c5a185f1c6537d63f82b08c614eae9e448ea22b26def7efbb7fc5a9d104b5fae

Sharing

Copy URL Twitter E-mail

General

Target

c5a185f1c6537d63f82b08c614eae9e448ea22b26def7efbb7fc5a9d104b5fae
Size

600KB
MD5

0e38b8435baaa34a0616cd6ce2bba3b0
SHA1

dc8d4f18d3e815043f1834bcf2d836fc16e77541
SHA256

c5a185f1c6537d63f82b08c614eae9e448ea22b26def7efbb7fc5a9d104b5fae
SHA512

b81a2b4ad3b3b8d626e3a85e5935339f8fcbcdf65d8d0e091babc6616ac1a1a3372e950da934a5c002adafbf9e768d749531a5d8a94a736d2d055cc61717a160
SSDEEP

12288:hTWGkEdXR0sbXMp/VpX7aNLHf3MZs/gVpXbXZPaY/+LPpX70NL:gKdXRpbcptN7QHf8i/SNbJPtgPN72

Score

N/A

Malware Config

Signatures

Files

c5a185f1c6537d63f82b08c614eae9e448ea22b26def7efbb7fc5a9d104b5fae
.exe windows x86

cfec32a10837ca062bf9702386666377

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
RegisterWaitForSingleObject
GetCommandLineA
GetSystemInfo
CreateEventA
HeapCreate
GetOEMCP
LocalAlloc
GetTickCount
LoadLibraryExW
DeleteFileW
LCMapStringW
GetStartupInfoW
FindFirstFileA
GetCPInfo
FormatMessageA
GlobalAlloc
GetStringTypeW
GlobalFree
LCMapStringA
IsValidCodePage
GetStartupInfoA
CreateFileMappingA
HeapReAlloc
SetEndOfFile
Sleep
SetHandleCount
GlobalUnlock
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
GetFileAttributesA
IsValidLocale
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
HeapAlloc
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
VirtualFree
GetVersionExA
GetEnvironmentVariableA
GetCurrentThread
GetLastError
SetLastError
DeleteCriticalSection
GetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
ExitProcess
GetVersion
GetModuleHandleA
TlsFree
GetLocaleInfoA
HeapSize
GetACP
TlsGetValue
FormatMessageW
SetEnvironmentVariableA
lstrlenW
GetConsoleOutputCP
GetFileType
FindNextFileW
TlsSetValue
GetFileSize
GetExitCodeProcess
FindCloseChangeNotification
GetCurrentProcessId
HeapDestroy
FreeEnvironmentStringsW
GetCurrentProcess
LoadResource
CreateFileW
GetCommandLineW
LockResource
SetEvent
SetErrorMode
WriteConsoleW
FindFirstFileW
GetFileAttributesW
TlsAlloc
CompareStringW
CreateEventW
SizeofResource
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
FlushFileBuffers
GlobalLock
GetProcessHeap
GetStringTypeA
LoadLibraryW
CreateThread
SetStdHandle
CreateProcessW
GetCurrentThreadId
lstrlenA
EnumSystemLocalesA
VirtualAlloc

user32

GetParent
GetWindowPlacement
GetWindowTextLengthA
InvalidateRect
TranslateMessage
GetWindowTextW
GetDlgItemTextA
ShowWindow
BeginPaint
MessageBoxA
GetMenuItemCount
GetClientRect
GetDCEx
GetSysColorBrush
IsWindowUnicode
GetDlgItemInt
EnableWindow
GetWindowThreadProcessId
ReleaseDC
SetWindowPos
GetDlgItem
SetRectEmpty
LoadStringA
SetCursor
GetWindowTextA
PostQuitMessage
EndDialog
SendMessageA
ShowWindowAsync
EndPaint
IsWindowVisible
GetSystemMetrics
DestroyWindow
GetWindowRect
IsWindowEnabled
GetCursorPos
SetForegroundWindow
LoadStringW
GetWindowLongW
GetWindowTextLengthW
GetWindowLongA
MessageBoxW
GetDlgItemTextW
GetWindowDC
GetDesktopWindow
SetTimer

gdi32

CreateCompatibleDC
CreateRectRgnIndirect
SelectClipRgn
GetDeviceCaps
ExtCreatePen
SaveDC
ExtTextOutW
SetMapMode
DeleteDC
GetClipBox
SelectPalette
GetStretchBltMode
CreateDIBSection
SetTextColor
CreateCompatibleBitmap
SetWindowOrgEx
CreateSolidBrush
SetStretchBltMode
CreateFontIndirectA
GetTextExtentPoint32W
GetStockObject
SelectObject
RestoreDC
GetObjectW
RealizePalette
CreateBitmap
ExtTextOutA
PatBlt
SetBkMode
CreateFontIndirectW
CreateDIBitmap
Rectangle
SetViewportOrgEx
CreatePenIndirect
RectVisible
BitBlt
ExtSelectClipRgn
SetBkColor
MoveToEx
StretchBlt
GetObjectA
CreatePalette
DeleteObject
LineTo

ole32

OleRun
CoQueryProxyBlanket
CoCreateGuid
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
OleFlushClipboard
CoTaskMemFree
RegisterDragDrop
CoInitializeSecurity
CoFreeUnusedLibraries
StringFromCLSID
CoUninitialize
ReleaseStgMedium
CoLockObjectExternal
CLSIDFromString
CoGetClassObject
CoTaskMemAlloc
CreateStreamOnHGlobal
CreateBindCtx
CoRevokeClassObject
CoDisconnectObject
GetRunningObjectTable
CoCreateInstance
CreateILockBytesOnHGlobal
RevokeDragDrop
CLSIDFromProgID
CoInitialize
OleInitialize
OleIsRunning
OleRegGetUserType
OleUninitialize

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfec32a10837ca062bf9702386666377

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 160KB - Virtual size: 280KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 160KB - Virtual size: 280KB

.rsrc
Size: 16KB - Virtual size: 14KB