c8c0cb9b9f9519dd236e8528d9ac8b0db812e84bd6382aa9266afcb293473fac

General

Target

c8c0cb9b9f9519dd236e8528d9ac8b0db812e84bd6382aa9266afcb293473fac
Size

127KB
MD5

9ad63afab5e073b1027b996904eb983d
SHA1

ec16d2417c1e4fb664da27b8c6be9cf41559d80c
SHA256

c8c0cb9b9f9519dd236e8528d9ac8b0db812e84bd6382aa9266afcb293473fac
SHA512

493f5cfbb0192e0bcadae449d2d4086f958eccbc4d1e4f51160503163f76136b8d2c331ae3a5fd402e1da1aa8c7193c1dc96211f0416a8c4206b3012751ebe37
SSDEEP

3072:qA1LPxlGKXfKt6omzw2v0ZAePyih7rYuJfg:qMxutrmzM6YyilY8f

Score

N/A

Malware Config

Signatures

Files

c8c0cb9b9f9519dd236e8528d9ac8b0db812e84bd6382aa9266afcb293473fac
.exe windows x86

0aa38608586588623c189b78646bd9cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSSetSessionInformationA
WTSSetUserConfigA
WTSCloseServer
WTSLogoffSession
WTSVirtualChannelOpen
WTSWaitSystemEvent
WTSOpenServerA
WTSEnumerateSessionsA
WTSUnRegisterSessionNotification
WTSVirtualChannelClose
WTSEnumerateServersA

dciman32

DCICloseProvider
DCIBeginAccess
DCICreateOverlay

crypt32

CertCreateContext
CertGetNameStringA
CertSaveStore
CertNameToStrA
CryptEnumOIDInfo
CertControlStore
CertCloseStore
CertCompareCertificate
CertFindCRLInStore
CertCreateCRLContext
CryptFindOIDInfo
CertAddStoreToCollection

kernel32

GetModuleHandleA
GetVolumePathNameA
ReplaceFileW
FindFirstFileA
DeleteFileA
TlsGetValue
OpenSemaphoreA
GetStartupInfoA
CreateWaitableTimerA
OpenMutexA
CreateDirectoryA
GetDriveTypeA
OpenMutexW
FileTimeToLocalFileTime
WaitForSingleObjectEx
HeapAlloc
GetProcAddress
GetACP
GetSystemTime
OpenSemaphoreA
SetEnvironmentVariableW
GetLogicalDriveStringsA
GetCurrentDirectoryW
InterlockedDecrement
GetLocaleInfoW
GetGeoInfoA
GetLastError
GetLocalTime
SetEnvironmentVariableA
SearchPathA
GetShortPathNameA

user32

wsprintfW
GetCaretPos
LoadCursorA
MessageBoxW
PostMessageW
LoadImageA
DrawIcon
PeekMessageW
DrawTextA
IsCharLowerW

cryptdll

CDBuildVect
MD5Final

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0aa38608586588623c189b78646bd9cf

Headers

File Characteristics

Imports

wtsapi32

dciman32

crypt32

kernel32

user32

cryptdll

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 236KB

.rsrc Size: 87KB - Virtual size: 87KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 236KB

.rsrc
Size: 87KB - Virtual size: 87KB