1cc586bf896566628bc51722829ba730767827b1d797677d28a05c29ac02364d

Sharing

Copy URL Twitter E-mail

General

Target

1cc586bf896566628bc51722829ba730767827b1d797677d28a05c29ac02364d
Size

412KB
MD5

a0be6def5d9a70e8fcded867ddba4660
SHA1

bd8c39e61702271391b4e4c53b7d9075bf8b9f93
SHA256

1cc586bf896566628bc51722829ba730767827b1d797677d28a05c29ac02364d
SHA512

bba5a67341f345367dd6f9e64aee32dfe42fe24befda07aa6a95bd93544f8c9cf3e69515aba00965284bd5783835a8f1172e90d120a8a8287bb967ba7fd30a49
SSDEEP

6144:W+hUG8GmfHNodnGOfrElAMmS34kIVsPXBn/0bfKG:FhUG8NNunGOTMmSCg12KG

Score

N/A

Malware Config

Signatures

Files

1cc586bf896566628bc51722829ba730767827b1d797677d28a05c29ac02364d
.dll windows x86

55abe24e0e97cf240fd104b6949038a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
lstrlenA
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
GetLocalTime
InterlockedDecrement
GlobalLock
GlobalUnlock
GlobalFree
CreateFileW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
GetFileSize
GetTempPathW
GetTempFileNameW
GetLocaleInfoW
MoveFileW
InterlockedIncrement
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
GetEnvironmentStrings
FreeEnvironmentStringsA
GetUserDefaultLCID
GetVersionExW
FreeLibrary
GetProcAddress
LoadLibraryW
CreateThread
GetExitCodeThread
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
DeleteFileW
GetLastError
LocalFree
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStartupInfoA
GetFileType
SetHandleCount
ExitProcess
GetOEMCP
VirtualAlloc
VirtualFree
HeapCreate
SetLastError
TlsFree
TlsSetValue
GetConsoleMode
GetConsoleCP
LoadLibraryA
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TlsGetValue
TlsAlloc
FreeEnvironmentStringsW

user32

UnregisterClassA

advapi32

CryptHashData
CryptCreateHash
CryptAcquireContextW
CryptDecrypt
CryptReleaseContext
CryptDestroyKey
CryptDestroyHash
CryptEncrypt
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
CryptDeriveKey

ole32

OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
GetHGlobalFromStream
CreateStreamOnHGlobal
CoUninitialize
CoInitialize

oleaut32

VariantClear
SysStringLen
SysAllocStringLen
VarBstrCmp
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocString
GetErrorInfo

wininet

InternetOpenW
InternetReadFile
InternetQueryDataAvailable
HttpQueryInfoW
HttpEndRequestW
InternetWriteFile
InternetSetStatusCallbackW
HttpSendRequestExW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetSetOptionW
InternetCloseHandle
HttpAddRequestHeadersW
InternetCrackUrlW
InternetReadFileExA

Exports

Exports

CIG_ConnctionCreateInstance
CUral_ConnectionCreateInstance
CUral_CryptCreateInstance
CUral_SessionCreateInstance
CreateObjectFactory

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

55abe24e0e97cf240fd104b6949038a0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 16KB - Virtual size: 12KB

.text Size: 184KB - Virtual size: 184KB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 12KB

.text
Size: 184KB - Virtual size: 184KB