1cba139393f77ae36a9f34c5c78db2077e4848a794db7c1d4a3e74cdbdc02c55

General

Target

1cba139393f77ae36a9f34c5c78db2077e4848a794db7c1d4a3e74cdbdc02c55
Size

41KB
MD5

1489b4d094748c8431fa30f16c5f7529
SHA1

24d30a3390d219ff91a04979f7bdec9cb5e77a7d
SHA256

1cba139393f77ae36a9f34c5c78db2077e4848a794db7c1d4a3e74cdbdc02c55
SHA512

de7454839bc3a20dfc41d29d457480e1fb7d6c5b5113bd852be4bb35cfb5ba6697b121561ffc749de453e91dc6588f3b29a6a2410e0c877f6138db294459aae6
SSDEEP

768:7osJ1wkpLTjEiosmokdYBNFfWQuJOASXWbmvR+e1fJJ3lsGWjI2Gshkl5nDFOZdX:7oQvpssmsW8l5nDFO/0U

Score

N/A

Malware Config

Signatures

Files

1cba139393f77ae36a9f34c5c78db2077e4848a794db7c1d4a3e74cdbdc02c55
.exe windows x86

088292d97c1128857a6693882480df19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32First
Process32Next
OpenProcess
TerminateProcess
GetTempPathA
LocalSize
GetProcessId
GetCurrentProcess
GetProcAddress
VirtualProtect
GetCurrentThreadId
CreateThread
Sleep
CreateWaitableTimerA
SetWaitableTimer
GetProcessHeap
ExitProcess
CreateToolhelp32Snapshot
HeapReAlloc
HeapFree
IsBadReadPtr
GetModuleFileNameA
LCMapStringA
WaitForSingleObject
CreateProcessA
GetStartupInfoA
SetFileAttributesA
MoveFileA
GetTickCount
CreateFileA
SetFilePointer
WriteFile
FreeLibrary
LoadLibraryA
GetModuleHandleA
CloseHandle
RtlMoveMemory
MapViewOfFile
HeapAlloc
OpenFileMappingA

user32

PeekMessageA
TranslateMessage
CallWindowProcA
RegisterWindowMessageA
wsprintfA
GetMessageA
MessageBoxA
MsgWaitForMultipleObjects
PostThreadMessageA
DispatchMessageA

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

shell32

ShellExecuteExA

atl

ord42

wininet

InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetGetConnectedState

psapi

EnumProcesses

msvcrt

??2@YAPAXI@Z
strncmp
_ftol
atoi
??3@YAXPAX@Z
strchr
_strnicmp
modf
memmove
strncpy
srand
_CIfmod
rand
sprintf
malloc
free
tolower

shlwapi

PathFileExistsA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

088292d97c1128857a6693882480df19

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

atl

wininet

psapi

msvcrt

shlwapi

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 52KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 52KB