c750acd2dd61b3231a2ce68baf8a0203f8d3efd84fd79dba6bdf4885a4bc547a

Sharing

Copy URL Twitter E-mail

General

Target

c750acd2dd61b3231a2ce68baf8a0203f8d3efd84fd79dba6bdf4885a4bc547a
Size

244KB
MD5

2a1e9c67c5a546c6be646efae7a14981
SHA1

d46fed34dba0f791fa88a158b3b1a2b3ad1673b8
SHA256

c750acd2dd61b3231a2ce68baf8a0203f8d3efd84fd79dba6bdf4885a4bc547a
SHA512

6cfcba4795735e995d608168fc71d34f477b41937dab03944719ba7de95ece78c675e01b47cdc810007de39701f3797655f54c998690b7e9c5ae44a3f8f7b2a0
SSDEEP

6144:Hrh+Q9uUmYgPyIJRodd0BIsW7hGUIYxVW:H1+au0gtvodgIdRxVW

Score

N/A

Malware Config

Signatures

Files

c750acd2dd61b3231a2ce68baf8a0203f8d3efd84fd79dba6bdf4885a4bc547a
.exe windows x86

b405fa6a66bdfdf6f365f2139fc8148a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

urlmon

URLOpenBlockingStreamW
URLDownloadToFileA
CreateAsyncBindCtx
ReleaseBindInfo

ole32

CreateFileMoniker
CoUninitialize
CoLockObjectExternal
OleConvertIStorageToOLESTREAM
OleLoadFromStream
CoFreeLibrary

ws2_32

htons
accept
gethostbyaddr
ntohl
connect
closesocket

opengl32

glColor4f
glTexEnvfv
glLineStipple
glTexCoord3sv
glRotated
glTexCoord3i
glDrawPixels
glVertex3i

crypt32

CryptDecodeObject
PFXImportCertStore
CertFindCertificateInStore
CryptEncodeObjectEx
CryptFormatObject
CertDeleteCTLFromStore

mpr

WNetDisconnectDialog1W
WNetCancelConnection2W
WNetGetUniversalNameA
WNetAddConnection2A
WNetGetResourceInformationW

kernel32

RtlUnwind
SetStdHandle
SetFilePointer
WriteConsoleW
Sleep
HeapFree
GetStringTypeW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
GetFileType
SetHandleCount
LoadLibraryW
HeapReAlloc
CreateFileW
CloseHandle
HeapSize
HeapAlloc
SetLastError
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetModuleHandleW
GetCurrentThreadId
GetLastError
GetProcAddress
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b405fa6a66bdfdf6f365f2139fc8148a

Headers

DLL Characteristics

File Characteristics

Imports

user32

urlmon

ole32

ws2_32

opengl32

crypt32

mpr

kernel32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 3KB - Virtual size: 11KB

.rsrc Size: 200KB - Virtual size: 199KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 3KB - Virtual size: 11KB

.rsrc
Size: 200KB - Virtual size: 199KB