cedab6b99502b81b478a3acea4eca38d65ffba932f31b6ec4de9992c46bb7caf

Sharing

Copy URL Twitter E-mail

General

Target

cedab6b99502b81b478a3acea4eca38d65ffba932f31b6ec4de9992c46bb7caf
Size

324KB
MD5

0e909c447403abd15cdd083a4f0516a0
SHA1

70f0cc77e644c3cf4307f70c47186bdd75da789a
SHA256

cedab6b99502b81b478a3acea4eca38d65ffba932f31b6ec4de9992c46bb7caf
SHA512

c296e0b145870a34a378ef9c585d9752824a4ccf0a27454def67154c55ae9309a22588f6facc0f0d00fcf2ed0195c437f5205a27bff7f1841ca75ace4a9b6f7e
SSDEEP

6144:HkgnqPx6m0mrhdDOxq8nxbXfx5BoGDrPuUbMipFInbLS1:EgnqPx6m0m1dUq8n1LjbMI6K

Score

N/A

Malware Config

Signatures

Files

cedab6b99502b81b478a3acea4eca38d65ffba932f31b6ec4de9992c46bb7caf
.exe windows x86

b4e6e558979d6e4c870a94f956e43764

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetDlgItemTextA
LoadIconA
GetClientRect
PtInRect
PostMessageA
DefWindowProcA
CallWindowProcA
IsWindowVisible
GetWindowLongA
UpdateWindow
GetDlgCtrlID
GetClassLongA
GetDC
SetCursor
GetMenuCheckMarkDimensions
GetWindowDC
RegisterClassA
DestroyWindow
OffsetRect
UnhookWindowsHookEx
MapWindowPoints
TranslateAcceleratorA
EnableMenuItem
GetWindowTextA
ClientToScreen
InvalidateRect
SetWindowLongA
LoadAcceleratorsA
GetLastActivePopup
SetWindowContextHelpId
InflateRect
TranslateMessage
CreateWindowExA
LoadImageA
IsDialogMessageA
DrawStateA
DrawTextA
TrackPopupMenu
DrawFocusRect
LoadCursorA
ShowWindow
CharNextA
GetDlgItem
LoadBitmapA
AppendMenuA
CreatePopupMenu
GetMenu
ValidateRect
LoadStringA
GetKeyState
ScreenToClient
CopyRect
GetSystemMetrics
GetFocus
GetScrollInfo
DestroyIcon
SystemParametersInfoA
GetSysColor
CharUpperA
GetParent
SetCapture
SetWindowsHookExA
RegisterClassExA
ReleaseDC
GetMenuItemInfoA
MessageBoxA
OpenClipboard

kernel32

ReadFile
SetEndOfFile
DeleteCriticalSection
MultiByteToWideChar
GetLastError
ResetEvent
GlobalReAlloc
GetTempFileNameA
GetCommandLineA
WritePrivateProfileStringA
GetModuleHandleA
lstrlenA
GetSystemInfo
HeapReAlloc
lstrcpyA
RtlUnwind
GetACP
ExitProcess
FindFirstFileA
InterlockedDecrement
SetUnhandledExceptionFilter
HeapSize
GetTimeFormatA
CreateMutexA
LeaveCriticalSection
RemoveDirectoryA
HeapFree
UnhandledExceptionFilter
GetCurrentProcess
GetFileSize
LCMapStringW
HeapCreate
CompareStringW
IsBadCodePtr
lstrcpynA
SetHandleCount
GetVersionExA
GetFileType
TerminateProcess
GetPrivateProfileIntA
UnlockFile
LoadLibraryExA
SetLastError
VirtualQuery
CloseHandle
CreateFileA
LCMapStringA
WaitForSingleObject
VirtualProtect
SetEvent
LocalFileTimeToFileTime
GetCurrentThreadId
HeapDestroy
GetStartupInfoA
TlsAlloc
GetProcAddress
CompareStringA
GetOEMCP
GetEnvironmentStringsW
GetModuleFileNameA
GetSystemDirectoryA
GetEnvironmentStrings
EnterCriticalSection
GetSystemTimeAsFileTime
WriteFile
SetEnvironmentVariableA
DeleteFileA
GetLocaleInfoA
GetStringTypeA
FreeEnvironmentStringsW
CreateEventA
ReleaseMutex
TlsFree
QueryPerformanceCounter
HeapAlloc
WideCharToMultiByte
TlsGetValue
FreeEnvironmentStringsA
GetVolumeInformationA
VirtualFree
InitializeCriticalSection
OpenMutexA
GetCurrentProcessId
GetTickCount
GetProfileIntA
GetCurrentDirectoryA
GetStdHandle
LoadLibraryA
MoveFileA
FlushFileBuffers
LocalAlloc
LockFile
Sleep
SetStdHandle
TlsSetValue
GetShortPathNameA
GetStringTypeW
FindClose
GetUserDefaultLCID
RaiseException
GetTimeZoneInformation
GetCPInfo
VirtualAlloc
SetFilePointer
CreateDirectoryA
InterlockedExchange
GetDateFormatA

advapi32

OpenProcessToken
RegSetValueExA
RegDeleteValueA
RegSetValueA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
InitializeSecurityDescriptor
RegQueryInfoKeyA
DeleteService
CloseServiceHandle
StartServiceA
RegEnumValueA
AdjustTokenPrivileges

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA
InternetConnectA
HttpQueryInfoA
InternetQueryDataAvailable
InternetGetConnectedState
InternetReadFile
InternetOpenA
HttpSendRequestA
InternetCloseHandle

oleaut32

LoadTypeLi

winspool.drv

OpenPrinterA
ord204

shell32

ShellExecuteA
DragQueryFileA
SHGetDesktopFolder

comctl32

ImageList_Create
DestroyPropertySheetPage
ImageList_Destroy
ImageList_GetImageCount
ImageList_AddMasked
ImageList_DrawEx
InitCommonControlsEx
ImageList_LoadImageA

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4e6e558979d6e4c870a94f956e43764

Headers

File Characteristics

Imports

user32

kernel32

advapi32

wininet

oleaut32

winspool.drv

shell32

comctl32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 128KB - Virtual size: 126KB

.data Size: 60KB - Virtual size: 74KB

.rsrc Size: 48KB - Virtual size: 44KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 128KB - Virtual size: 126KB

.data
Size: 60KB - Virtual size: 74KB

.rsrc
Size: 48KB - Virtual size: 44KB