a8cc6cc794f5eca588d3471731d1cd974dee250df948efa3fab4b16293d45839

Sharing

Copy URL Twitter E-mail

General

Target

a8cc6cc794f5eca588d3471731d1cd974dee250df948efa3fab4b16293d45839
Size

601KB
MD5

06b0edc1dda77a96223ec1018422ff7c
SHA1

87cff087aa5c1f1728a14baa9a0435b938015b9f
SHA256

a8cc6cc794f5eca588d3471731d1cd974dee250df948efa3fab4b16293d45839
SHA512

09ee172ebd4957ffd06dc65aa6acac522252f96d5f9ec98b0468cad61d85d432e952e26ad0fae77ebf24509ac86cbd23c62edbcb6179513cf1d6f848f0875f8d
SSDEEP

12288:G/iOXpu4Wo/WfTcFXXZyGSMHjdwjC3Ksy1HsC6TPr3OFhD5:0pGKXgGSMHZ99FpKFhD5

Score

N/A

Malware Config

Signatures

Files

a8cc6cc794f5eca588d3471731d1cd974dee250df948efa3fab4b16293d45839
.exe windows x86

0e3648252d7d9574a7fdcbf626ccd4d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
ConnectNamedPipe
GlobalGetAtomNameW
VirtualQueryEx
FindFirstFileExW
ExitThread
GlobalDeleteAtom
MoveFileExA
CreateProcessA
GetEnvironmentStringsW
VirtualQuery
GetCurrentProcessId
IsBadReadPtr
DosDateTimeToFileTime
_llseek
UnmapViewOfFile
VirtualLock
GetPrivateProfileStringW
GetOEMCP
LeaveCriticalSection
GetPrivateProfileSectionW
EnumSystemCodePagesW
GetAtomNameA
FormatMessageW
SetEnvironmentVariableW
GetCompressedFileSizeW
CreateDirectoryW
SetEndOfFile
GetCommModemStatus
RaiseException
SetSystemTime
IsBadWritePtr
CompareStringW
GlobalFindAtomW
WritePrivateProfileStringW
FreeLibrary
DuplicateHandle
EnumDateFormatsW
VirtualAlloc
CloseHandle
GetFileType
SetThreadPriorityBoost
FindFirstFileW
GetShortPathNameA
OutputDebugStringW
GlobalReAlloc
PeekConsoleInputW
SetFileAttributesA
CreateFileW
EnumSystemCodePagesA
SetConsoleTitleA
GenerateConsoleCtrlEvent
CopyFileExW
GetFileAttributesExA
GetHandleInformation
GetTapeParameters
ReleaseMutex
GetBinaryTypeW
SetProcessAffinityMask
SetMailslotInfo
RemoveDirectoryW
SetCurrentDirectoryA
CreateDirectoryA
WriteProcessMemory
GetStartupInfoA
GetTickCount
SetThreadLocale
LocalReAlloc
CreateMutexW
DeleteFiber
GetProfileStringA
SetProcessWorkingSetSize
VirtualAllocEx
SetCommTimeouts
LocalLock
FindResourceExW
PulseEvent
ReadConsoleInputW
ExitProcess
GetTempPathW
OutputDebugStringA
WriteFile
GetLogicalDriveStringsA
SearchPathW

user32

PeekMessageW
FindWindowW
GetAncestor
OpenWindowStationW
AppendMenuW
InvalidateRect
DrawStateA
UnregisterClassW
GetClassLongW
DrawIconEx
GetQueueStatus
AppendMenuA
GetDesktopWindow
LoadBitmapW
PostMessageA

gdi32

GetTextMetricsW
CreateICA
PatBlt
GetTextFaceW

comdlg32

CommDlgExtendedError
GetSaveFileNameW

advapi32

CryptAcquireContextW
RegUnLoadKeyA
RegCreateKeyW
GetSidSubAuthority
GetFileSecurityA
GetCurrentHwProfileW
CryptImportKey
GetSidIdentifierAuthority
RegNotifyChangeKeyValue
RegLoadKeyA
EnumServicesStatusW
RegQueryInfoKeyA
CryptReleaseContext
GetSecurityInfo

shell32

Shell_NotifyIconW
SHGetDesktopFolder
SHGetSpecialFolderPathA
SHChangeNotify
SHAddToRecentDocs
ExtractIconExW
DragQueryPoint
Shell_NotifyIconA
FindExecutableW

oleaut32

SafeArrayPutElement
SysAllocStringLen
SafeArrayRedim
SysFreeString
SysStringLen
LoadTypeLi
LoadTypeLibEx
SafeArrayCreate
SetErrorInfo
SafeArrayGetLBound

comctl32

ImageList_LoadImageW
ImageList_GetBkColor
_TrackMouseEvent
CreatePropertySheetPageW

msvcrt

_wputenv
isprint
_wsplitpath
_mbsnbcnt
_ultow
_access
_wremove
wcstol
_errno
_locking
wcsspn
_mbsnicmp
_ismbblead
_chdir
_cwait
_fullpath
freopen
_wgetcwd
frexp
fopen
strerror
_mbsncmp
_strnicoll
wscanf
iswspace
_wcsnset
srand
_isctype
wcstoul
_close
_strupr
strrchr
fflush
_wcsupr
_strrev
_spawnv
_isatty
_get_osfhandle
ungetc
printf
iswalpha
setvbuf
_controlfp
_getcwd
_mbsnbcat
fgetws
atol
rename
iswalnum
toupper
gmtime
_mbsnbcpy
mktime
fwprintf
_wchdir
_ultoa
strstr
_ui64tow

Sections

.text
Size: 7KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e3648252d7d9574a7fdcbf626ccd4d3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

msvcrt

Sections

.text Size: 7KB - Virtual size: 223KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 260KB - Virtual size: 259KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 7KB - Virtual size: 223KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 260KB - Virtual size: 259KB

.rsrc
Size: 16KB - Virtual size: 16KB