1c6aea3826631acde0eec7e51510b730dd80f86388b39ba15baac9055c118ef5

Sharing

Copy URL Twitter E-mail

General

Target

1c6aea3826631acde0eec7e51510b730dd80f86388b39ba15baac9055c118ef5
Size

553KB
MD5

99f17e24972e01aca3653313ef1ca95b
SHA1

e97d103fa931e2df8c8d9311c63ea562e21c65a5
SHA256

1c6aea3826631acde0eec7e51510b730dd80f86388b39ba15baac9055c118ef5
SHA512

bdd8e4917e8490a57650c40cd6885fcc20f624af146448018aca6c17357bb092228f0b8743e50003c487f8560d8bf1c72d858f1eb454ab6c36af54ab66933636
SSDEEP

12288:pmqIfyYRZ4RbN+Lvb4eQmhYLNBZfKwz9y:pmqIfyQaVoh2LNd5y

Score

N/A

Malware Config

Signatures

Files

1c6aea3826631acde0eec7e51510b730dd80f86388b39ba15baac9055c118ef5
.exe windows x86

30c7fac20b2addb83533a4a790e043b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptCreateHash
GetUserNameW
RegOpenKeyExA
CryptEncrypt
RegEnumValueA
CryptGetProvParam
DuplicateTokenEx
CryptAcquireContextA
LookupPrivilegeDisplayNameW
RegQueryMultipleValuesW
LookupAccountSidW
RegQueryValueExW

comctl32

InitCommonControlsEx

kernel32

GetTimeFormatA
HeapSize
HeapAlloc
LockFileEx
GetProcAddress
EnumSystemCodePagesW
EnumCalendarInfoW
TlsGetValue
GetEnvironmentStrings
FlushFileBuffers
InterlockedDecrement
VirtualFree
IsValidCodePage
GetTempPathA
WideCharToMultiByte
GetDateFormatA
TlsAlloc
WriteConsoleInputW
GetSystemDirectoryA
GetUserDefaultLCID
SetFilePointer
GetCurrentThread
GetThreadTimes
WriteFile
EnumSystemLocalesA
VirtualAlloc
FreeLibrary
QueryPerformanceCounter
ExitProcess
WriteConsoleW
HeapCreate
GetLocaleInfoA
GetProcessHeap
HeapFree
SetEnvironmentVariableA
FreeEnvironmentStringsW
SetLastError
CompareStringA
WriteConsoleA
GetTickCount
TerminateProcess
GetCalendarInfoW
GetCurrentProcess
HeapReAlloc
CompareStringW
GetCurrentProcessId
GetOEMCP
TlsSetValue
LoadLibraryA
VirtualQuery
IsValidLocale
GetACP
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
GetLastError
InterlockedIncrement
GetStringTypeA
IsDebuggerPresent
HeapDestroy
SetHandleCount
GetConsoleCP
GetStartupInfoA
GetConsoleMode
GetCurrentThreadId
GetVersionExA
GetStdHandle
CloseHandle
GetCPInfo
OpenMutexA
LCMapStringA
CreateFileA
GetStringTypeW
GetLocaleInfoW
SetStdHandle
GetTimeZoneInformation
GlobalUnfix
DeleteCriticalSection
SetConsoleCtrlHandler
CreateMutexA
ReadFile
GetModuleHandleA
UnhandledExceptionFilter
GetFileType
LeaveCriticalSection
LCMapStringW
GetConsoleOutputCP
GetCommandLineA
GetModuleFileNameA
Sleep
TlsFree
SetConsoleScreenBufferSize
GetSystemTimeAsFileTime
EnterCriticalSection
GetEnvironmentStringsW
InterlockedExchange
InitializeCriticalSection
MultiByteToWideChar
RtlUnwind

gdi32

StartPage
CreatePolyPolygonRgn
SetMetaFileBitsEx
UnrealizeObject
GetRegionData
FlattenPath
OffsetRgn
ExtTextOutA
GetObjectW
SetICMMode
SelectObject
CreateDIBPatternBrushPt
CreateDCW
SetBitmapDimensionEx

shell32

ShellAboutA
SHGetPathFromIDListA
SHLoadInProc
RealShellExecuteExA
DragQueryFileAorW

user32

GetScrollRange
RegisterClassA
EnumPropsExA
RegisterClassExA

wininet

FtpCreateDirectoryW
FtpCommandA
InternetSecurityProtocolToStringA
InternetSetCookieW
FtpPutFileW
FtpGetFileSize

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30c7fac20b2addb83533a4a790e043b8

Headers

File Characteristics

Imports

advapi32

comctl32

kernel32

gdi32

shell32

user32

wininet

Sections

.text Size: 174KB - Virtual size: 174KB

.rdata Size: 10KB - Virtual size: 29KB

.data Size: 358KB - Virtual size: 357KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 174KB - Virtual size: 174KB

.rdata
Size: 10KB - Virtual size: 29KB

.data
Size: 358KB - Virtual size: 357KB

.rsrc
Size: 9KB - Virtual size: 8KB