f1ee7e05c4b0ee1faab3e0c1a4e25fdd9e10268571ed5da74048f2aaebdda78f

Sharing

Copy URL Twitter E-mail

General

Target

f1ee7e05c4b0ee1faab3e0c1a4e25fdd9e10268571ed5da74048f2aaebdda78f
Size

330KB
MD5

105c9f8ce749eba4eaa3c67a2f2e75d6
SHA1

e589ed2038248917245503d8e41b2714ec05e188
SHA256

f1ee7e05c4b0ee1faab3e0c1a4e25fdd9e10268571ed5da74048f2aaebdda78f
SHA512

25667cf92661409fb906e6e6ff5462b4cbae9925a7d9a2332283bb8d31203b0205b80cb50c6a049f63739c8b23e1020c0ec38e8515b10cb359a82bbf5d28ec12
SSDEEP

6144:1dDz9zPha9wR0WCdoOI5l38Z0G6y/QRjIrM:1fE9e0WQTIP381RQVIr

Score

N/A

Malware Config

Signatures

Files

f1ee7e05c4b0ee1faab3e0c1a4e25fdd9e10268571ed5da74048f2aaebdda78f
.exe windows x86

cf45673da85b0fa2d29507a3c47b9e84

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AbortSystemShutdownA
RegSaveKeyW
RegEnumKeyExA
CryptDestroyKey
DuplicateTokenEx
RegCreateKeyExW
RegCreateKeyExA
CryptEncrypt
CryptEnumProviderTypesW
CryptEnumProviderTypesA
RegDeleteKeyW
RegCreateKeyW
RegEnumValueA
RegNotifyChangeKeyValue
RegQueryInfoKeyW
RegEnumKeyExW
CryptDuplicateKey
CryptSignHashA
CryptSetProviderExW
RegEnumKeyW
CryptReleaseContext
RegSetValueA
LookupPrivilegeValueA
AbortSystemShutdownW

kernel32

GetEnvironmentStrings
SetFilePointer
GetStdHandle
GetCommandLineA
HeapDestroy
WriteConsoleW
TlsAlloc
HeapReAlloc
CompareStringA
GetConsoleOutputCP
GetUserDefaultLCID
EnumSystemLocalesW
GetProcAddress
VirtualFree
GetEnvironmentStringsW
TlsGetValue
GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess
FlushFileBuffers
VirtualFreeEx
HeapFree
QueryPerformanceCounter
FlushViewOfFile
FreeEnvironmentStringsA
GetLocaleInfoA
GlobalUnlock
TlsFree
EnumSystemLocalesA
InterlockedDecrement
GetTimeZoneInformation
SetWaitableTimer
Sleep
GetLocaleInfoW
FreeLibrary
HeapSize
ReadConsoleOutputAttribute
UnhandledExceptionFilter
CreateDirectoryExA
SetEnvironmentVariableA
CreateMutexA
CompareStringW
GetACP
InitializeCriticalSection
TlsSetValue
GetCompressedFileSizeW
OpenMutexA
GetTickCount
GetModuleHandleA
SetHandleCount
InterlockedExchange
GetLastError
WideCharToMultiByte
CreateFileA
GetProcessHeap
IsValidCodePage
HeapCreate
GetFileType
DeleteCriticalSection
TerminateProcess
GlobalReAlloc
GetModuleFileNameA
MultiByteToWideChar
GetOEMCP
GetDiskFreeSpaceW
LCMapStringA
RtlUnwind
ExitProcess
GetTimeFormatA
GetStringTypeA
VirtualAlloc
FreeEnvironmentStringsW
LeaveCriticalSection
SetStdHandle
SetCriticalSectionSpinCount
GetVersionExA
SetUnhandledExceptionFilter
WriteConsoleA
GlobalFindAtomA
HeapAlloc
GetStringTypeW
InterlockedIncrement
WriteFile
LCMapStringW
IsValidLocale
SetConsoleCtrlHandler
IsDebuggerPresent
TransmitCommChar
lstrlenA
WriteConsoleInputA
ReadFile
GetDateFormatA
GetConsoleMode
GetCPInfo
LoadLibraryA
GetCurrentThread
ReadConsoleW
GetSystemTimeAsFileTime
GetProcessHeaps
VirtualQuery
CloseHandle
GetConsoleCP
EnterCriticalSection
SetLastError
GetStartupInfoA

gdi32

SetICMMode
Chord
CreateDCW
GetBoundsRect
SetViewportOrgEx
SetFontEnumeration
ColorMatchToTarget
GetTextExtentPoint32W
GetDeviceCaps
SetWorldTransform
MoveToEx
DeleteObject
DeleteDC
SetAbortProc
TextOutW
DeleteColorSpace
CreateDCA
GetTextCharacterExtra
GetWindowExtEx
CreateScalableFontResourceW
GetGraphicsMode
GetGlyphOutline
PolyTextOutW
ResetDCW
GetWindowOrgEx

comctl32

InitCommonControlsEx

user32

EnumPropsExW
DdeAbandonTransaction
RegisterClassExW
EnumWindowStationsA
GetProcessDefaultLayout
RegisterClassExA
GetMessagePos
SetClassWord
GetClassNameA
MapVirtualKeyExW
GetSysColor
ChangeMenuA
ShowWindow
ReuseDDElParam
GetKeyNameTextA
CharUpperA
RegisterClassA
MessageBoxW
CreateWindowExA
EnumThreadWindows
OemKeyScan

comdlg32

GetSaveFileNameA
GetFileTitleA

shell32

SHQueryRecycleBinW
SHEmptyRecycleBinA
SHUpdateRecycleBinIcon
ExtractAssociatedIconExW
SHEmptyRecycleBinW

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf45673da85b0fa2d29507a3c47b9e84

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

comctl32

user32

comdlg32

shell32

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 35KB - Virtual size: 45KB

.data Size: 90KB - Virtual size: 90KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 35KB - Virtual size: 45KB

.data
Size: 90KB - Virtual size: 90KB

.rsrc
Size: 12KB - Virtual size: 12KB