c888612e6655b4aa7d756bddce92d02facb05b1da8f413e4ec6864bbb4b4b300

Sharing

Copy URL Twitter E-mail

General

Target

c888612e6655b4aa7d756bddce92d02facb05b1da8f413e4ec6864bbb4b4b300
Size

1.1MB
MD5

3c5ae3b99f3c5ed132ee8d974efa00cb
SHA1

09fdb38caf3cdea55d9a050669cfd9bdb50a9465
SHA256

c888612e6655b4aa7d756bddce92d02facb05b1da8f413e4ec6864bbb4b4b300
SHA512

8375f43a424f6c196d5a974fff80f3fe74e687c703f2e42e102d0e1f2c4da8de0a7421940a9defa66da7f6a5df79ccbb4bd630d830e82de9cbd5fadae792a17e
SSDEEP

6144:LB+ckWHhAaCDG0/7JQL5mgNTrMj0qeruei5eHDniOiXsY81VZDUIo9foYMX6:YcanD9JsTrMAEeJjnno9fZM

Score

N/A

Malware Config

Signatures

Files

c888612e6655b4aa7d756bddce92d02facb05b1da8f413e4ec6864bbb4b4b300
.exe windows x86

0d2d73abccaade69a740aa8cf1fe45bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
FindFirstFileW
FindNextFileW
FormatMessageW
GetCommState
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceW
GetEnvironmentVariableW
GetFileAttributesA
GetFileAttributesW
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTickCount
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
HeapAlloc
HeapFree
InitializeCriticalSection
FindClose
LeaveCriticalSection
LoadLibraryW
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenFileMappingA
OpenProcess
QueryPerformanceCounter
ReadFile
ResetEvent
SetCommState
SetCommTimeouts
SetCurrentDirectoryW
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatW
lstrcpyW
lstrlenW
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExitThread
ExitProcess
EnterCriticalSection
DeleteFileW
DeleteFileA
DeleteCriticalSection
DebugBreak
CreateThread
CreateProcessW
CreateMutexW
CreateFileW
CreateFileMappingA
CreateFileA
CreateEventW
CreateEventA
CreateDirectoryW
CreateDirectoryA
CopyFileW
CloseHandle
GetDriveTypeA
GetModuleHandleW
IsDBCSLeadByte
VirtualAlloc

user32

SystemParametersInfoW
TranslateMessage
wsprintfW
ShowWindow
SetWindowPos
SetWindowLongW
SetWindowLongA
SetTimer
SetForegroundWindow
SetFocus
SendMessageW
SendMessageA
SendDlgItemMessageW
ScreenToClient
ReleaseDC
RegisterClassExW
RedrawWindow
PostQuitMessage
PostMessageW
MessageBoxW
MessageBoxA
LoadStringW
LoadStringA
LoadImageW
LoadIconW
IsWindow
InvalidateRect
GetWindowRect
GetWindowLongW
GetWindowLongA
GetParent
GetMessageW
GetDlgItem
GetDC
GetClientRect
FindWindowW
ExitWindowsEx
EnumThreadWindows
EnumChildWindows
EndDialog
EnableWindow
DispatchMessageW
DialogBoxParamW
DefWindowProcW
CopyRect
CharLowerW
GetSysColor
LoadCursorA
CreateWindowExW

gdi32

GetDeviceCaps
CreateFontIndirectW
AddFontResourceW

comdlg32

GetOpenFileNameW

advapi32

RegQueryValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegEnumKeyW
RegEnumKeyExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
LookupAccountSidW
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetFileInfoW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetSpecialFolderLocation

ole32

CLSIDFromString
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
OleInitialize
OleUninitialize

shlwapi

StrDupW
StrCpyW
StrCpyNW
StrCmpNIW
StrCmpIW
StrChrIW
StrCatW
SHGetValueW
PathAppendW
PathCombineW
PathIsDirectoryW
PathIsRootW
StrCmpW

msvcrt

_ftol
wcsrchr
wcsncpy
wcslen
wcscpy
wcschr
wcscat
towlower
strtoul
_XcptFilter
__getmainargs
__lconv_init
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_exit
_initterm
_mbschr
_mbsinc
_mbsrchr
_wcsicmp
_wcsnicmp
_wtoi
exit
free
iswspace
memmove
setlocale

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d2d73abccaade69a740aa8cf1fe45bc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.data Size: 23KB - Virtual size: 23KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 2KB - Virtual size: 2KB