1cd7904232d47a2fffc2e8e9f887ff99ed9542eb8d3fb32f3d68bce2b0d81c9c

Sharing

Copy URL Twitter E-mail

General

Target

1cd7904232d47a2fffc2e8e9f887ff99ed9542eb8d3fb32f3d68bce2b0d81c9c
Size

790KB
MD5

a5b6eb0a7cfc74fcfab15c9c9bdbc5e7
SHA1

623cdbed55d0d016ddd9eb42d498a91bbb1d1738
SHA256

1cd7904232d47a2fffc2e8e9f887ff99ed9542eb8d3fb32f3d68bce2b0d81c9c
SHA512

8de5d571a6e7cb7fd3f95e071c4fbafddbedaef560605eb1805e08515c786b492259e4004d971712d981fb0f5b67ae41e7ae71f8d6253940838180b52db30234
SSDEEP

12288:ZAMY03X3XXD3I33333k363k3haXkX+W3g35Q3z3a3Gv33XHI3vZI3333B3plGXHT:VDcQdJ4Xhf5NwrDO

Score

N/A

Malware Config

Signatures

Files

1cd7904232d47a2fffc2e8e9f887ff99ed9542eb8d3fb32f3d68bce2b0d81c9c
.exe windows x86

fd4b47da6f0da150d1178f4e613d424b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationW
LocalFree
GetLastError
SetFilePointerEx
GetVersionExW
GetFullPathNameW
GetFileSizeEx
GetDiskFreeSpaceExW
GetTimeFormatW
GetSystemInfo
GetProcAddress
GetModuleHandleA
GetLogicalDriveStringsW
GetDateFormatW
GetCurrentThread
GetCurrentProcess
FormatMessageW
DeviceIoControl
DeleteFileW
CreateHardLinkW
CloseHandle
GetStartupInfoA
GetProcessHeap
GetDriveTypeW
GetVersion
GetModuleHandleW
VirtualAllocEx
CreateFileW
GetCurrentProcessId
SetEndOfFile

user32

LoadIconA
LoadIconW

gdi32

CloseFigure
GetDCBrushColor
GetGraphicsMode
DeleteDC
EndDoc

advapi32

OpenEventLogW
RegOpenKeyExW
RegCloseKey
ReadEventLogW
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
LookupAccountSidW
LookupAccountNameW
ImpersonateSelf
CloseEventLog
CheckTokenMembership
AllocateAndInitializeSid
AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyA
RegSetValueExW
RevertToSelf
RegQueryValueExW

ole32

CoTaskMemFree
StringFromIID

msvcrt

wprintf
wcsncat
wcslen
_XcptFilter
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_adjust_fdiv
_c_exit
_cexit
_controlfp
_errno
_except_handler3
_exit
_initterm
_wcsdup
_wcsicmp
_wcsnicmp
_wctime
calloc
exit
free
isalpha
isdigit
iswctype
malloc
printf
setlocale
swprintf
toupper
towupper
wcscat
wcscpy

Sections

.text
Size: 688KB - Virtual size: 688KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd4b47da6f0da150d1178f4e613d424b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

msvcrt

Sections

.text Size: 688KB - Virtual size: 688KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 33KB - Virtual size: 33KB

.text
Size: 688KB - Virtual size: 688KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 33KB - Virtual size: 33KB