0c2b9ed385a0c5dbd26698d123a7abccb2b6f4daea1fa7b6654d500f37c8450e

Sharing

Copy URL

Twitter E-mail

General

Target

0c2b9ed385a0c5dbd26698d123a7abccb2b6f4daea1fa7b6654d500f37c8450e
Size

568KB
MD5

36172c849955dcc695763689e7bad311
SHA1

c5198d0f62fe82bf359b782a560fd07f10407b97
SHA256

0c2b9ed385a0c5dbd26698d123a7abccb2b6f4daea1fa7b6654d500f37c8450e
SHA512

2e23c5f6e900fc37890fa96c7ba5d38f59f6cd0298531e416c7a75015a118c09151d7abaf37bcd36bd755bc75e1a07c15e058175a50e75572303b54c72a2ae90
SSDEEP

12288:WswJ+a5RR5mZ7bNuWvAbwT4XDqTwuyUzs:WswJrlmZYb0T4XOTV/

Score

N/A

Malware Config

Signatures

Files

0c2b9ed385a0c5dbd26698d123a7abccb2b6f4daea1fa7b6654d500f37c8450e
.exe windows x86

a99bbaac9924a10d8d0d23ded92277fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetLocaleInfoA
GetUserDefaultLCID
TlsAlloc
VirtualProtect
MultiByteToWideChar
GetTimeFormatA
ReadFile
EnterCriticalSection
FreeEnvironmentStringsW
GetModuleHandleA
FlushFileBuffers
HeapReAlloc
LoadLibraryA
GetEnvironmentStrings
GetFileType
VirtualQuery
UnhandledExceptionFilter
GetModuleFileNameA
HeapDestroy
IsValidCodePage
OpenMutexA
DeleteCriticalSection
HeapSize
QueryPerformanceCounter
TlsFree
HeapAlloc
InitializeCriticalSection
SetFilePointer
GetLastError
GetCommandLineW
ExitProcess
GetStdHandle
LCMapStringA
GetDateFormatA
TlsGetValue
GetStringTypeA
GetStringTypeW
CreateMutexA
GetSystemInfo
VirtualFree
FreeEnvironmentStringsA
CloseHandle
CompareStringW
GetCPInfo
GetOEMCP
VirtualAlloc
TerminateProcess
GetEnvironmentStringsW
SetStdHandle
GetTickCount
GetModuleFileNameW
GetCurrentThread
GetTimeZoneInformation
SetEnvironmentVariableA
RtlUnwind
GetStartupInfoW
EnumSystemLocalesA
GetCommandLineA
GetCurrentProcessId
LeaveCriticalSection
SetLastError
GetCurrentThreadId
GetLocaleInfoW
InterlockedExchange
GetLogicalDriveStringsW
IsBadWritePtr
TlsSetValue
GetCurrentProcess
FlushViewOfFile
GetVersionExA
GetSystemTimeAsFileTime
SetHandleCount
CompareStringA
GetStartupInfoA
HeapCreate
HeapFree
IsValidLocale
GetACP
WideCharToMultiByte
GetProcAddress
GlobalAlloc
LCMapStringW

shell32

SHQueryRecycleBinA
SHGetInstanceExplorer
FindExecutableW
RealShellExecuteExA

advapi32

RegSaveKeyA
RegEnumKeyA
CryptDecrypt
InitiateSystemShutdownW
CryptVerifySignatureA
RegLoadKeyA
RegEnumKeyExW
RegSetValueExA
LookupAccountSidA
CreateServiceW
CryptHashSessionKey

user32

GetDoubleClickTime
ActivateKeyboardLayout
DdeCreateDataHandle
CreateMDIWindowA
ClipCursor
DefFrameProcA
GetWindowLongW
RegisterClassA
MessageBoxW
RegisterClassExA
DrawFrame
IsDlgButtonChecked
GetDlgItemTextW
DdeCreateStringHandleA
DdeAddData
CreateDesktopA
EnumPropsExA

comctl32

ImageList_Merge
ImageList_AddIcon
DrawInsert
ImageList_BeginDrag
ImageList_Read
CreateMappedBitmap
InitCommonControlsEx
CreateToolbarEx
InitMUILanguage
CreateStatusWindow
DestroyPropertySheetPage
ImageList_SetIconSize
ImageList_DragLeave
ImageList_Create
ImageList_DrawEx
ImageList_Draw

comdlg32

PrintDlgA
FindTextA
GetOpenFileNameA
ReplaceTextW

Sections

.text
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 218KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a99bbaac9924a10d8d0d23ded92277fe

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

user32

comctl32

comdlg32

Sections

.text Size: 198KB - Virtual size: 198KB

.rdata Size: 218KB - Virtual size: 228KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 44KB - Virtual size: 44KB

.text
Size: 198KB - Virtual size: 198KB

.rdata
Size: 218KB - Virtual size: 228KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 44KB - Virtual size: 44KB