cd8866eb2cbece6ba962759199a5b456e4e00334d8c46a91160cb4e20f988438

Sharing

Copy URL Twitter E-mail

General

Target

cd8866eb2cbece6ba962759199a5b456e4e00334d8c46a91160cb4e20f988438
Size

157KB
MD5

444db4fb6387135241d942f55708df83
SHA1

6be0cbea2b1d49a5fa12aa237ef59e7760937b15
SHA256

cd8866eb2cbece6ba962759199a5b456e4e00334d8c46a91160cb4e20f988438
SHA512

87c1a861bf9a3d4e6d38a4947c90178199be3b0f346acc68f56bbead2ac6227cabfb4a3698bc406d7e99a173a00618f8e493a0cb7bfd4d999036c8ed565a7574
SSDEEP

3072:F5+GMViEUkxeeIJMpNG3GS9EQS1S2LC2ZSDAd8hG8bvcoO+WIppywFSbo2Y8w:fMVrUdjJMpNqGS9KS2LC2U9oGcZIppyy

Score

N/A

Malware Config

Signatures

Files

cd8866eb2cbece6ba962759199a5b456e4e00334d8c46a91160cb4e20f988438
.exe windows x86

6b5ce669817be0bbd82c3ad540065fcc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetCurrentThread
InitializeCriticalSectionAndSpinCount
VirtualAlloc
SetStdHandle
SetUnhandledExceptionFilter
FindResourceA
GetOEMCP
CreateProcessA
SystemTimeToFileTime
CreateDirectoryA
LockResource
GetSystemTimeAsFileTime
GetFileAttributesW
GetDriveTypeW
VirtualFree
Sleep
lstrcmpW
IsBadReadPtr
lstrcatW
GetWindowsDirectoryW
GetExitCodeProcess
FlushFileBuffers
ResetEvent
FindFirstFileA
HeapReAlloc
ExitProcess
GetDriveTypeA
SetErrorMode
GetCurrentProcess
FormatMessageW
GetFileAttributesA
GetLastError
GetThreadLocale
OpenMutexW
GetCommandLineA
HeapFree
GetFileSize
GetCommandLineW
GetVersion
OpenMutexA
CreateFileMappingA
GetModuleHandleA
CreateFileW

oleaut32

LoadTypeLib
GetErrorInfo
SysStringByteLen
SafeArrayCreate
SafeArrayGetLBound
VariantChangeType
SafeArrayGetElement
CreateErrorInfo
OleLoadPicture
SafeArrayAccessData
SafeArrayGetUBound
RegisterTypeLib
SysAllocStringByteLen
VariantCopy
SysStringLen
SafeArrayPutElement
SysAllocStringLen
VariantClear
VariantCopyInd
SetErrorInfo
SysFreeString
VariantInit
SafeArrayPtrOfIndex
VariantChangeTypeEx

msvcrt

iswdigit
_tell
_CIpow
_ftol
wcstok
iswspace
mbstowcs
_exit
rand
fseek
_itoa
_vsnwprintf
swprintf
_finite
_fileno
wcsncat
strncmp
_chsize
_rotl
??3@YAXPAX@Z
memcpy
_onexit
_adjust_fdiv
_wfopen
wcscpy
__p__iob
iswctype
wcscat
wcsrchr
__CxxFrameHandler
wcschr
fflush
__pioinfo
__p__commode
_strlwr
_beginthreadex
wcstoul
printf
tolower
_except_handler3
_stat
calloc
??2@YAPAXI@Z
_ltow
__set_app_type
_wcsupr
time
wcspbrk
_ltoa
_write
strtoul
wcslen
wcsstr
atoi
atol
qsort
towupper
ctime
wcsncmp
_cexit
isspace
_stricmp
strlen
_iob
_wcsnicmp
_wtoi
_isatty
_errno
fread
srand
_commit
__dllonexit
__badioinfo
_access
_wcsdup
__getmainargs

advapi32

ChangeServiceConfigW
RegCreateKeyA
GetTokenInformation
CryptGetHashParam
MakeSelfRelativeSD
ConvertStringSecurityDescriptorToSecurityDescriptorW
CopySid
SetThreadToken
DeregisterEventSource
RegisterTraceGuidsW
LockServiceDatabase
RegCloseKey
OpenProcessToken
RegSetValueW
QueryServiceConfigW
ReportEventW
RegCreateKeyW
QueryServiceStatus
CryptDestroyHash
RegNotifyChangeKeyValue
EqualSid
RegDeleteKeyA
LookupPrivilegeValueA
AdjustTokenPrivileges
LsaClose
RegSetValueExW
RegDeleteKeyW
RegFlushKey
InitializeAcl
RegQueryInfoKeyA
DeleteService
SetSecurityDescriptorOwner
IsValidSid
RegSetValueExA
OpenSCManagerA
RegQueryValueExW
GetAce
OpenThreadToken
GetUserNameW
OpenServiceA
DuplicateTokenEx
CloseServiceHandle
GetSecurityDescriptorOwner
ConvertStringSidToSidW
GetAclInformation

ole32

CreateBindCtx
CoImpersonateClient
CoCreateGuid
StgOpenStorage
CoFreeUnusedLibraries
CoRevokeClassObject
StringFromIID
OleInitialize
CoCreateInstance
StringFromGUID2
StringFromCLSID
CoUnmarshalInterface
GetHGlobalFromStream
ReleaseStgMedium
CoUninitialize
WriteClassStm
CoGetInterfaceAndReleaseStream
CoGetClassObject
CoSetProxyBlanket
CoTaskMemFree
CoTaskMemRealloc
CoMarshalInterThreadInterfaceInStream
CoRegisterClassObject
CoInitializeEx
CLSIDFromProgID
CoInitializeSecurity
CoTaskMemAlloc
CoGetMalloc
CreateStreamOnHGlobal
CoGetObjectContext
CoCreateFreeThreadedMarshaler
CoRevertToSelf
CLSIDFromString
CoReleaseMarshalData
OleRegEnumVerbs
CoDisconnectObject
OleRegGetMiscStatus
IIDFromString
OleSaveToStream
CoCreateInstanceEx
OleRun
OleLoadFromStream
OleRegGetUserType
StgCreateDocfileOnILockBytes
ProgIDFromCLSID

user32

SetWindowLongA
GetCapture
SetCursor
ClientToScreen
GetMessageW
DestroyIcon
EndDialog
GetSystemMenu
PeekMessageW
LoadCursorW
InsertMenuA
RedrawWindow
GetSysColor
RegisterClassExA
GetSystemMetrics
LoadStringA
SetDlgItemTextW
CheckMenuItem
GetWindowRect
BeginPaint
GetWindowTextA
PostMessageA
EnableWindow
IsRectEmpty
UpdateWindow
InflateRect
GetForegroundWindow
GetWindowLongA
GetKeyState
UnregisterClassA
IsWindow
SendDlgItemMessageA
ShowWindow
SetRect
DrawTextA
CharUpperW
GetWindowPlacement
GetSysColorBrush
PeekMessageA

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textbss
Size: 1KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: 512B - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b5ce669817be0bbd82c3ad540065fcc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

oleaut32

msvcrt

advapi32

ole32

user32

Sections

.text Size: 150KB - Virtual size: 149KB

.textbss Size: 1KB - Virtual size: 51KB

.tls Size: 1024B - Virtual size: 51KB

.idata Size: 1KB - Virtual size: 51KB

.idata Size: 1024B - Virtual size: 51KB

.textbss Size: 512B - Virtual size: 50KB

.rsrc Size: 512B - Virtual size: 492B

.text
Size: 150KB - Virtual size: 149KB

.textbss
Size: 1KB - Virtual size: 51KB

.tls
Size: 1024B - Virtual size: 51KB

.idata
Size: 1KB - Virtual size: 51KB

.idata
Size: 1024B - Virtual size: 51KB

.textbss
Size: 512B - Virtual size: 50KB

.rsrc
Size: 512B - Virtual size: 492B