c6a5b930534b01543cc50ee7d0027dec763e46bb4042588493cb1b1f9c2808cc

Sharing

Copy URL Twitter E-mail

General

Target

c6a5b930534b01543cc50ee7d0027dec763e46bb4042588493cb1b1f9c2808cc
Size

104KB
MD5

0d48abcc3034acbd559bbffcb6d44910
SHA1

98178c80ec7e6541e38d7f3d4a96f94f64831740
SHA256

c6a5b930534b01543cc50ee7d0027dec763e46bb4042588493cb1b1f9c2808cc
SHA512

08fe8f974cc28f4ef639f288f8dc560a991ef6c251a5f7d379051f82291b5bbd638a78a5505b4d03f971fd299f3c49ab6ef8517d9594777b428015da0e3a171b
SSDEEP

3072:FpsobZPhPO3fEI4SYBlo/b3+vtAMdP1Cmz:v1dpPO3fESYBleb3+Gc1CO

Score

N/A

Malware Config

Signatures

Files

c6a5b930534b01543cc50ee7d0027dec763e46bb4042588493cb1b1f9c2808cc
.exe windows x86

cc409225ca1dea2fbd99a60a57a52e8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

shlwapi

StrStrA
PathAppendA
PathAddBackslashA
StrChrA
wnsprintfA
StrStrIA

ws2_32

inet_addr
closesocket
recvfrom
sendto
setsockopt
socket
htons
gethostbyname
gethostname
send
recv
select
WSAGetLastError
connect
ioctlsocket
getsockopt
__WSAFDIsSet
getsockname
inet_ntoa
shutdown
WSASetLastError
WSAStartup

wininet

HttpQueryInfoA
InternetCloseHandle
InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA

kernel32

LCMapStringW
WideCharToMultiByte
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetModuleFileNameA
GetStdHandle
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsSetValue
lstrlenA
GetCommandLineA
GetVersion
Sleep
CreateThread
GetCurrentThreadId
CreateMutexA
InitializeCriticalSection
CloseHandle
OpenMutexA
ExitProcess
ExitThread
TerminateThread
OpenThread
lstrcmpA
lstrlenW
IsBadReadPtr
lstrcmpiA
GetLastError
GetTickCount
WriteFile
SetFilePointer
OpenFile
GetProcessHeap
HeapCreate
HeapFree
IsBadWritePtr
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapReAlloc
VirtualAllocEx
CreateRemoteThread
WriteProcessMemory
TerminateProcess
CreateProcessA
GetEnvironmentVariableA
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
QueryPerformanceCounter
VirtualAlloc
VirtualFree
GetSystemTimeAsFileTime
LoadLibraryExA
SystemTimeToFileTime
GetTimeZoneInformation
lstrcatA
lstrcpyA
GetSystemDirectoryA
GetSystemTime
lstrcmpW
GlobalFree
GlobalAlloc
MultiByteToWideChar
TlsGetValue
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
DeleteCriticalSection

user32

wsprintfA
CharLowerA
CharUpperBuffA

dnsapi

DnsQuery_A
DnsExtractRecordsFromMessage_W
DnsRecordListFree

gdiplus

GdipCreateSolidFill
GdiplusShutdown
GdipGetImageGraphicsContext
GdiplusStartup
GdipGetImageEncoders
GdipGetDC
GdipReleaseDC
GdipLoadImageFromStreamICM
GdipDisposeImage
GdipSaveImageToStream
GdipGetImageWidth
GdipFree
GdipAlloc
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipGetFontCollectionFamilyCount
GdipDeleteGraphics
GdipDeleteBrush
GdipCreatePen1
GdipCloneImage
GdipCloneBrush
GdipCloneBitmapAreaI
GdipCreateFont
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipDrawImageI
GdipDrawString
GdipFillRectangleI
GdipGetImageEncodersSize
GdipDrawLineI
GdipLoadImageFromStream
GdipDeleteFont
GdipPrivateAddMemoryFont
GdipDeletePrivateFontCollection
GdipNewPrivateFontCollection
GdipDeletePen

gdi32

GetTextExtentPoint32A

ole32

CreateStreamOnHGlobal

shell32

ShellExecuteA

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 21.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cc409225ca1dea2fbd99a60a57a52e8c

Headers

File Characteristics

Imports

advapi32

shlwapi

ws2_32

wininet

kernel32

user32

dnsapi

gdiplus

gdi32

ole32

shell32

Sections

.text Size: 89KB - Virtual size: 89KB

.data Size: 13KB - Virtual size: 21.2MB

.text
Size: 89KB - Virtual size: 89KB

.data
Size: 13KB - Virtual size: 21.2MB