ebdfd186b21bd9bd4354b093a1b81636c9f6914f441908510d585bab1ec56db0

Sharing

Copy URL Twitter E-mail

General

Target

ebdfd186b21bd9bd4354b093a1b81636c9f6914f441908510d585bab1ec56db0
Size

604KB
MD5

9cc0722bc3f15f50dcd28ff4898db182
SHA1

aa6bcc2e6c1551eb29f0cb3a62a21aeccc9bf6c5
SHA256

ebdfd186b21bd9bd4354b093a1b81636c9f6914f441908510d585bab1ec56db0
SHA512

3971c1a4a234b6543ff4cd1d349f3ee0f26a2f5bb71598c64c9785cca236f376d2a87777d63b54bc2ec8e0c14b9663d60dfb693e5463f3fdbd018de3895336c6
SSDEEP

12288:8Hxr5NOWy3CcrS4DWefm/Gu6FofQTvLpiigo0gzxwDSY1YzF:8RlNOrCcrxD/+/Gu6FoYTvt8o0gzGY

Score

N/A

Malware Config

Signatures

Files

ebdfd186b21bd9bd4354b093a1b81636c9f6914f441908510d585bab1ec56db0
.exe windows x86

ff05cab906d36adab7df55f578bd25fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHInvokePrinterCommandA
DragFinish

advapi32

StartServiceW
CryptEnumProvidersA
RegReplaceKeyW
CryptSetHashParam
CryptGetProvParam
CryptDestroyHash
LookupPrivilegeNameW
RegQueryValueExA
RegConnectRegistryA
CryptExportKey
AbortSystemShutdownA
RegQueryMultipleValuesW
InitializeSecurityDescriptor
LookupAccountNameA
CryptReleaseContext
RegQueryValueA
CryptEnumProviderTypesW
RegDeleteKeyW
CreateServiceA
RegEnumKeyExW
CryptSetProviderExA
CryptGetUserKey
LookupSecurityDescriptorPartsA
RegCreateKeyA

user32

GetClassInfoExW
SetWindowContextHelpId
GetDlgCtrlID
IsRectEmpty
DdeClientTransaction
EmptyClipboard
GetQueueStatus
SendIMEMessageExA
DestroyWindow
PostQuitMessage
IsDialogMessage
CreateCaret
TabbedTextOutW
ShowWindow
DdeImpersonateClient
InsertMenuA
EnumThreadWindows
DdeFreeStringHandle
SetProcessDefaultLayout
CopyAcceleratorTableA
DefWindowProcW
SetClassLongW
RegisterClassA
AdjustWindowRectEx
GetUserObjectSecurity
SetKeyboardState
AppendMenuW
DdeInitializeA
RegisterClassExA
SendMessageW
UnhookWinEvent
GetMenuItemRect
CreateMDIWindowW
EnumDisplaySettingsExW
GetWindow
IsWindow
UnhookWindowsHook
DestroyMenu
DefWindowProcA
OemToCharA
SetForegroundWindow
GetDlgItemTextA
SetWindowsHookExW
SetLastErrorEx
EnableMenuItem
LoadStringA
TileWindows
DdeQueryStringA
MessageBoxA
CharPrevW
GetMenuState
GetWindowTextLengthW
CreateWindowExA
ChangeMenuA
DialogBoxParamW
BeginDeferWindowPos
GetMenuCheckMarkDimensions
CopyRect
LoadBitmapA

kernel32

MultiByteToWideChar
GetCurrencyFormatA
TlsAlloc
SetLastError
SleepEx
GetSystemTime
ContinueDebugEvent
DeleteCriticalSection
FreeResource
FreeEnvironmentStringsW
GetVersion
GetCurrentThreadId
GlobalLock
TlsFree
GetThreadLocale
GetCurrentThread
ConnectNamedPipe
GetTimeZoneInformation
lstrlenW
GetPrivateProfileSectionA
GetStartupInfoA
GetCurrentProcess
SetConsoleScreenBufferSize
WaitCommEvent
GetProcAddress
GetDiskFreeSpaceExW
IsBadReadPtr
GetSystemTimeAsFileTime
LoadLibraryA
InterlockedExchange
GetThreadTimes
LoadLibraryW
HeapCreate
GetLocalTime
GetOEMCP
GetCurrentDirectoryW
SetEnvironmentVariableA
GetShortPathNameA
HeapDestroy
GetPrivateProfileStructW
IsBadWritePtr
FindResourceW
InterlockedDecrement
InterlockedCompareExchange
FreeEnvironmentStringsA
GetSystemDefaultLangID
TerminateProcess
HeapAlloc
GetTimeFormatW
GetFileTime
GetACP
GetSystemDirectoryW
GetStringTypeW
GetConsoleTitleA
GetFileAttributesW
GetLastError
GetMailslotInfo
WriteFile
GetEnvironmentStrings
GetCurrentProcessId
UnlockFile
CreateMutexA
GlobalAddAtomW
FlushFileBuffers
ReadConsoleA
GetEnvironmentStringsW
GetCommandLineA
LeaveCriticalSection
CompareStringW
GetModuleHandleA
VirtualAlloc
WideCharToMultiByte
CompareStringA
GetDateFormatW
WritePrivateProfileStringA
SetCurrentDirectoryA
OpenSemaphoreW
SetConsoleTitleW
GetEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
LCMapStringA
DebugBreak
GetStartupInfoW
GetProfileStringA
ExitProcess
EnterCriticalSection
InterlockedIncrement
WriteConsoleInputW
GetDiskFreeSpaceA
RtlUnwind
WaitForSingleObject
VirtualFreeEx
CloseHandle
MoveFileW
GetTickCount
CreateEventW
CompareFileTime
GetEnvironmentVariableW
FindFirstFileExW
WritePrivateProfileSectionW
TlsSetValue
GetModuleFileNameA
OpenMutexA
CommConfigDialogW
DeleteAtom
SetFilePointer
GetFileType
ConvertDefaultLocale
GetComputerNameW
GetNamedPipeHandleStateA
EnumResourceLanguagesW
MapViewOfFile
VirtualFree
SetHandleCount
RtlZeroMemory
GetFileAttributesA
lstrcpynA
GetCPInfo
RemoveDirectoryW
FindClose
ReleaseMutex
UnhandledExceptionFilter
CreateFileW
VirtualQuery
SetStdHandle
InitializeCriticalSection
TlsGetValue
HeapFree
LocalCompact
OpenEventW
QueryPerformanceCounter
HeapReAlloc
GetCommandLineW
GetStringTypeA
LCMapStringW
ReadFile
SetComputerNameA
GetProcAddress
GetStdHandle

wininet

FtpGetCurrentDirectoryA
UrlZonesDetach
RegisterUrlCacheNotification
InternetCombineUrlA
FindNextUrlCacheEntryA
RetrieveUrlCacheEntryFileW

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_DragEnter
ImageList_Remove
ImageList_DragLeave
CreateUpDownControl
ImageList_SetFlags
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_Copy
ImageList_GetDragImage
ImageList_AddIcon
CreateStatusWindowW
ImageList_BeginDrag
ImageList_GetIcon
CreateToolbar
ImageList_AddMasked
DrawInsert
MakeDragList
CreateStatusWindow
ImageList_Read

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff05cab906d36adab7df55f578bd25fb

Headers

File Characteristics

Imports

shell32

advapi32

user32

kernel32

wininet

comctl32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 108KB - Virtual size: 133KB

.rsrc Size: 72KB - Virtual size: 70KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 108KB - Virtual size: 133KB

.rsrc
Size: 72KB - Virtual size: 70KB