c2f5f12003872d22d5ab7c5a6c46300c56dd6de0179ac6ee77b0b4169ace1f05

Sharing

Copy URL Twitter E-mail

General

Target

c2f5f12003872d22d5ab7c5a6c46300c56dd6de0179ac6ee77b0b4169ace1f05
Size

126KB
MD5

115dfb851fbcdc5a9d48a2e38536a184
SHA1

41cd06c6e2d7afb9efa67a00b090a9f2130c2ffd
SHA256

c2f5f12003872d22d5ab7c5a6c46300c56dd6de0179ac6ee77b0b4169ace1f05
SHA512

060ba4e41516ec2847b463b7882f8dd789496a5c4d9e936d2dce5c7c3b82e1bd239fa96ceeb3d2cf9a1873fa32ae3244eefcfa1e1a5b0c7f16a8f4e04ab4966b
SSDEEP

3072:rD1FWTcI7Jz45t4oNu3roT0EtuKUxmMEVX:Wl45zg7o0fxmMg

Score

N/A

Malware Config

Signatures

Files

c2f5f12003872d22d5ab7c5a6c46300c56dd6de0179ac6ee77b0b4169ace1f05
.exe windows x86

ece019cc140fa047512ae27b8454495c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__initenv
wcschr
_acmdln
log
_wtol
fsetpos
_flsbuf
wcstombs
exit
__p__commode
_XcptFilter
_initterm
__p__fmode
strncat
_setmode
_adjust_fdiv
__getmainargs
log10
strncmp
_controlfp
_except_handler3
__set_app_type
__setusermatherr
free

kernel32

GetStartupInfoA
GetTempPathA
VirtualAlloc
GlobalFree
InterlockedExchange
VirtualProtect
SetLastError
GetModuleHandleA
FileTimeToSystemTime

advapi32

RegSetValueExA
RegCreateKeyExW
InitiateSystemShutdownA
SetSecurityDescriptorGroup
ControlService
QueryServiceStatus
RegQueryValueExA
CheckTokenMembership
RegOpenKeyExA
RegEnumKeyExW

gdi32

SetRectRgn
GetDIBColorTable
SetMapMode
GetDCOrgEx
LineTo
CreateDCA
FillRgn
GetStretchBltMode
IntersectClipRect

version

VerFindFileW
GetFileVersionInfoSizeW
VerInstallFileW
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA

comctl32

PropertySheetA
ImageList_GetBkColor
ImageList_Add
CreateToolbarEx
ImageList_EndDrag
ImageList_DragLeave
ImageList_Write
ImageList_ReplaceIcon
PropertySheetW
ImageList_LoadImageW
ImageList_Create

shell32

ShellExecuteEx
ShellExecuteA
SHGetFolderPathW
SHChangeNotify
CommandLineToArgvW
Shell_NotifyIconW
SHCreateDirectoryExA
SHGetDiskFreeSpaceExW
SHBindToParent
SHGetPathFromIDListA

oleaut32

VariantInit
SysStringLen
SafeArrayRedim
SafeArrayUnaccessData
VariantClear

ole32

CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoGetClassObject
CoGetMalloc
CoCreateInstance
CoRevokeClassObject
DoDragDrop
OleIsCurrentClipboard
OleDraw
OleInitialize
CoReleaseMarshalData
StgCreateDocfileOnILockBytes
IIDFromString
CoFreeUnusedLibraries

user32

ShowWindow
SystemParametersInfoA
GetDCEx
ShowOwnedPopups
CheckMenuItem
DestroyMenu
SendDlgItemMessageA
GetMenuState
WindowFromPoint
GetForegroundWindow
SetPropA

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ece019cc140fa047512ae27b8454495c

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

gdi32

version

comctl32

shell32

oleaut32

ole32

user32

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 41KB

.rsrc Size: 90KB - Virtual size: 164KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 41KB

.rsrc
Size: 90KB - Virtual size: 164KB