0fceddbcf2d7b956187f3e0620e9e471141f7b34394b61195cb310e81df57c79

Sharing

Copy URL Twitter E-mail

General

Target

0fceddbcf2d7b956187f3e0620e9e471141f7b34394b61195cb310e81df57c79
Size

1.2MB
MD5

0cecf1a617edb33a3532261e8c40725b
SHA1

a658117d31bf9bcaf7c2a4e008df029ff056c689
SHA256

0fceddbcf2d7b956187f3e0620e9e471141f7b34394b61195cb310e81df57c79
SHA512

16ed4c2ef1549e1c750a3226adcf6a00dfc6102fa707aa1413663c5122fc8a5dec20ae323259c7a511cd28ac282ce353c824d271803f078b743f5ebb6a295366
SSDEEP

24576:SLqGK+WrDfbSNSqVmeTgSX8cT6O2chU03MLc0EzNMddjQhBj7ncRVpO7AWi+vX59:SLKtbSNSqV9USMs6Lj08LMzEQL7ncHRR

Score

N/A

Malware Config

Signatures

Files

0fceddbcf2d7b956187f3e0620e9e471141f7b34394b61195cb310e81df57c79
.exe windows x86

29d9f457fa2b8cc794e14569551a5126

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyA
CryptHashData
RegOpenKeyA
RegQueryValueExW
CryptGetDefaultProviderW
DuplicateTokenEx
RegCloseKey
CryptCreateHash
RegQueryInfoKeyW
ReportEventA
RegCreateKeyA
RevertToSelf
CryptContextAddRef
CryptEnumProvidersA
RegSetKeySecurity
LookupPrivilegeNameW
InitiateSystemShutdownW
CryptDuplicateKey
CryptReleaseContext
LookupAccountNameW
CryptVerifySignatureA
RegLoadKeyW

user32

EnumDisplaySettingsA
WINNLSEnableIME
BeginPaint
PostMessageW
MessageBoxW
EndTask
RegisterClassExA
ShowWindow
CreateWindowExA
RegisterClassA

kernel32

SetStdHandle
HeapReAlloc
WriteFileEx
GetSystemTime
GetCurrentThreadId
SetUnhandledExceptionFilter
SetConsoleTitleW
GetEnvironmentStringsW
GetACP
LCMapStringA
GetStdHandle
GetProcAddress
FormatMessageW
ExitProcess
ExpandEnvironmentStringsA
CompareStringW
VirtualAlloc
QueryPerformanceCounter
ReadFile
CreateEventA
GetModuleFileNameW
SetHandleCount
EnumResourceLanguagesW
GetStartupInfoA
TlsAlloc
GetSystemTimeAsFileTime
TlsGetValue
LCMapStringW
InterlockedDecrement
TlsFree
WaitNamedPipeW
CloseHandle
HeapFree
SetFilePointer
GetThreadPriority
InitializeCriticalSection
FindFirstFileA
IsBadReadPtr
GetTimeZoneInformation
GetModuleHandleA
FreeEnvironmentStringsW
lstrcmpA
CreateFileA
WriteFile
VirtualFree
WideCharToMultiByte
GetCurrentProcessId
GetEnvironmentStrings
GetLocalTime
HeapDestroy
TlsSetValue
GetOEMCP
GetTimeFormatA
CompareStringA
InterlockedIncrement
SetEvent
FlushFileBuffers
DeleteCriticalSection
LoadLibraryA
RtlUnwind
InterlockedExchange
SetConsoleTitleA
VirtualQuery
GetTickCount
CreateMutexA
GetFileType
HeapCreate
IsBadWritePtr
WaitForSingleObjectEx
GetModuleFileNameA
TerminateProcess
GetStringTypeA
OpenMutexA
GetLastError
HeapAlloc
FreeEnvironmentStringsA
GetVersion
SetLastError
lstrcpynA
GetDiskFreeSpaceExA
LeaveCriticalSection
GetCommandLineA
EnterCriticalSection
GetCPInfo
GetCurrentThread
GetCurrentProcess
SetEnvironmentVariableA
GetStringTypeW
MultiByteToWideChar
UnhandledExceptionFilter

wininet

InternetTimeToSystemTimeA
SetUrlCacheEntryGroupW
UnlockUrlCacheEntryStream
UnlockUrlCacheEntryFile
InternetCrackUrlA
FindFirstUrlCacheEntryExW
FindNextUrlCacheContainerA
InternetFindNextFileA
InternetGetCertByURLA

comctl32

InitCommonControlsEx

comdlg32

ReplaceTextW
GetSaveFileNameW

Sections

.text
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 827KB - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29d9f457fa2b8cc794e14569551a5126

Headers

File Characteristics

Imports

advapi32

user32

kernel32

wininet

comctl32

comdlg32

Sections

.text Size: 330KB - Virtual size: 329KB

.rdata Size: 26KB - Virtual size: 49KB

.data Size: 827KB - Virtual size: 780KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 330KB - Virtual size: 329KB

.rdata
Size: 26KB - Virtual size: 49KB

.data
Size: 827KB - Virtual size: 780KB

.rsrc
Size: 19KB - Virtual size: 19KB