10db66484f075254a6d08392b210442b140a3f2e7d0b3e0c223c22dbb765c4e0

Sharing

Copy URL Twitter E-mail

General

Target

10db66484f075254a6d08392b210442b140a3f2e7d0b3e0c223c22dbb765c4e0
Size

335KB
MD5

2f7d570b269a4d52c60346b6e77d4810
SHA1

7e9fdcb148a267042fc394e380a4894d2d100f1e
SHA256

10db66484f075254a6d08392b210442b140a3f2e7d0b3e0c223c22dbb765c4e0
SHA512

bc372f799b3030f0639b6d81a3439ee26ec09ab41c8946e4fb514b4d8078e967237ac21046410e278a119a192bfdd3c26f65935efe2b72357944205bc6aae3aa
SSDEEP

6144:5RnoB4Mf41XFXKi/TqowF4I5tLWITlTBJZRuo1L1RWRa0PHSd:C4Mf4tFXKiHwFD5tialTrdqakK

Score

N/A

Malware Config

Signatures

Files

10db66484f075254a6d08392b210442b140a3f2e7d0b3e0c223c22dbb765c4e0
.exe windows x86

2a54b06c7c7ea33bb09a50bd772fa2af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MiniDumpWriteDump

kernel32

RaiseException
Sleep
GetVersionExW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
lstrcpynW
lstrcpyW
CreateMutexW
OpenMutexW
FreeLibrary
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
LoadLibraryW
lstrlenW
MoveFileExW
ExitProcess
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
SetLastError
GetLastError
GlobalFree
GlobalAlloc
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
FileTimeToDosDateTime
FileTimeToLocalFileTime
GlobalMemoryStatus
GetSystemInfo
GetSystemTimeAsFileTime
FormatMessageW
GetModuleHandleW
VirtualQuery
GetFileTime
GetFileSize
IsBadReadPtr
IsBadWritePtr
GetCurrentThread
SetUnhandledExceptionFilter
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
GetLocaleInfoW
CreateFileA
WriteConsoleW
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
MoveFileW
CreateFileW
CreateDirectoryW
CloseHandle
GetModuleFileNameW
LockFile
WriteFile
UnlockFile
ReadFile
SetFilePointerEx
GetFileSizeEx
SetFilePointer
SetEndOfFile
GetFileAttributesW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetTickCount
QueryPerformanceCounter
GetCommandLineW
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetModuleHandleA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
GetStdHandle
GetConsoleMode
GetConsoleCP
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
ExitThread
CreateThread
GetStartupInfoW
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapCreate
VirtualFree
VirtualAlloc

user32

wsprintfW
wvsprintfW

advapi32

GetUserNameW
RegOpenKeyExW
RegDeleteValueW
RegOpenKeyW
RegQueryValueExW
RegCloseKey

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW

shlwapi

PathRemoveFileSpecW
PathIsDirectoryW
PathFileExistsW
StrStrW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

wininet

InternetReadFile
InternetQueryOptionW
HttpQueryInfoW
InternetCloseHandle
InternetOpenUrlW
InternetSetOptionW
InternetOpenW
InternetGetLastResponseInfoW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetConnectW
InternetCrackUrlW
InternetAttemptConnect
HttpSendRequestW
InternetSetOptionA

psapi

GetModuleInformation

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2a54b06c7c7ea33bb09a50bd772fa2af

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

kernel32

user32

advapi32

shell32

shlwapi

version

wininet

psapi

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 7KB - Virtual size: 23KB

.rsrc Size: 86KB - Virtual size: 88KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 7KB - Virtual size: 23KB

.rsrc
Size: 86KB - Virtual size: 88KB