5c31fabf3b0b162bd35d38fc089c2cb99473b48b451b9c221fe319b476786e40

Sharing

Copy URL Twitter E-mail

General

Target

5c31fabf3b0b162bd35d38fc089c2cb99473b48b451b9c221fe319b476786e40
Size

1.1MB
MD5

fa9abcf6cb893230427cde04750e6104
SHA1

09635feb641f99a18252a696117f2bbf69d13163
SHA256

5c31fabf3b0b162bd35d38fc089c2cb99473b48b451b9c221fe319b476786e40
SHA512

0696678dfe399620366d9af24ec2eb1300a6d950a8bc747dd62fb7d0a50113e16607d8c2d3175742ccac69b595a765b37b282ba5b176d80c47ce8b46a2cc5848
SSDEEP

24576:TTDunsCj4FgWeT7FPGhxbIqpTuv8Ug+HorIK9ahrfCE5tD4:TnDCj4iWIhPGxMqgkUFFDhZDD4

Score

N/A

Malware Config

Signatures

Files

5c31fabf3b0b162bd35d38fc089c2cb99473b48b451b9c221fe319b476786e40
.exe windows x86

1a31a8c091e8289923a7af4ac2b8416d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetEnvironmentStrings
CompareStringA
GetTimeFormatA
GetVersionExA
WriteConsoleA
GetUserDefaultLCID
GetEnvironmentStringsW
InterlockedDecrement
GetStdHandle
MultiByteToWideChar
SetUnhandledExceptionFilter
Sleep
SetFilePointer
UnhandledExceptionFilter
SetConsoleCtrlHandler
QueryPerformanceCounter
HeapReAlloc
InterlockedIncrement
HeapDestroy
GetTimeZoneInformation
LCMapStringA
GetStartupInfoA
GetCurrentThreadId
GetACP
GetCurrentProcessId
TlsSetValue
GetSystemTimeAsFileTime
CreateMutexA
FreeEnvironmentStringsW
HeapSize
GetStringTypeW
FreeEnvironmentStringsA
FreeLibrary
GetProcAddress
GetLocaleInfoA
SetEnvironmentVariableA
WriteConsoleW
RtlUnwind
SetLastError
HeapCreate
TlsAlloc
GetCommandLineA
OpenMutexA
InterlockedExchange
InitializeCriticalSection
GetModuleHandleA
SetHandleCount
GetDateFormatA
GetTickCount
GetConsoleCP
GetConsoleMode
ReadFile
WideCharToMultiByte
GetLastError
EnterCriticalSection
GetLocaleInfoW
IsDebuggerPresent
DeleteCriticalSection
VirtualAlloc
LoadLibraryA
HeapAlloc
FlushFileBuffers
SetStdHandle
EnumSystemLocalesA
CompareStringW
LCMapStringW
TlsFree
GetStringTypeA
TerminateProcess
VirtualFree
CloseHandle
GetConsoleOutputCP
GetCurrentProcess
ExitProcess
CreatePipe
TlsGetValue
WriteFile
GetCurrentThread
HeapFree
GetFileType
IsValidCodePage
GetOEMCP
GetModuleFileNameA
LeaveCriticalSection
VirtualQuery
GetCPInfo
GetProcessHeap
IsValidLocale

advapi32

RegRestoreKeyA
LookupAccountSidA
GetUserNameA
CryptAcquireContextA
RegConnectRegistryA
RegQueryValueW

comctl32

InitCommonControlsEx
DrawStatusTextA
ImageList_Duplicate
ImageList_DragLeave

user32

MessageBoxW
CreateWindowExW
WindowFromPoint
RegisterClassExA
ShowWindow
RegisterClassA
IsCharUpperA

gdi32

AnimatePalette
GetDeviceCaps
GetColorAdjustment
DeleteDC
GetICMProfileW
AbortDoc
Escape
UpdateColors
StrokeAndFillPath
CreateDCA

wininet

GetUrlCacheEntryInfoExW
InternetTimeFromSystemTimeW
InternetSetDialStateA
FtpPutFileA
DeleteUrlCacheContainerA
InternetCloseHandle
FtpFindFirstFileA

Sections

.text
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 753KB - Virtual size: 751KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a31a8c091e8289923a7af4ac2b8416d

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

user32

gdi32

wininet

Sections

.text Size: 304KB - Virtual size: 304KB

.rdata Size: 83KB - Virtual size: 114KB

.data Size: 753KB - Virtual size: 751KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 304KB - Virtual size: 304KB

.rdata
Size: 83KB - Virtual size: 114KB

.data
Size: 753KB - Virtual size: 751KB

.rsrc
Size: 16KB - Virtual size: 15KB