cce6bf343abe9e10e05547d46167c63366ec064bb46ce934f6f32b4787525cf2

Sharing

Copy URL Twitter E-mail

General

Target

cce6bf343abe9e10e05547d46167c63366ec064bb46ce934f6f32b4787525cf2
Size

652KB
MD5

040db59d0cbe5c9b0ed71d946fee9aab
SHA1

f12f138c6f0592f2ec959a68f9a2ba08b0a3c2c5
SHA256

cce6bf343abe9e10e05547d46167c63366ec064bb46ce934f6f32b4787525cf2
SHA512

e64c4ebef0df535b8a4ff1a3fee2ac5c5ab585dab970f24807c858411507c1882c2ec5061f3b10157757907d1c788511e078f4f396c6b7926a769383d48f1aee
SSDEEP

12288:boqn9CNz53FSlMZpuAOrOFygn3/PZCT5wo9UH:bBnANFUvrOFhXZS59

Score

N/A

Malware Config

Signatures

Files

cce6bf343abe9e10e05547d46167c63366ec064bb46ce934f6f32b4787525cf2
.exe windows x86

631d17647a22ea985d9c7dfcca2ed2d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
FindResourceA
FindResourceExA
TerminateProcess
GetCurrentProcess
Sleep
CreateThread
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetProcAddress
ExpandEnvironmentStringsA
GetModuleFileNameA
LoadLibraryA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetFileAttributesExA
MultiByteToWideChar
WaitForSingleObject
SetEvent
DeleteFileA
CreateMutexA
lstrcatA
lstrcpyA
LocalFree
LocalAlloc
IsBadWritePtr
WriteFile
ReadFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
LockResource
LockFile
FreeLibrary
GetSystemTime
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
TlsSetValue
TlsGetValue
TlsAlloc
LockFileEx
AreFileApisANSI
GetFileAttributesA
GetFileAttributesW
DeleteFileW
GetTempPathA
GetTempPathW
GetFullPathNameA
GetFullPathNameW
LoadLibraryW
CreateFileW
CompareStringA
CompareStringW
SetStdHandle
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CloseHandle
CreateEventA
UnlockFile
lstrlenA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
SetLastError
TlsFree
GetOEMCP
GetCPInfo
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetUnhandledExceptionFilter
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStdHandle
SetEnvironmentVariableA

user32

wsprintfA

advapi32

GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
AllocateAndInitializeSid

ncomm

ord13
ord22
ord2
ord21
ord12

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 344KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

631d17647a22ea985d9c7dfcca2ed2d2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ncomm

version

Sections

.text Size: 344KB - Virtual size: 342KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 52KB - Virtual size: 49KB

.tc Size: 200KB - Virtual size: 200KB

.text
Size: 344KB - Virtual size: 342KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 52KB - Virtual size: 49KB

.tc
Size: 200KB - Virtual size: 200KB