0ca07582c3a403f53966664f1ac7994d70baa95d348fe0a696f1318ec7c9cf63

Sharing

Copy URL

Twitter E-mail

General

Target

0ca07582c3a403f53966664f1ac7994d70baa95d348fe0a696f1318ec7c9cf63
Size

326KB
MD5

7ed7232bbbaa405f0c23998283f4ef93
SHA1

ae421666caa9e5e1492695825db98c4e633a677e
SHA256

0ca07582c3a403f53966664f1ac7994d70baa95d348fe0a696f1318ec7c9cf63
SHA512

f1b6b8092c1c757e8c57100b8b1f11b4042c1937e088ce5760e6cc83c5374ee76eda258bd8402365fed98095cceff797b86c889e381ab046ae7af34d74d99266
SSDEEP

6144:V52Ppm4KCRQ5xlCyHEzKuulZqoVAF0dod8TQXIlJ2uU5:V52PpJcT3coDgaQXIlJ2

Score

N/A

Malware Config

Signatures

Files

0ca07582c3a403f53966664f1ac7994d70baa95d348fe0a696f1318ec7c9cf63
.exe windows x86

284cd01a0fda6ffbbf8dec88da1b67e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualLock
CancelIo
GlobalAddAtomA
SetHandleCount
SetConsoleOutputCP
GetWindowsDirectoryA
EnumCalendarInfoW
FindCloseChangeNotification
CreateNamedPipeW
VirtualUnlock
QueryDosDeviceA
GetSystemTimeAdjustment
GetEnvironmentStringsW
CreateDirectoryExA
SetProcessWorkingSetSize
EnumResourceNamesA
GlobalFindAtomW
Beep
ExitProcess
GlobalReAlloc
GetOverlappedResult
FreeResource
SetCommMask
FormatMessageW
GetStringTypeExW
TryEnterCriticalSection
OpenFile
PeekConsoleInputW
SetConsoleWindowInfo
VirtualFree
SetEnvironmentVariableA
SetNamedPipeHandleState
ScrollConsoleScreenBufferA
CreateFileW
SetTimeZoneInformation
_lopen
InitializeCriticalSection
FlushFileBuffers
UnhandledExceptionFilter
SetConsoleMode
CreateEventA
GetLocaleInfoW
VirtualQuery
SetThreadAffinityMask
GetCommandLineA
lstrlenA
VirtualAlloc
lstrcatW

user32

GetSystemMetrics
PeekMessageA
UnhookWinEvent
EqualRect
CreateDialogIndirectParamW

gdi32

GetNearestPaletteIndex
OffsetClipRgn
Rectangle
GetPolyFillMode
EnumEnhMetaFile

advapi32

RegUnLoadKeyA
RegQueryValueExA
AddAccessDeniedAce
SetSecurityDescriptorOwner
CryptVerifySignatureW
CryptAcquireContextW
RegEnumKeyExA
EqualSid
PrivilegeCheck
RegLoadKeyW
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
CryptExportKey
EnumServicesStatusA
GetFileSecurityA
LookupPrivilegeValueA
MakeAbsoluteSD
GetAclInformation
InitializeSecurityDescriptor
GetServiceKeyNameW
QueryServiceLockStatusW
GetSecurityDescriptorOwner
ObjectDeleteAuditAlarmW
LookupPrivilegeValueW
LogonUserW
BuildSecurityDescriptorW
CryptGenRandom

shell32

SHAddToRecentDocs

ole32

OleCreateFromData
OleSetClipboard
ReadClassStm
OleCreateLink
CoReleaseMarshalData
CoFreeUnusedLibraries
CoCreateInstanceEx
OleRegGetMiscStatus

oleaut32

SetErrorInfo
LoadTypeLi
VariantCopy
SafeArrayPutElement

comctl32

ImageList_DrawIndirect

shlwapi

PathCombineA
StrDupA

Sections

muakwcm
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

qokckw
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

kaskwk
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cuouqkq
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

284cd01a0fda6ffbbf8dec88da1b67e4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

muakwcm Size: 4KB - Virtual size: 4KB

qokckw Size: 3KB - Virtual size: 3KB

kaskwk Size: 291KB - Virtual size: 290KB

cuouqkq Size: 26KB - Virtual size: 25KB

muakwcm
Size: 4KB - Virtual size: 4KB

qokckw
Size: 3KB - Virtual size: 3KB

kaskwk
Size: 291KB - Virtual size: 290KB

cuouqkq
Size: 26KB - Virtual size: 25KB