7d45e981be981d6fdacbebd36dc4ee2eafbbde1e2d73dc5a3ae3d1e979699bbb

Sharing

Copy URL Twitter E-mail

General

Target

7d45e981be981d6fdacbebd36dc4ee2eafbbde1e2d73dc5a3ae3d1e979699bbb
Size

1.0MB
MD5

59fff1928bc3bfc49b25d0d2cb0743fc
SHA1

cecd7ea675f8e80510ab49524fa18285adcbfc02
SHA256

7d45e981be981d6fdacbebd36dc4ee2eafbbde1e2d73dc5a3ae3d1e979699bbb
SHA512

060fee37ee2613ea9ba58d3caa285ce92152f10823ffb3d061d59a95a2721e4c04413ed1e6e89895a4434ca0166224de2e239133f6b21a44f53ab504eac9af57
SSDEEP

12288:r+cLUvyVkbXbgvnfn4ZZum5iip2aPYoo/R0FbdKibSiucC:MyVLvnibiipbI2FJK9D

Score

N/A

Malware Config

Signatures

Files

7d45e981be981d6fdacbebd36dc4ee2eafbbde1e2d73dc5a3ae3d1e979699bbb
.exe windows x86

842ef7bf587701e9f3d2c69377fd8d97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
Sleep
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
MultiByteToWideChar
GetLocaleInfoA
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetFileTime
GetFileAttributesW
LocalFileTimeToFileTime
GetLocalTime
SystemTimeToFileTime
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
GetFileInformationByHandle
SetEndOfFile
CreateProcessA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetFileAttributesA
SetFilePointer
SetStdHandle
RaiseException
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetConsoleMode
GetConsoleCP
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineA
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleA
GetProcAddress
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetTimeFormatA
FindFirstFileA
GetDriveTypeA
CreateThread
ExitThread
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
SetEnvironmentVariableW
GetFullPathNameW
CreateDirectoryW
CreateMutexA
ReleaseMutex
FlushFileBuffers
WaitForSingleObject
CloseHandle
CreateEventW
GetVersionExW
SetEvent
DeleteFileW
lstrcmpW
RemoveDirectoryW
lstrcmpiW
FindClose
FindNextFileW
FindFirstFileW
CopyFileW
CreateFileW
LocalFree
LocalSize
LocalAlloc
lstrlenW
LoadLibraryW
FormatMessageW
GetSystemDirectoryW
GetExitCodeProcess
CreateProcessW
SetCurrentDirectoryW
GetCurrentDirectoryW
OpenProcess
GetComputerNameExW
GetSystemInfo
GetModuleHandleW
MoveFileW
GetFileSize
CreateMutexW
SuspendThread
ResumeThread
ReadFile

wsock32

inet_addr
gethostbyname
WSACleanup
WSAStartup
gethostbyaddr
ioctlsocket
ntohl
ntohs
bind
htons
htonl
socket
closesocket
recvfrom
sendto
__WSAFDIsSet
gethostname
WSAGetLastError
select

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameW

advapi32

CryptAcquireContextW
EnumDependentServicesW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
CryptDecrypt
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptEncrypt
CryptDestroyHash
CryptGetUserKey
CryptGenKey
CryptReleaseContext
CryptDestroyKey
ControlService
SetServiceStatus
RegisterServiceCtrlHandlerExW
StartServiceW
QueryServiceStatusEx
OpenServiceW
DeleteService
OpenSCManagerW
CreateServiceW
ChangeServiceConfig2W
CloseServiceHandle
StartServiceCtrlDispatcherW

winhttp

WinHttpReadData
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpQueryOption
WinHttpSetOption
WinHttpAddRequestHeaders
WinHttpOpenRequest
WinHttpCloseHandle
WinHttpConnect
WinHttpOpen
WinHttpQueryDataAvailable

user32

GetDesktopWindow
wsprintfW

ole32

CoInitializeSecurity
CoUninitialize
CoCreateInstance
CoSetProxyBlanket
CoInitializeEx

oleaut32

VariantInit
CreateErrorInfo
VariantClear
SysFreeString
SysAllocString
GetErrorInfo
VariantChangeType
SetErrorInfo

Sections

.text
Size: 764KB - Virtual size: 762KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

842ef7bf587701e9f3d2c69377fd8d97

Headers

File Characteristics

Imports

kernel32

wsock32

psapi

advapi32

winhttp

user32

ole32

oleaut32

Sections

.text Size: 764KB - Virtual size: 762KB

.rdata Size: 152KB - Virtual size: 148KB

.data Size: 96KB - Virtual size: 108KB

.idata Size: 12KB - Virtual size: 9KB

.text
Size: 764KB - Virtual size: 762KB

.rdata
Size: 152KB - Virtual size: 148KB

.data
Size: 96KB - Virtual size: 108KB

.idata
Size: 12KB - Virtual size: 9KB