a1a2b2d8ff5c4c2deb744813ea8eb54dcf6996a04b2c9e8bef90b6930026451c

Sharing

Copy URL Twitter E-mail

General

Target

a1a2b2d8ff5c4c2deb744813ea8eb54dcf6996a04b2c9e8bef90b6930026451c
Size

970KB
MD5

988b8532ddb7c41f4085c82345515fb3
SHA1

d594fd34c3e0ea28ba0533e2380752dee4aa0911
SHA256

a1a2b2d8ff5c4c2deb744813ea8eb54dcf6996a04b2c9e8bef90b6930026451c
SHA512

d303c3a62612c0ca75d9db3455123e7b034846e1c98a5c2056d89cc570786e9e9f40bb750cdd437e426e3e6daa910c0bfd65b7adac6d9906cbf0b2347508d44f
SSDEEP

24576:wf0bj+YE/N+uzHrxGIMo4SG4g1OUjOHpkjG28xHgBgxj+AP+tKazFQIpzV0TOh:Lj+YE7Yo4R9Y3gSBSrFpzV0T

Score

N/A

Malware Config

Signatures

Files

a1a2b2d8ff5c4c2deb744813ea8eb54dcf6996a04b2c9e8bef90b6930026451c
.exe windows x86

18fddc294c94acb41b3efc2b6a322bda

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winhttp

WinHttpOpenRequest
WinHttpConnect
WinHttpCloseHandle
WinHttpSendRequest
WinHttpSetOption
WinHttpReceiveResponse
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpQueryHeaders
WinHttpOpen

shell32

SHFileOperationW
CommandLineToArgvW

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExW

advapi32

DeleteService
RegCreateKeyExW
RegOpenKeyExA
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegQueryValueExW
OpenServiceW
QueryServiceStatusEx
RegSetValueExW
ControlService
OpenSCManagerA
CloseServiceHandle
StartServiceA
RegOpenKeyExW
RegCloseKey

kernel32

LCMapStringW
GetConsoleCP
GetConsoleMode
HeapSize
RtlUnwind
GetStringTypeW
SetStdHandle
WriteConsoleW
CloseHandle
GetExitCodeProcess
FreeLibrary
GetProcAddress
GetModuleHandleW
LoadLibraryW
WaitForSingleObject
CreateProcessW
Sleep
CreateDirectoryW
ExpandEnvironmentStringsW
GetLastError
GetModuleHandleA
GetCommandLineW
InterlockedDecrement
GetLocalTime
GetVersionExW
CreateFileA
WriteFile
SetFilePointer
LocalFree
GetCurrentProcess
FlushFileBuffers
LockResource
LoadResource
FindResourceA
VirtualFree
VirtualAlloc
GetTickCount
GetVersion
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
CreateFileW
SetLastError
HeapFree
HeapAlloc
GetProcessHeap
FindClose
WideCharToMultiByte
GetVolumeInformationW
GetSystemDirectoryW
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
lstrcpyA
lstrlenA
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetModuleFileNameW
CreateThread
lstrcpynW
GetWindowsDirectoryW
lstrcatW
GetBinaryTypeW
GetSystemInfo
GlobalMemoryStatusEx
GetVersionExA
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedIncrement
GetCPInfo
SizeofResource
DeleteCriticalSection
HeapCreate
GetStdHandle
ExitProcess
RaiseException
GetCommandLineA
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
IsProcessorFeaturePresent

wininet

InternetSetOptionA

dbghelp

SymInitialize

user32

wsprintfW

ole32

CoInitializeEx
CoCreateInstance
CoInitializeSecurity
CoUninitialize

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 822KB - Virtual size: 822KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18fddc294c94acb41b3efc2b6a322bda

Headers

DLL Characteristics

File Characteristics

Imports

winhttp

shell32

psapi

advapi32

kernel32

wininet

dbghelp

user32

ole32

oleaut32

iphlpapi

version

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 19KB

.rsrc Size: 822KB - Virtual size: 822KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 19KB

.rsrc
Size: 822KB - Virtual size: 822KB

.reloc
Size: 14KB - Virtual size: 14KB