5c5ea197517db2d1d7546685312cbd3e37a09a8fee6ea9e30938710e063021c3

Sharing

Copy URL

Twitter E-mail

General

Target

5c5ea197517db2d1d7546685312cbd3e37a09a8fee6ea9e30938710e063021c3
Size

322KB
MD5

a2920eea3a816d0204f297f951cd54d0
SHA1

8a3f98a0f150d03f1823ccb9e66b420f407686aa
SHA256

5c5ea197517db2d1d7546685312cbd3e37a09a8fee6ea9e30938710e063021c3
SHA512

3ae9dbb9f830246f52d7e9bdc909c6b874fbd0423eaf80d56cc68e8a4b7573f4835e806b813d01374221b2bdd5bdd07793a8273859299cfdfee738e0bcb5cc2c
SSDEEP

6144:aFSjbeRALases0HssVLDHDKPu9+hxUHBjCHr7CSjqzW135aPo00UbrULumR:xYCase3ssRD2xU9CHH+A54r0umR

Score

N/A

Malware Config

Signatures

Files

5c5ea197517db2d1d7546685312cbd3e37a09a8fee6ea9e30938710e063021c3
.exe windows x86

5a83490611ef41fee58da1b33beea863

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageW
GetModuleFileNameW
lstrlenW
lstrlenA
InterlockedDecrement
EnterCriticalSection
GetTickCount
RemoveDirectoryA
GetLastError
SetLastError
FindResourceW
GetSystemInfo
SetUnhandledExceptionFilter
DeleteCriticalSection
LocalFree
HeapFree
GetProcAddress
SizeofResource
QueryPerformanceCounter
OutputDebugStringA
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcmpiW
LeaveCriticalSection
HeapDestroy
HeapAlloc
lstrcpynW
GetEnvironmentStringsA
lstrcpyW
GetUserDefaultLCID
LoadResource
LoadLibraryA
MultiByteToWideChar
lstrcatW
GetProcessHeap
FlushInstructionCache
FreeLibrary
GetCurrentProcess
VirtualFree
InterlockedIncrement

msvcrt

realloc
free
_except_handler3
??2@YAPAXI@Z
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_adjust_fdiv
swprintf
__CxxFrameHandler
wcsncpy
wcscat
wcscmp
malloc
wcslen
_initterm
?terminate@@YAXXZ

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CoSetProxyBlanket

user32

GetSystemMetrics
SystemParametersInfoW
MessageBoxW
ShowWindow
SendMessageW
CopyRect
SendDlgItemMessageW
DrawTextW
GetDlgItemTextW
EnableWindow
GetDlgItem
DestroyWindow
SetFocus
MapWindowPoints
GetWindowRect
LoadImageW
LoadStringW
SetWindowPos
GetWindowLongW
SetDlgItemTextW
EndDialog
CreateDialogParamW
CharNextW
SetWindowLongW
SetWindowTextW
GetDialogBaseUnits
GetParent
GetWindow
DialogBoxParamW
GetClientRect

shell32

ShellExecuteW
SHGetFolderPathW

untfs

Extend
ChkdskEx
Format
Chkdsk
Recover
FormatEx

advapi32

RegEnumKeyExW
UnregisterTraceGuids
RegSetValueExW
GetTraceLoggerHandle
GetTraceEnableFlags
TraceMessage
RegQueryInfoKeyW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegisterTraceGuidsW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
GetTraceEnableLevel

rpcrt4

CStdStubBuffer_Invoke
NdrDllRegisterProxy
CStdStubBuffer_QueryInterface
IUnknown_AddRef_Proxy
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_Connect
NdrOleFree
CStdStubBuffer_IsIIDSupported
NdrOleAllocate
CStdStubBuffer_AddRef
IUnknown_Release_Proxy
NdrDllUnregisterProxy
CStdStubBuffer_Disconnect
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrDllGetClassObject
IUnknown_QueryInterface_Proxy

gdi32

SetBkMode

Sections

text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a83490611ef41fee58da1b33beea863

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ole32

user32

shell32

untfs

advapi32

rpcrt4

gdi32

Sections

text Size: 117KB - Virtual size: 116KB

.rdata Size: 173KB - Virtual size: 172KB

.rsrc Size: 30KB - Virtual size: 30KB

text
Size: 117KB - Virtual size: 116KB

.rdata
Size: 173KB - Virtual size: 172KB

.rsrc
Size: 30KB - Virtual size: 30KB