1d9f72066d0a9b80dfa43be0d95570386a1449ecce289bb55505ba835fb5f5ef

Sharing

Copy URL

Twitter E-mail

General

Target

1d9f72066d0a9b80dfa43be0d95570386a1449ecce289bb55505ba835fb5f5ef
Size

318KB
MD5

4df56e7916adaa18916633fff2c4ca67
SHA1

4719a3882f277640f606fa6e88ebb013c6231f73
SHA256

1d9f72066d0a9b80dfa43be0d95570386a1449ecce289bb55505ba835fb5f5ef
SHA512

f918f8da082e44b194a0ff2015016eb82cdce5dfc0a7ef521ea3ca1f2a8e52cefa50dc2c4a263342d3496fdda2710eeaf87730fca87087dc7352ec800a197d91
SSDEEP

6144:Cu+KNOFNLPn3vxGLM5Km5Cj56juRajyIFkEwcZ5mb8S:4FRvOCC+usxwO5f

Score

N/A

Malware Config

Signatures

Files

1d9f72066d0a9b80dfa43be0d95570386a1449ecce289bb55505ba835fb5f5ef
.exe windows x86

1dcd2daceb669ea21798baf1fbd3ad73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupAccountNameW
CryptGenKey
CryptSetProvParam
DuplicateToken
CryptSetProviderExW
CryptGetDefaultProviderA
CryptImportKey
CryptDestroyHash
InitializeSecurityDescriptor
CreateServiceW
CryptDuplicateKey
RegOpenKeyExW
DuplicateTokenEx
RegSetValueExW
LogonUserA
CryptGenRandom
CryptDestroyKey
RegConnectRegistryW

comctl32

InitCommonControlsEx

kernel32

HeapFree
GetOEMCP
SetHandleCount
QueryPerformanceCounter
MultiByteToWideChar
ReadConsoleW
GetModuleFileNameA
CompareStringW
VirtualQuery
GetCurrentProcess
LCMapStringW
CompareStringA
CreateMutexW
FileTimeToSystemTime
HeapDestroy
VirtualAlloc
UnhandledExceptionFilter
InterlockedIncrement
InterlockedExchange
FreeEnvironmentStringsA
GetEnvironmentStrings
GetProcAddress
GetFileType
FindNextFileW
ReadFile
FlushFileBuffers
TlsAlloc
LoadLibraryA
VirtualFree
GetEnvironmentStringsW
InterlockedDecrement
GetCPInfo
GetStringTypeA
SetLastError
HeapCreate
GetVersion
TlsSetValue
DeleteCriticalSection
GetACP
GetLastError
InitializeCriticalSection
WideCharToMultiByte
OpenMutexA
CreateSemaphoreW
LeaveCriticalSection
IsBadWritePtr
GetTickCount
LCMapStringA
FreeEnvironmentStringsW
GetStartupInfoA
SetPriorityClass
InitializeCriticalSectionAndSpinCount
TlsFree
EnterCriticalSection
ExitProcess
RtlUnwind
GetStdHandle
SetFilePointer
GetTempPathA
GetCurrentThread
GetCurrentProcessId
GetCurrentThreadId
CloseHandle
WriteFile
SetStdHandle
SetEnvironmentVariableA
GetSystemTime
GetTimeZoneInformation
TlsGetValue
GetStringTypeW
HeapAlloc
CreateMutexA
HeapReAlloc
ConnectNamedPipe
SetEndOfFile
GlobalHandle
GetCommandLineW
GetCommandLineA
GetLocalTime
GetModuleHandleA
TerminateProcess
GetSystemTimeAsFileTime

user32

SetMenuInfo
EnumDisplaySettingsA
DestroyMenu
RegisterClassExA
IsWindowUnicode
DialogBoxParamA
GetCursor
TranslateAccelerator
EnumPropsA
FindWindowExW
DdeAbandonTransaction
RegisterClassA
DestroyCursor
GetMenuCheckMarkDimensions
DdeConnectList
DdeInitializeW
RemoveMenu
SetTimer
PostThreadMessageW

wininet

FindFirstUrlCacheContainerW
SetUrlCacheHeaderData
FtpSetCurrentDirectoryA

shell32

RealShellExecuteW
SHEmptyRecycleBinW
DoEnvironmentSubstA
ExtractAssociatedIconA

comdlg32

PageSetupDlgA

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1dcd2daceb669ea21798baf1fbd3ad73

Headers

File Characteristics

Imports

advapi32

comctl32

kernel32

user32

wininet

shell32

comdlg32

Sections

.text Size: 126KB - Virtual size: 126KB

.rdata Size: 5KB - Virtual size: 34KB

.data Size: 171KB - Virtual size: 170KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 126KB - Virtual size: 126KB

.rdata
Size: 5KB - Virtual size: 34KB

.data
Size: 171KB - Virtual size: 170KB

.rsrc
Size: 14KB - Virtual size: 14KB