cbaeafa2356c6aef708e8abe229793b18ba9a39e27494904d47e8aa51614117b

Sharing

Copy URL Twitter E-mail

General

Target

cbaeafa2356c6aef708e8abe229793b18ba9a39e27494904d47e8aa51614117b
Size

519KB
MD5

8a37f7028c1f4f280306951c2137b7fe
SHA1

6b81c8068863fb770c3d60dbf1b98a549364dfc5
SHA256

cbaeafa2356c6aef708e8abe229793b18ba9a39e27494904d47e8aa51614117b
SHA512

b1ceabaa96868a8e886f9e8c4ec3820714628ab7bdd5fd4277b93528f2cde3297289f8b20adb8907fbdf6a699688de63a4f4006c495bb6070fa550e0d4ab4c4c
SSDEEP

12288:0U2oHZx7PBzaubhXvPfX0jpujfASTv9uJe:0SZx7PBzzhfPfEsISv94

Score

N/A

Malware Config

Signatures

Files

cbaeafa2356c6aef708e8abe229793b18ba9a39e27494904d47e8aa51614117b
.exe windows x86

d2f3312dbcb5680c368f8c22d10f6f7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

GetUrlCacheEntryInfoA
FtpRemoveDirectoryA
FtpGetCurrentDirectoryA
InternetGoOnlineW
HttpAddRequestHeadersW
CommitUrlCacheEntryW

kernel32

CompareStringA
GetFileType
TlsAlloc
WriteFile
HeapCreate
GetSystemTimeAsFileTime
GetVersionExA
IsValidCodePage
GetLastError
GetCurrentProcessId
SetLastError
LoadLibraryA
ReadFile
IsValidLocale
LeaveCriticalSection
CompareStringW
GetSystemInfo
OpenMutexA
TlsGetValue
HeapAlloc
GetCurrentThread
VirtualProtect
LCMapStringA
GetCurrentProcess
GetProfileSectionA
GetCommandLineA
GetUserDefaultLCID
CreateMutexA
SetStdHandle
GetStartupInfoA
QueryPerformanceCounter
HeapFree
FreeEnvironmentStringsA
FlushFileBuffers
GetOEMCP
VirtualAlloc
GetCPInfo
GetProcAddress
DeleteCriticalSection
lstrcmpi
ExitProcess
WideCharToMultiByte
UnhandledExceptionFilter
GetModuleFileNameA
RtlUnwind
SetFilePointer
GetEnvironmentStringsW
GetModuleHandleA
GetLocaleInfoA
GetCurrentThreadId
VirtualFree
SetHandleCount
GetStdHandle
GetEnvironmentStrings
TerminateProcess
GetTimeFormatA
GetTimeZoneInformation
FreeEnvironmentStringsW
InterlockedExchange
GetDateFormatA
InitializeCriticalSection
SetEnvironmentVariableA
GetTickCount
GetStringTypeW
HeapSize
EnterCriticalSection
GetLocaleInfoW
IsBadWritePtr
LCMapStringW
TlsSetValue
MultiByteToWideChar
VirtualQuery
HeapReAlloc
CloseHandle
GetACP
TlsFree
HeapDestroy
EnumSystemLocalesA
GetStringTypeA

user32

SetSystemCursor
MessageBoxW
RegisterClassA
DestroyWindow
ToUnicode
DragDetect
OemToCharBuffW
WaitForInputIdle
SetForegroundWindow
MoveWindow
CloseDesktop
RegisterClassExA
CreateWindowExW
EnumDesktopsA
DefWindowProcW
ShowWindow
FreeDDElParam
GetForegroundWindow

comctl32

ImageList_DrawEx
ImageList_DragEnter
ImageList_Read
CreateToolbarEx
ImageList_EndDrag
DrawStatusTextW
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_SetFilter
InitCommonControlsEx
ImageList_Replace
ImageList_Remove
ImageList_Duplicate
CreateStatusWindowW
ImageList_AddIcon
MakeDragList
GetEffectiveClientRect
CreatePropertySheetPage
ImageList_Write
CreateMappedBitmap
CreatePropertySheetPageW
ImageList_SetBkColor

shell32

InternalExtractIconListA
ExtractIconExA
SHUpdateRecycleBinIcon
SHBrowseForFolderA

Sections

.text
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2f3312dbcb5680c368f8c22d10f6f7e

Headers

File Characteristics

Imports

wininet

kernel32

user32

comctl32

shell32

Sections

.text Size: 320KB - Virtual size: 320KB

.rdata Size: 67KB - Virtual size: 94KB

.data Size: 112KB - Virtual size: 111KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 320KB - Virtual size: 320KB

.rdata
Size: 67KB - Virtual size: 94KB

.data
Size: 112KB - Virtual size: 111KB

.rsrc
Size: 18KB - Virtual size: 18KB