2e72d1e69119c7e762f9809d3d1e6c3ad5e1266274d1cc9005942c1fb5871e48

Sharing

Copy URL Twitter E-mail

General

Target

2e72d1e69119c7e762f9809d3d1e6c3ad5e1266274d1cc9005942c1fb5871e48
Size

622KB
MD5

fcbe5dc9130908099b88a2f098c2063c
SHA1

d0d73c0ad73b36513874d2caa646de75d31b3564
SHA256

2e72d1e69119c7e762f9809d3d1e6c3ad5e1266274d1cc9005942c1fb5871e48
SHA512

2850b22081a11cde2b4a550a39c33438b0cdc8aa11d23b0c06b3bb718c65fdaa2ee27f1065f3684a13c30935882a4ccd96e30c615f9beab7cf27ad5584da170f
SSDEEP

12288:iMmloWGY0oMDjraKQ8LfSAV3uT/TnhbrVB9Qg695sIFFAR4fD9pER:iHF0oMDHaP8OAduT/T5rVGHsaAmf6

Score

N/A

Malware Config

Signatures

Files

2e72d1e69119c7e762f9809d3d1e6c3ad5e1266274d1cc9005942c1fb5871e48
.exe windows x86

ccb3156854959efd1efe5de6919955b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
Sleep
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
DecodePointer
EncodePointer
RtlUnwind
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeW
HeapReAlloc
GetCPInfo
LoadLibraryW
SetStdHandle
WriteConsoleW
FlushFileBuffers
CreateFileW
lstrcpyA
GetSystemTime
LocalFree
GetCurrentProcessId
CloseHandle
GetVersionExA
CreateMutexA
GetModuleHandleA
LocalAlloc
OpenMutexA
GetLocalTime
EnumSystemCodePagesW
GetLastError
GetSystemDirectoryA
ReadFile
HeapCreate
GetFileAttributesA
GetCurrencyFormatA
GetWindowsDirectoryA
GetProcessHeap
GetComputerNameA
WaitForSingleObject
HeapFree
InterlockedDecrement
HeapAlloc
GetFileSize
CreateFileA
InterlockedIncrement

user32

LoadCursorA
SetMenuItemInfoA
ActivateKeyboardLayout
GetLayeredWindowAttributes
LoadKeyboardLayoutA
EnableWindow
UpdateWindow
SetWindowTextA
GetSystemMetrics
SystemParametersInfoA
CheckRadioButton
CreateWindowExW
RegisterClassA
GetWindow
GetKeyboardLayoutNameA
DestroyMenu
GetMenuItemCount
IsDlgButtonChecked
GetSysColorBrush
SetMenu
ShowWindow
LoadAcceleratorsA
GetMenuStringA
GetMenuItemInfoA
GetSysColor
GetDesktopWindow
DestroyWindow
ScreenToClient
GetWindowRect
RegisterClassExA
FillRect
GetMenuItemID
GetSubMenu
GetMenuBarInfo
GetParent
LoadMenuA
LoadIconA
DefFrameProcA
GetClientRect
SendMessageA
BeginPaint
SetSysColors
GetMenu
OffsetRect
SetRect
CheckMenuRadioItem
OemToCharA
GetWindowLongA
CreateWindowExA
GetMenuState
GetDlgItem
DefWindowProcA

gdi32

FrameRgn
PatBlt
LineTo
GetWindowExtEx
DeleteDC
GetDeviceCaps
GetViewportOrgEx
DeleteObject
SelectObject
SelectClipRgn
CreateCompatibleDC
DPtoLP
SetMapMode
CreateCompatibleBitmap
SetViewportExtEx
GetViewportExtEx
GetStockObject
CreateSolidBrush
TextOutA
GetWindowOrgEx
BitBlt
MoveToEx
ExcludeClipRect

comdlg32

GetOpenFileNameA

advapi32

GetUserNameA

ole32

CoSetProxyBlanket
CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CreateStreamOnHGlobal
CoUninitialize

oleaut32

SysFreeString
SysAllocString
VariantClear

wininet

FtpSetCurrentDirectoryA
InternetOpenA
InternetGetLastResponseInfoA
FtpPutFileA

ws2_32

WSACleanup
WSAStartup
inet_ntoa

winmm

waveOutGetNumDevs
mmioWrite
mmioCreateChunk
mmioClose
mmioOpenA

crypt32

CertGetNameStringA

shlwapi

StrChrA
StrToIntA
PathFileExistsA
StrTrimA

gdiplus

GdipDisposeImage
GdipAlloc
GdipLoadImageFromFile
GdipCloneImage
GdiplusStartup
GdipFree

imm32

ImmReleaseContext
ImmSetOpenStatus

Exports

Exports

Iod

Sections

.text
Size: 572KB - Virtual size: 571KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.utext
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccb3156854959efd1efe5de6919955b9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

wininet

ws2_32

winmm

crypt32

shlwapi

gdiplus

imm32

Exports

Exports

Sections

.text Size: 572KB - Virtual size: 571KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 5KB - Virtual size: 12KB

.utext Size: 5KB - Virtual size: 5KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 572KB - Virtual size: 571KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 5KB - Virtual size: 12KB

.utext
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 19KB - Virtual size: 18KB