c0c726a23111c220d022fcd01a85f9788249e42baece03f83b6059170453b801[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

c0c726a23111c220d022fcd01a85f9788249e42baece03f83b6059170453b801.exe
Size

301KB
MD5

2dc0dad1939edfdf997525bac94cdc21
SHA1

e3e398a3eed8ffc0266dbe37c396909eee150cf4
SHA256

c0c726a23111c220d022fcd01a85f9788249e42baece03f83b6059170453b801
SHA512

bfab68408e2812a00a114372fc51704ebaa232f63aeb3564769d10af5895957b0bb8a1aefe8ffe09d92fc38e96b807c02dedc9a08d2beda5822ad4ec3d7cefda
SSDEEP

6144:DRBvjMHJAGRdMSv+8nMmSIis4WKAra+xZp3AaEHhwnR:lBvjMHJANkMm9v4WKUJEHhwnR

Score

N/A

Malware Config

Signatures

Files

c0c726a23111c220d022fcd01a85f9788249e42baece03f83b6059170453b801.exe
.exe windows x86

21178be9347a155d7ea3cb6fd617caea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptStringToBinaryW
CryptBinaryToStringW

shlwapi

PathFindExtensionW
StrStrIW

rstrtmgr

RmRegisterResources
RmGetList
RmStartSession
RmEndSession

kernel32

SetVolumeMountPointW
FindVolumeClose
GetVolumePathNamesForVolumeNameW
DeleteVolumeMountPointW
FindNextVolumeW
GetDriveTypeW
ReadFile
CloseThreadpool
CreateThreadpool
FindFirstFileExW
FindNextFileW
WriteFile
CreateMutexW
FindClose
CreateFileW
SetThreadpoolThreadMinimum
SetFileAttributesW
CloseThreadpoolCleanupGroup
CloseThreadpoolCleanupGroupMembers
SetThreadpoolThreadMaximum
CreateThreadpoolCleanupGroup
SubmitThreadpoolWork
SetFilePointerEx
lstrcmpiW
GetLogicalDrives
CreateThreadpoolWork
SizeofResource
SetLastError
AssignProcessToJobObject
TerminateProcess
GetModuleFileNameW
CreatePipe
PeekNamedPipe
WaitForSingleObject
OpenProcess
MultiByteToWideChar
LockResource
LoadResource
FindResourceW
GetCurrentProcessId
CreateProcessW
GetModuleHandleW
WideCharToMultiByte
GetStringTypeW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryDosDeviceW
CloseHandle
GetLastError
CreateJobObjectW
SetInformationJobObject
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
HeapSize
HeapReAlloc
WriteConsoleW
DecodePointer
FindFirstVolumeW
MoveFileW
GetCPInfo
GetOEMCP
LocalFree
FormatMessageA
GetLocaleInfoEx
RaiseException
WaitForSingleObjectEx
GetCurrentThreadId
GetNativeSystemInfo
IsProcessorFeaturePresent
FreeLibraryWhenCallbackReturns
CloseThreadpoolWork
GetModuleHandleExW
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
QueryPerformanceCounter
InitOnceComplete
InitOnceBeginInitialize
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
TryEnterCriticalSection
DeleteCriticalSection
GetSystemTimeAsFileTime
GetProcAddress
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
InitializeSListHead
GetCurrentProcess
RtlUnwind
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetStdHandle
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
CompareStringW
LCMapStringW
GetFileType
GetFileSizeEx
IsValidCodePage
GetACP

user32

RegisterWindowMessageW

advapi32

CryptExportKey
RegSetValueExW
CryptDestroyKey
CryptGetKeyParam
CryptAcquireContextW
CryptEncrypt
CryptGenRandom
RegGetValueW
CryptImportKey
CryptGenKey
CryptReleaseContext
RegCloseKey
RegCreateKeyExW

shell32

SHEmptyRecycleBinW

ole32

CoGetObjectContext
CoGetApartmentType

Sections

.text
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21178be9347a155d7ea3cb6fd617caea

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

shlwapi

rstrtmgr

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 214KB - Virtual size: 214KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 214KB - Virtual size: 214KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 11KB - Virtual size: 11KB