663024e34e62695c838c6710386685850255cf130d5803b6b676d2683d794597

Sharing

Copy URL Twitter E-mail

General

Target

663024e34e62695c838c6710386685850255cf130d5803b6b676d2683d794597
Size

205KB
MD5

147674f26a8b1647e46fef7f7a273fc8
SHA1

dd6211e5c61d59af39780bf753f2282ec0c211fe
SHA256

663024e34e62695c838c6710386685850255cf130d5803b6b676d2683d794597
SHA512

ba700e0b1c6288ddf82443c662063073a92c67e70fb125c3828ed4041158679fcf08677e2c772a852c12a6f8d7f641cd24920e8026fbc8fa1b0064b4c5123b02
SSDEEP

6144:QL9hPRmNY9u6pwpDkOkd10En7Y/XHinrG23KIODg:M9ZRmNY9DADkOkYw7YXbIODg

Score

N/A

Malware Config

Signatures

Files

663024e34e62695c838c6710386685850255cf130d5803b6b676d2683d794597
.exe windows x86

cc2a26729bb32457636a4ab6dfa4c24b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

nddeapi

NDdeGetShareSecurityA
NDdeGetErrorStringA
NDdeGetTrustedShareA
NDdeIsValidAppTopicListA
NDdeIsValidAppTopicListW
NDdeGetTrustedShareW
NDdeGetShareSecurityW

kernel32

lstrlenW
SetEndOfFile
GlobalAlloc
CreateSemaphoreW
CreateThread
DeleteCriticalSection
CreateFileW
WaitForMultipleObjects
GlobalLock
lstrcmpW
GetPrivateProfileStringW
SetUnhandledExceptionFilter
GetFullPathNameW
FreeLibrary
InterlockedDecrement
GetFileAttributesW
MultiByteToWideChar
CreateEventW
GlobalHandle
QueryPerformanceCounter
SetThreadPriority
EnterCriticalSection
lstrlenA
IsBadReadPtr
LeaveCriticalSection
GetSystemInfo
GetFileSize
lstrcpyW
GlobalFree
SetFilePointer
lstrcmpiW
GetACP
ReadFile
GetTickCount
WaitForSingleObject
GetTimeZoneInformation
GetModuleHandleA
GetProcAddress
ReleaseSemaphore
InterlockedExchange
InitializeCriticalSection
ResetEvent
CloseHandle
GetDiskFreeSpaceW
GetProcessHeap
GetVersionExW
HeapAlloc
GetModuleFileNameA
GlobalMemoryStatus
HeapFree
MulDiv
GlobalUnlock
GetSystemTimeAsFileTime
GetLastError
GetCurrentThread
GetCurrentProcess
lstrcpyA
WideCharToMultiByte
LoadLibraryW
GetThreadPriority
IsBadWritePtr
InterlockedIncrement
GetQueuedCompletionStatus
SetEvent
VirtualFree
GetCurrentProcessId
DeleteFileW
WriteFile
lstrcpynW
GetProfileIntA
GetEnvironmentStringsA
IsBadCodePtr

user32

SendMessageW
SetCursor
CheckDlgButton
LoadCursorW
SetDlgItemInt
SetWindowLongW
GetDesktopWindow
GetWindowLongW
MoveWindow
CheckRadioButton
DefWindowProcW
GetAsyncKeyState
DispatchMessageW
IsWindow
PeekMessageW
EnableWindow
GetDlgItemInt
GetWindowRect
InvalidateRect
ShowWindow
GetDlgItem
LoadStringW
ClientToScreen
TranslateMessage
IsRectEmpty
IsWindowVisible
CreateDialogParamW
DestroyWindow
SetDlgItemTextW
GetDC
ReleaseDC
GetClientRect

cewmdm

DllGetClassObject
DllRegisterServer
DllUnregisterServer
DllCanUnloadNow

cfgmgr32

CMP_WaitServicesAvailable
CM_Add_Empty_Log_Conf
CMP_Init_Detection
CMP_WaitNoPendingInstallEvents
CMP_Report_LogOn

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc2a26729bb32457636a4ab6dfa4c24b

Headers

File Characteristics

Imports

nddeapi

kernel32

user32

cewmdm

cfgmgr32

Sections

.text Size: 93KB - Virtual size: 92KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 48KB - Virtual size: 2.1MB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 48KB - Virtual size: 2.1MB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB