c5090f267e3c747f7d16da517bdf84becd60a31b71661a18d2daabe76bf585a9

Sharing

Copy URL Twitter E-mail

General

Target

c5090f267e3c747f7d16da517bdf84becd60a31b71661a18d2daabe76bf585a9
Size

371KB
MD5

e06f9c01ba13ae0a72da3647e94532b2
SHA1

2b80cc38e1e066e5b162fef338a2f0bc18fabd51
SHA256

c5090f267e3c747f7d16da517bdf84becd60a31b71661a18d2daabe76bf585a9
SHA512

6b7da3da728f3ca75dd0dc01c2566f07e1c6a7def9e2b61772978f0727ea2e10f6244003ab9ba9bf95e67b7a0adb4f1012185b718780e9809f5fb06200144e92
SSDEEP

6144:0KHOnU+aHPbenAA2zsVmsDA7ee0XgkKMAy4ZsTFklWRo4+:zbv6D2yDswXgkHt

Score

N/A

Malware Config

Signatures

Files

c5090f267e3c747f7d16da517bdf84becd60a31b71661a18d2daabe76bf585a9
.exe windows x86

90d4ebdfc3cd06f64ed56be3ba62e266

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenA
GetFileSize
GetVersionExW
DisableThreadLibraryCalls
ReadFile
GetCurrentProcess
IsBadWritePtr
GetSystemTime
GetTimeZoneInformation
SetFilePointer
HeapReAlloc
lstrlenW
GetSystemTimeAsFileTime
IsBadReadPtr
Sleep
GlobalReAlloc
GlobalSize
GlobalHandle
GlobalFree
WaitForSingleObjectEx
GetVersionExA
CreateThread
WaitForMultipleObjectsEx
SetEvent
FreeLibraryAndExitThread
SetUnhandledExceptionFilter
IsValidLocale
lstrcmpA
GetSystemTimes
IsBadStringPtrA
OutputDebugStringA
VirtualQuery
GetSystemInfo
GetTickCount
VirtualAlloc

user32

CopyRect
SetRectEmpty
GetWindow
SetWindowPos
IsCharUpperA
KillTimer
EqualRect
SetTimer
MsgWaitForMultipleObjects
wsprintfA
SetRect
GetSystemMetrics
DestroyWindow
wsprintfW
MapWindowPoints
GetDC
FindWindowA
ReleaseDC

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

ole32

CoTaskMemAlloc
ProgIDFromCLSID
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
StringFromGUID2
StringFromCLSID
CoInitializeEx
CoUninitialize
CoTaskMemFree

msvcrt

free
bsearch
memmove

shlwapi

StrCmpW
PathFileExistsW
PathFindExtensionW
StrStrIW
StrCmpNIW
StrCmpIW
StrCatW

wininet

InternetCombineUrlW
InternetCrackUrlW
InternetGetConnectedStateExW

urlmon

CoGetClassObjectFromURL
FindMimeFromData
CoInternetCombineUrl
CompatFlagsFromClsid

Sections

.text
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

90d4ebdfc3cd06f64ed56be3ba62e266

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

shlwapi

wininet

urlmon

Sections

.text Size: 358KB - Virtual size: 358KB

.data Size: 12KB - Virtual size: 12KB

.text
Size: 358KB - Virtual size: 358KB

.data
Size: 12KB - Virtual size: 12KB