c0877cc38867f62149f0961c4663490a2255da3aa745c418861972823fb0945e

Sharing

Copy URL Twitter E-mail

General

Target

c0877cc38867f62149f0961c4663490a2255da3aa745c418861972823fb0945e
Size

812KB
MD5

7df33a23e4490ff0165e7f3b010ca242
SHA1

775619ed147f191b76a09ea841025f3a3a676a9c
SHA256

c0877cc38867f62149f0961c4663490a2255da3aa745c418861972823fb0945e
SHA512

dfae50fb8cd24bc6c2f11cef8532740c98097a3bcc1112c9793697440b0bada113aa8631a2f270a684611e278b741b0f880f6f2fcf0a34fab2d8c16a75defb8c
SSDEEP

12288:HtPIkZv3qTA3tpKxN4w6j+SWaemryb4cnu4YVJ3QZ0CP8iqJ:NPLFEA9pK3zSWaZro4cY12PvqJ

Score

N/A

Malware Config

Signatures

Files

c0877cc38867f62149f0961c4663490a2255da3aa745c418861972823fb0945e
.exe windows x86

1567f2db74b875d1e8b51a5a38332e82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupPrivilegeNameW
InitiateSystemShutdownW
AbortSystemShutdownW
CryptEnumProviderTypesW
RegConnectRegistryA
CryptSetKeyParam
LookupPrivilegeDisplayNameA
CryptEnumProviderTypesA
LogonUserW
ReportEventA
DuplicateToken

comctl32

ImageList_SetOverlayImage
ImageList_Merge
ImageList_Destroy
CreateToolbar
ImageList_GetFlags
ImageList_Add
ImageList_EndDrag
ImageList_GetDragImage
InitCommonControlsEx
ImageList_GetBkColor

wininet

SetUrlCacheHeaderData

kernel32

Sleep
VirtualQuery
WideCharToMultiByte
FlushFileBuffers
GetModuleFileNameA
RtlMoveMemory
GetLocaleInfoA
GetDateFormatA
UnhandledExceptionFilter
FreeEnvironmentStringsW
ExpandEnvironmentStringsA
HeapDestroy
HeapSize
EnterCriticalSection
GetOEMCP
GetLastError
IsValidLocale
IsDebuggerPresent
LoadLibraryA
VirtualFree
InitializeCriticalSection
SetHandleCount
LeaveCriticalSection
GetConsoleCP
HeapAlloc
ReadConsoleInputW
VirtualAlloc
GetCommandLineA
GetStartupInfoA
ReadConsoleOutputW
GetConsoleOutputCP
GetProcessHeap
FreeLibrary
QueryPerformanceCounter
InterlockedIncrement
SetUnhandledExceptionFilter
DeleteFileW
GetProfileSectionW
GetCurrentThreadId
GetStdHandle
HeapFree
GetCurrentProcessId
WriteConsoleA
HeapCreate
CreateDirectoryA
GetLocaleInfoW
GetCurrentThread
LCMapStringA
RtlUnwind
WriteFile
ReadFile
GetVersionExA
MultiByteToWideChar
GetEnvironmentStringsW
TlsSetValue
GetStringTypeA
TlsGetValue
SetStdHandle
InterlockedExchange
GetModuleHandleA
TlsFree
GlobalSize
GetStringTypeW
GetTimeZoneInformation
GetFileType
GetTickCount
CompareStringA
EnumSystemLocalesA
SetLocaleInfoW
HeapReAlloc
GetProcAddress
CreateFileA
DeleteCriticalSection
GetACP
CompareStringW
GetConsoleMode
TlsAlloc
GetCurrencyFormatW
CreateWaitableTimerW
FreeEnvironmentStringsA
CreateMutexA
LCMapStringW
SetPriorityClass
SetFilePointer
TerminateProcess
ExitProcess
WriteConsoleW
GetCPInfo
SetEnvironmentVariableA
SetLastError
GlobalCompact
SetConsoleCtrlHandler
GetTimeFormatA
FindFirstFileExW
OpenMutexA
InterlockedDecrement
GetEnvironmentStrings
GetUserDefaultLCID
GetSystemTimeAsFileTime
IsValidCodePage
GetCurrentProcess
CloseHandle

shell32

SHGetSpecialFolderLocation
SHAppBarMessage
SHEmptyRecycleBinA
DragQueryFileA
SheChangeDirExW

user32

EmptyClipboard
ChangeDisplaySettingsW
ChildWindowFromPointEx
GetMenuStringA
CharUpperBuffW
OemToCharA
DdeSetQualityOfService
OpenDesktopA
GetClassInfoExA
SetWindowPos
SetSystemCursor
DialogBoxIndirectParamW
GetClipboardViewer
GetProcessWindowStation
ExcludeUpdateRgn
CallMsgFilterW
UnregisterClassW
MsgWaitForMultipleObjectsEx
MonitorFromWindow
SetWindowPlacement
DispatchMessageA
ChangeDisplaySettingsExW
DefDlgProcA
SetMenu
LoadBitmapA
TrackMouseEvent
SetCursorPos
BroadcastSystemMessageA
GetClassInfoExW
RegisterClassA
CheckRadioButton
GetDialogBaseUnits
WINNLSGetIMEHotkey
PeekMessageA
CreateWindowStationW
CallWindowProcA
MessageBeep
DlgDirSelectComboBoxExA
RegisterClassExA
VkKeyScanExW
RegisterHotKey
ToUnicode
GetMenuContextHelpId
TranslateMessage
GetFocus
WindowFromDC
ShowOwnedPopups
DrawFrame
LoadKeyboardLayoutA
GetUserObjectInformationA

gdi32

LPtoDP
GetSystemPaletteEntries
GetTextMetricsA
UpdateICMRegKeyW
CreatePenIndirect
SetPixelV
SetTextJustification

Sections

.text
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1567f2db74b875d1e8b51a5a38332e82

Headers

File Characteristics

Imports

advapi32

comctl32

wininet

kernel32

shell32

user32

gdi32

Sections

.text Size: 196KB - Virtual size: 192KB

.rdata Size: 396KB - Virtual size: 393KB

.data Size: 140KB - Virtual size: 136KB

.rsrc Size: 76KB - Virtual size: 73KB

.text
Size: 196KB - Virtual size: 192KB

.rdata
Size: 396KB - Virtual size: 393KB

.data
Size: 140KB - Virtual size: 136KB

.rsrc
Size: 76KB - Virtual size: 73KB