15cbd8348a15c68039f3137d831a119da3a88781ced9c6e6347877f4b98c2c1e

Sharing

Copy URL Twitter E-mail

General

Target

15cbd8348a15c68039f3137d831a119da3a88781ced9c6e6347877f4b98c2c1e
Size

560KB
MD5

9e6f5f2df13b727d693d37c042d2460d
SHA1

8fbcc99a20393428029bc81ece54da5e84f70f97
SHA256

15cbd8348a15c68039f3137d831a119da3a88781ced9c6e6347877f4b98c2c1e
SHA512

374ecd8b3be1b6a5c6f40785d802e6020b39ebbaad42e9896a15bb5546c719aae4c1fca5fed49a9b0cf49762c85f98007cbf8a63d4331f7323508c3738fb1a43
SSDEEP

12288:9v4mLvWsOGW13/8Ko2x2Om3hlzX4rHZ7LpYJkjBan4Y:bLSGW1UhY2RhlSf2JsBa4

Score

N/A

Malware Config

Signatures

Files

15cbd8348a15c68039f3137d831a119da3a88781ced9c6e6347877f4b98c2c1e
.exe windows x86

fa15a3ea9c299fd36ddec365981e53cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
GetCurrentThreadId
GetTickCount
VirtualProtect
GetSystemDefaultLCID
HeapSize
TlsFree
TlsSetValue
GetCurrentProcess
VirtualFree
WideCharToMultiByte
ReadFile
HeapCreate
SetEnvironmentVariableA
SetLastError
VirtualAlloc
DeleteCriticalSection
LCMapStringA
HeapReAlloc
GetModuleHandleA
GetStdHandle
GetStartupInfoA
UnhandledExceptionFilter
CreateFileA
GetDateFormatA
GetTimeZoneInformation
WriteFile
GetLocaleInfoA
FreeEnvironmentStringsW
HeapFree
GetEnvironmentStringsW
OpenMutexA
VirtualQuery
GetACP
SetFilePointer
ExitProcess
FindFirstFileA
SetStdHandle
GetCurrentThread
FreeEnvironmentStringsA
LeaveCriticalSection
CreateMutexA
WaitForDebugEvent
GetSystemTimeAsFileTime
GetCommandLineA
GetModuleFileNameA
HeapDestroy
GetStringTypeW
EnumSystemLocalesA
TlsGetValue
EnterCriticalSection
GetOEMCP
QueryPerformanceCounter
lstrcatW
GetProcessHeap
LCMapStringW
FlushFileBuffers
TlsAlloc
IsBadWritePtr
InitializeCriticalSection
InterlockedExchange
GetTimeFormatA
GetFileType
RtlUnwind
HeapAlloc
CompareStringA
GetSystemInfo
SetHandleCount
OutputDebugStringW
GetEnvironmentStrings
GetCPInfo
GetStringTypeA
GetCurrentProcessId
GetProcAddress
GetLocaleInfoW
IsValidCodePage
GetLastError
CloseHandle
GetVersionExA
TerminateProcess
LoadLibraryA
MultiByteToWideChar
CompareStringW
GetUserDefaultLCID

user32

InSendMessageEx
GetKeyNameTextW
SetWindowRgn
DispatchMessageW
DestroyWindow
IsDialogMessageA
EnumDesktopsW
IsCharAlphaNumericW
CreateDialogIndirectParamA
CreateMenu
GetWindowTextW
MenuItemFromPoint
DestroyCursor
GetWindowInfo
GetKeyboardLayout
EnumChildWindows
CharLowerBuffW
InvertRect
SetWindowTextW
SetClassWord
DestroyAcceleratorTable
SetCursor
LoadImageA
SetClipboardViewer
DrawTextExW
GetClassInfoA
GetAncestor
IsCharAlphaA
UnloadKeyboardLayout
SetWindowTextA
GetParent
CharNextExA
GetClassLongA
PostMessageA
GetClipboardViewer
GetIconInfo
DdeUnaccessData
GetKBCodePage
ModifyMenuA
MessageBeep
GetActiveWindow
RegisterDeviceNotificationW
ShowWindow
InvalidateRect
ReleaseDC
GetKeyNameTextA
KillTimer
OpenDesktopW
CreateWindowStationW
GetWindowThreadProcessId
CascadeChildWindows
GetMenuItemInfoW
BeginDeferWindowPos
GetMenuItemInfoA
wsprintfW
DrawEdge
RealChildWindowFromPoint
SetMessageQueue
GetWindowRect
IsCharUpperW
DlgDirListComboBoxW
MessageBoxExA
CharPrevA
RegisterClassW
DlgDirSelectComboBoxExW
SetPropA
CreateCursor
SendMessageW
GetMenuDefaultItem
GetWindowContextHelpId
LoadMenuIndirectA
MessageBoxW
FreeDDElParam
LoadCursorA
GetMenuItemRect
GetSysColor
GetNextDlgGroupItem
CreateWindowExW
AttachThreadInput
AdjustWindowRectEx
SetRectEmpty
CharNextW
DefWindowProcA
DdeCmpStringHandles
GetWindowLongA
CallWindowProcW
GetMenuItemID
DdeAddData
ToAsciiEx
CreateIcon
OpenClipboard
ChangeMenuW
IsDialogMessage
RegisterClassExA
SetClassLongW
LoadMenuA
ValidateRgn
RegisterClassA
DialogBoxParamA
GetClipboardSequenceNumber
MsgWaitForMultipleObjectsEx
VkKeyScanA
DdeAbandonTransaction
OpenDesktopA
GetClassLongW

comdlg32

PageSetupDlgW
PrintDlgA

comctl32

ImageList_Duplicate
ImageList_ReplaceIcon
ImageList_GetDragImage
CreateToolbarEx
DestroyPropertySheetPage
ImageList_SetDragCursorImage
ImageList_AddIcon
CreatePropertySheetPageA
ImageList_Destroy
ImageList_DragEnter
ImageList_Replace
ImageList_Write
ImageList_GetIcon
DrawStatusTextA
InitCommonControlsEx
ImageList_Add
MakeDragList
ImageList_AddMasked
ImageList_Read
ImageList_SetFilter
ImageList_GetBkColor
ImageList_GetImageRect
ImageList_GetIconSize
ImageList_Create

wininet

FtpGetCurrentDirectoryA
IncrementUrlCacheHeaderData
GetUrlCacheGroupAttributeA
IsUrlCacheEntryExpiredW
FindNextUrlCacheEntryExA
InternetTimeFromSystemTime
InternetCreateUrlA
CommitUrlCacheEntryA

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa15a3ea9c299fd36ddec365981e53cc

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

comctl32

wininet

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 260KB - Virtual size: 258KB

.data Size: 112KB - Virtual size: 141KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 260KB - Virtual size: 258KB

.data
Size: 112KB - Virtual size: 141KB

.rsrc
Size: 16KB - Virtual size: 15KB