Virtual size: 186KB

.data Size: 19KB - Virtual size: 42KB

.rsrc Size: 12KB - Virtual size: 14KB

.text
Size: 687KB - Virtual size: 686KB

.rdata
Size: 187KB - Virtual size: 186KB

.data
Size: 19KB - Virtual size: 42KB

.rsrc
Size: 12KB - Virtual size: 14KB