18bedfcc186445a3a64979a894e75b0211abf999fc8d56ccecae61e1ee12f732

Sharing

Copy URL Twitter E-mail

General

Target

18bedfcc186445a3a64979a894e75b0211abf999fc8d56ccecae61e1ee12f732
Size

245KB
MD5

0c07ef15c71e0e2fd8a30711ea1905e2
SHA1

9d5e4cf695e81e50661c803ecab86621a4a3bd61
SHA256

18bedfcc186445a3a64979a894e75b0211abf999fc8d56ccecae61e1ee12f732
SHA512

10367b526cecdd673472e70a81f1a3e9877dcc7701a9321be5f2bef57411d330ebd6a37e7db9803f967fe8465bccc92f5d4cf0ca895ac66cfb4e26276385ec20
SSDEEP

6144:zhqcSEkeQZYZmv9fYCb8dYupNbcRR6mxWK6tscL:4HeaaCb8d15cPHxm2cL

Score

N/A

Malware Config

Signatures

Files

18bedfcc186445a3a64979a894e75b0211abf999fc8d56ccecae61e1ee12f732
.exe windows x86

c20937dcc5b041025ad45241cada6624

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

accept
connect
WSACancelBlockingCall
WSAUnhookBlockingHook

kernel32

WideCharToMultiByte
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
WriteFile
GetStdHandle
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
VirtualAlloc
HeapReAlloc
SetUnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CompareStringA
MultiByteToWideChar
CompareStringW
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
TerminateProcess
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsGetValue
GetModuleHandleW
RaiseException
HeapAlloc
HeapFree
GetStartupInfoA
GetSystemTimeAsFileTime
lstrlenA
FreeEnvironmentStringsA
TlsAlloc
LoadLibraryA
CloseHandle
TlsSetValue
GetModuleFileNameA
CreateMutexA
GetLastError
lstrcmpA
FindNextVolumeMountPointA
GetCommandLineA
FlushConsoleInputBuffer
CreateFiberEx
FreeUserPhysicalPages
FindResourceExA
GenerateConsoleCtrlEvent
ReadProcessMemory
IsBadCodePtr
GetModuleFileNameW
lstrlenW
ConvertDefaultLocale
WriteProcessMemory
DisconnectNamedPipe
FindVolumeMountPointClose
GetCurrentProcess
IsDebuggerPresent
GetModuleHandleA
FlushInstructionCache
lstrcatA
lstrcmpiA
CreateTimerQueue
Sleep
IsDBCSLeadByteEx
FlushViewOfFile
AssignProcessToJobObject
FreeEnvironmentStringsW
IsDBCSLeadByte
lstrcpyA
FindResourceA
GetProcAddress
IsBadReadPtr
ExitProcess
HeapSize

user32

DialogBoxParamA
mouse_event
EndDialog
UserHandleGrantAccess
DrawIconEx
ShowOwnedPopups
ShowCursor
DestroyCursor
UnloadKeyboardLayout
UnhookWindowsHook
GetAltTabInfoA
DestroyMenu
ArrangeIconicWindows
FreeDDElParam
UpdateLayeredWindow
DlgDirListW
AnimateWindow
SetWindowWord
GetCaretBlinkTime
SystemParametersInfoW
TrackPopupMenuEx
MessageBoxA
TrackMouseEvent
EndDeferWindowPos
ShowScrollBar

gdi32

CreatePolygonRgn
PaintRgn
GetMetaRgn
GetMiterLimit
SetWindowOrgEx
GetKerningPairsW
GetRgnBox
GetWindowOrgEx
CombineTransform
ResizePalette
GetTextFaceA
SetDIBitsToDevice
GetMapMode
RemoveFontResourceExW
GetRandomRgn
GetTextExtentExPointI
GetSystemPaletteEntries
UpdateColors
GetTextColor
BitBlt
CreateEnhMetaFileW
SetDCPenColor
SetWorldTransform
CreatePatternBrush
SetStretchBltMode
RemoveFontResourceA
GetOutlineTextMetricsA
SetWindowExtEx
CombineRgn
MaskBlt
StartDocW
GetStretchBltMode
LineTo
SetPaletteEntries
SetLayout
CloseFigure
SetICMProfileA
CancelDC
GetICMProfileW
SetROP2
CreateDiscardableBitmap
ColorCorrectPalette
CloseMetaFile
OffsetWindowOrgEx
PatBlt
SetTextJustification
GetWindowExtEx
SetDeviceGammaRamp
SetICMMode
Rectangle
SetViewportOrgEx
GetPath
SetDCBrushColor
PlayMetaFile
GetTextFaceW
SetAbortProc
InvertRgn
StretchBlt
Chord
SetTextColor
StartPage
GetKerningPairsA
ScaleWindowExtEx

shell32

SHGetFileInfoA

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c20937dcc5b041025ad45241cada6624

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

shell32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 76KB - Virtual size: 76KB

.0rdata Size: 20KB - Virtual size: 20KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 76KB - Virtual size: 76KB

.0rdata
Size: 20KB - Virtual size: 20KB