84fe21973cd34108f4361733538ac1054027f854e3d999e6a52cf5104f1cc09b

Sharing

Copy URL Twitter E-mail

General

Target

84fe21973cd34108f4361733538ac1054027f854e3d999e6a52cf5104f1cc09b
Size

290KB
MD5

3c9dd8780a57ff089d71a571d82ca7ef
SHA1

0d8ee1b59a7062d8e29edb99d983da21cb0785b1
SHA256

84fe21973cd34108f4361733538ac1054027f854e3d999e6a52cf5104f1cc09b
SHA512

763b3cb793b1f7984baf78ffb3479064aa3b00a37ba2d8b6000a9e81165d78abdecb6714736530ff9dc3012e93d666f8179cbbc9dd0a316c4443c6fbc4991ad7
SSDEEP

6144:CG1r6Ut+nHaHXgGgjT+3r919jOoSbeHK9KcaZZ4Q+rq:x1r6C+nHEFX9ad6pvZZEO

Score

N/A

Malware Config

Signatures

Files

84fe21973cd34108f4361733538ac1054027f854e3d999e6a52cf5104f1cc09b
.exe windows x86

d5dcf00500df81c626243f6df15fbf93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
RemoveDirectoryW
IsDebuggerPresent
HeapSize
GetSystemTimeAsFileTime
DeleteFileW
GetCommandLineW
GetTempFileNameW
SetHandleCount
GetOEMCP
ResetEvent
ReleaseMutex
LCMapStringA
GetModuleHandleA
CopyFileW
ExpandEnvironmentStringsW
EnumSystemLocalesA
GetExitCodeThread
SetConsoleCtrlHandler
IsValidLocale
GetProcessTimes
UnhandledExceptionFilter
GetCurrentDirectoryW
SetFileTime
SetThreadPriority
GetConsoleMode
SetFileAttributesW
LocalAlloc
IsValidCodePage
TlsGetValue
CreateFileW
SetLastError
GetTimeZoneInformation
GetFileAttributesExW
FreeLibrary
GetLogicalDriveStringsW
MoveFileExW
HeapFree
CreateMutexW
TlsAlloc
GetTempPathA
WaitForMultipleObjects
GetACP
WriteConsoleA
GetModuleHandleW
MoveFileW
CreatePipe
SetFilePointer
GetConsoleOutputCP
ReadFile
TlsSetValue
GetConsoleCP
LeaveCriticalSection
GetTempPathW
InitializeCriticalSectionAndSpinCount
CloseHandle
FindClose
WaitForSingleObject
CreateDirectoryW
DeleteCriticalSection
GetComputerNameW
OpenProcess
GetCurrentThreadId
CreateProcessW
WideCharToMultiByte
GetFileType
GetUserDefaultLCID
RaiseException
ExitThread
LocalFree
TryEnterCriticalSection
SetUnhandledExceptionFilter
GetSystemInfo
GetProcessHeap
DuplicateHandle
FindNextFileW
FindFirstFileW
VirtualAlloc
SetEnvironmentVariableA
CreateEventW
SetEndOfFile
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileA
HeapReAlloc
HeapAlloc
RtlUnwind
WriteFile
GetStdHandle
LCMapStringW
CompareStringA
CompareStringW
SetStdHandle
EnterCriticalSection
FlushFileBuffers
CreateThread
TlsFree
WriteConsoleW
VirtualAllocEx

user32

MessageBoxA

shell32

SHGetFolderPathW
ShellExecuteExW

advapi32

StartServiceW
CloseServiceHandle
RegDeleteKeyW
RegEnumValueW
ChangeServiceConfig2W
QueryServiceConfigW
RegEnumKeyExW
SetServiceStatus
ChangeServiceConfigW
RegisterServiceCtrlHandlerW
ControlService
RegQueryInfoKeyW
RegOpenKeyExW
QueryServiceStatus
RegQueryValueExW
RegCloseKey
OpenServiceW
OpenSCManagerW
RegDeleteValueW
StartServiceCtrlDispatcherW
RegisterEventSourceW
DeregisterEventSource
DeleteService
ReportEventW
RegCreateKeyExW
RegSetValueExW
CreateServiceW

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shlwapi

SHQueryValueExA
SHLoadIndirectString
SHRegGetUSValueW
PathStripPathA
ChrCmpIW
PathIsSameRootA
PathFindFileNameA
ColorHLSToRGB
StrNCatW
StrRetToBSTR
StrPBrkW
StrStrIW
PathAddExtensionA
AssocQueryStringW
UrlIsOpaqueW
StrRChrIA
PathUnmakeSystemFolderW
PathRemoveExtensionW
PathStripToRootA
PathRemoveFileSpecA
PathCommonPrefixW
PathQuoteSpacesA
PathFindNextComponentW
PathAddBackslashW
PathUnExpandEnvStringsW
PathRemoveArgsA
StrCpyW
wvnsprintfW
PathSkipRootA
DelayLoadFailureHook
SHRegDuplicateHKey
PathSearchAndQualifyW
PathAddBackslashA
SHRegEnumUSValueW
UrlGetLocationA
StrChrIW
SHSetThreadRef

comcat

DllGetClassObject

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 15.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5dcf00500df81c626243f6df15fbf93

Headers

File Characteristics

Imports

kernel32

user32

shell32

advapi32

iphlpapi

version

shlwapi

comcat

Sections

.text Size: 14KB - Virtual size: 13KB

.data Size: 260KB - Virtual size: 15.9MB

.rdata Size: 5KB - Virtual size: 119KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 14KB - Virtual size: 13KB

.data
Size: 260KB - Virtual size: 15.9MB

.rdata
Size: 5KB - Virtual size: 119KB

.rsrc
Size: 10KB - Virtual size: 9KB