2ccfc32bdbc0dbb3fead49594a267d60c3f14163c3105ec11969f3abfdf0f2c6

Sharing

Copy URL

Twitter E-mail

General

Target

2ccfc32bdbc0dbb3fead49594a267d60c3f14163c3105ec11969f3abfdf0f2c6
Size

335KB
MD5

0f529bc7558fbb21028425fd83166dd0
SHA1

f0d777dd43c6300af4bbb3aaa4a41e34e75c7475
SHA256

2ccfc32bdbc0dbb3fead49594a267d60c3f14163c3105ec11969f3abfdf0f2c6
SHA512

8b37166706a038b202f7c9ce1b0023904b4eb2f99ed57148765f4e9b0f14fb1b61c23dde02941f8d24e6518d4a6dba2797744b6c115d0097faf56c23f7242cd1
SSDEEP

6144:QO4BCICwXuiGRM3mHAEus8y796GDz9mWc:TOlXsM3mgEL796Is

Score

N/A

Malware Config

Signatures

Files

2ccfc32bdbc0dbb3fead49594a267d60c3f14163c3105ec11969f3abfdf0f2c6
.exe windows x86

c11169f587fa0fb75487f6bd6df890e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetLocalTime
CreateThread
GlobalUnlock
GlobalLock
SetFileTime
GetFileTime
GlobalMemoryStatus
FindClose
FindNextFileA
FindFirstFileA
ReadFile
GetFileSize
GetCurrentProcess
TerminateProcess
OpenProcess
GetLastError
HeapFree
HeapAlloc
GetProcessHeap
ExitThread
WriteFile
GetStartupInfoA
CreatePipe
GlobalAlloc
GetComputerNameA
ExpandEnvironmentStringsA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
SetFilePointer
GetFileType
GetStdHandle
GetFileAttributesA
DeleteFileA
GetCurrentDirectoryA
GetLogicalDriveStringsA
TerminateThread
GetVersionExA
ExitProcess
GetTickCount
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetTempPathA
OpenMutexA
CreateMutexA
CreateProcessA
Sleep
CloseHandle
CopyFileA
PeekNamedPipe
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetVersion
GetCommandLineA
RtlUnwind
GetSystemTime
GetTimeZoneInformation
RemoveDirectoryA

user32

GetClipboardData
OpenClipboard
GetWindowTextA
GetForegroundWindow
GetAsyncKeyState
CloseClipboard
GetClassNameA
PostMessageA
EnumChildWindows
EnumWindows
ExitWindowsEx
ShowWindow
MessageBoxA

advapi32

ControlService
RegDeleteKeyA
QueryServiceStatus
EnumDependentServicesA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
GetUserNameA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegCreateKeyExA
RegSetValueExA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

ws2_32

inet_ntoa
recv
htons
inet_addr
getsockname
gethostbyaddr
socket
connect
WSAStartup
closesocket
WSACleanup
accept
select
listen
htonl
bind
ntohl
gethostbyname
ntohs
WSASocketA
sendto
__WSAFDIsSet
setsockopt
WSAAsyncSelect
gethostname
send
WSAIoctl

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetCrackUrlA
InternetCloseHandle

Sections

.layer
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.layer
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.layer
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.layer
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c11169f587fa0fb75487f6bd6df890e9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

wininet

Sections

.layer Size: 100KB - Virtual size: 100KB

.layer Size: 8KB - Virtual size: 8KB

.layer Size: 80KB - Virtual size: 80KB

.layer Size: 12KB - Virtual size: 12KB

.layer
Size: 100KB - Virtual size: 100KB

.layer
Size: 8KB - Virtual size: 8KB

.layer
Size: 80KB - Virtual size: 80KB

.layer
Size: 12KB - Virtual size: 12KB