cdc8ddf94330b508530d59177690755a2928089197e8381a3512d1283f58b35f

Sharing

Copy URL

Twitter E-mail

General

Target

cdc8ddf94330b508530d59177690755a2928089197e8381a3512d1283f58b35f
Size

129KB
MD5

98b96e90959b1ebe1ea1a1b052006d51
SHA1

9034ffae4f6159295c4c061d393c25c23d5c1e14
SHA256

cdc8ddf94330b508530d59177690755a2928089197e8381a3512d1283f58b35f
SHA512

dd003dc5739775b3494d51c55a2a91f7c05e5519531324d44009622c0d230e6893be441c36d2fa6bdbc493654e12fe0f00aceecfd63b13d6427805e14acf5f70
SSDEEP

3072:ngnmd/bYZnXX3ASjs3LCR8xjtxul9XC1K5RB21j:ngqjw3ASjseKzxSVCs5HC

Score

N/A

Malware Config

Signatures

Files

cdc8ddf94330b508530d59177690755a2928089197e8381a3512d1283f58b35f
.exe windows x86

2013f5c7828582a5604b7bab92edd107

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetSystemTime
GetStringTypeW
MultiByteToWideChar
LCMapStringW
HeapReAlloc
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LockResource
TlsGetValue
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
LoadLibraryW
EnterCriticalSection
CreateFileMappingA
GetLastError
ReadFile
HeapCreate
CreateEventA
Sleep
FormatMessageA
GetProcessHeap
SetEvent
MapViewOfFileEx
HeapAlloc
LoadResource
lstrcpynA
GetFileType
UnmapViewOfFile
FindResourceA
GetFileSize
CreateFileA
SetHandleCount
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
ExitProcess
GetModuleHandleW
GetProcAddress

user32

DestroyIcon
SetWindowTextA
DefWindowProcA
PostMessageA
EnableWindow
GetDlgItem
EndPaint
GetWindowTextLengthW
SetActiveWindow
GetWindowDC
ChildWindowFromPointEx
LoadIconA
FindWindowW
SetFocus
SendMessageA
BeginPaint
GetDC
MessageBoxA
InvalidateRect

gdi32

GetDeviceCaps
CreateBitmap
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
RealizePalette
StretchDIBits
SelectPalette
SetStretchBltMode
EnumFontFamiliesA
GetPixel
BitBlt

advapi32

CryptGenKey
CryptEncrypt
CryptAcquireContextA

shell32

DragQueryFileA
Shell_NotifyIconA
SHGetMalloc

ole32

OleGetClipboard
ReleaseStgMedium
CreateBindCtx

ws2_32

socket
htonl
WSAStartup
htons
WSACleanup
listen
WSAAsyncSelect
WSAGetLastError
bind

shlwapi

PathFileExistsA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2013f5c7828582a5604b7bab92edd107

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

ws2_32

shlwapi

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 36KB - Virtual size: 39KB

.rsrc Size: 38KB - Virtual size: 37KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 36KB - Virtual size: 39KB

.rsrc
Size: 38KB - Virtual size: 37KB