cb546c7bf289fea854cc7aa5e720980b3d661a4f2f5be4ffd60665a7b5ed923d

Sharing

Copy URL Twitter E-mail

General

Target

cb546c7bf289fea854cc7aa5e720980b3d661a4f2f5be4ffd60665a7b5ed923d
Size

807KB
MD5

267a0f018aeb10e5dd97ae4883aaa9e0
SHA1

683d20083e201a45a23eb090336e55ca4d47f3da
SHA256

cb546c7bf289fea854cc7aa5e720980b3d661a4f2f5be4ffd60665a7b5ed923d
SHA512

e48eef39a5eb058774d1c0aaa537d3b4fe09e0f079286c04d8ef4f8f4b5c3eadf7b6c7695ff0473cb952a39b8ea2fa35cd2712939090da06596939f052537e0e
SSDEEP

12288:F3HjPr8kSjCQPN9jHZQUO9HP22UiKmhuHSXoJPp/RTTSDkI9COqFberX:FHKCQPv5QD9vroLRTTykI98xQX

Score

N/A

Malware Config

Signatures

Files

cb546c7bf289fea854cc7aa5e720980b3d661a4f2f5be4ffd60665a7b5ed923d
.exe windows x86

8e6b5eca1fb7f1e88b88a85724c5c3c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
MultiByteToWideChar
GetCurrentProcess
GetSystemDirectoryW
CreateFileA
SetFilePointer
ReleaseMutex
CreateMutexW
GetModuleFileNameW
HeapAlloc
GetWindowsDirectoryW
HeapFree
GetProcessHeap
GetCurrentDirectoryW
GetLocaleInfoW
GetNumberFormatW
GetCurrencyFormatW
GetDateFormatW
GetTimeFormatW
GetLocaleInfoA
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCPInfo
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FindNextFileW
GetCurrentProcessId
FindFirstFileW
FindClose
WideCharToMultiByte
CreateFileW
GetFileAttributesW
SetDllDirectoryW
GetCommandLineW
ProcessIdToSessionId
LocalFree
FreeLibrary
LoadLibraryW
ExpandEnvironmentStringsW
WaitForSingleObject
InterlockedIncrement
ReadFile
OutputDebugStringW
GetFileSize
DeleteFileW
InterlockedDecrement
GetLastError
GetProcAddress
MoveFileW
Sleep
WriteFile
OpenProcess
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
TerminateProcess
GetVersionExW
lstrcmpiW
GetModuleHandleW
CloseHandle
LocalAlloc
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryA
VirtualAlloc
VirtualFree
HeapCreate
FlushFileBuffers
GetStartupInfoA
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetConsoleMode
GetConsoleCP
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
LCMapStringW
LCMapStringA
RtlUnwind
GetCommandLineA
ExitProcess
GetModuleHandleA
CreateThread
GetCurrentThreadId
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetThreadLocale
GetACP
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
RaiseException
LeaveCriticalSection
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
VirtualQuery

user32

UnregisterClassA
wsprintfW
DestroyIcon

advapi32

CreateServiceW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
ChangeServiceConfig2W
RegisterServiceCtrlHandlerExW
OpenProcessToken
GetTokenInformation
LookupPrivilegeValueW
CreateProcessAsUserW
DuplicateTokenEx
DeleteService
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
CloseServiceHandle
OpenSCManagerW
RegCreateKeyExW
QueryServiceStatus
StartServiceW
OpenServiceW

shell32

CommandLineToArgvW
SHCreateDirectoryExW

ole32

StgCreateDocfile
CoUninitialize
StgOpenStorage
StgIsStorageFile
CoInitialize

shlwapi

PathFileExistsW
PathAddBackslashW
StrFromTimeIntervalW
StrFormatKBSizeW
StrFormatByteSizeW
wnsprintfW

psapi

EnumProcesses
GetProcessImageFileNameW

wtsapi32

WTSQueryUserToken

iphlpapi

GetAdaptersInfo

imagehlp

UnMapAndLoad
MapAndLoad

Sections

.text
Size: 596KB - Virtual size: 595KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8e6b5eca1fb7f1e88b88a85724c5c3c4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

psapi

wtsapi32

iphlpapi

imagehlp

Sections

.text Size: 596KB - Virtual size: 595KB

.rdata Size: 120KB - Virtual size: 116KB

.data Size: 12KB - Virtual size: 29KB

.rsrc Size: 68KB - Virtual size: 68KB

.text
Size: 596KB - Virtual size: 595KB

.rdata
Size: 120KB - Virtual size: 116KB

.data
Size: 12KB - Virtual size: 29KB

.rsrc
Size: 68KB - Virtual size: 68KB