1fc7bdb8fe05ca5580e26701b18af8a732075c0d14d3097cba53688978cd2015

Sharing

Copy URL Twitter E-mail

General

Target

1fc7bdb8fe05ca5580e26701b18af8a732075c0d14d3097cba53688978cd2015
Size

220KB
MD5

9378a5bb5a4f4c485f40cfc19f4c7497
SHA1

5d44b841254490977294643d3db8c9d19aa30f9f
SHA256

1fc7bdb8fe05ca5580e26701b18af8a732075c0d14d3097cba53688978cd2015
SHA512

53b529c8d4f2239936e9cef715c3921571c39c07156b5049849e94067f2fd733bcbcbe4b565fe28ef63b7c8e503310a88ccc109e4a326fee2e8e042cf8b53d9c
SSDEEP

6144:nX7tyIxjUdr7aRYIjhgdaUQN3nA7DWqdtWGGx6:ZyIJUl2pN3nA7DW+Q

Score

N/A

Malware Config

Signatures

Files

1fc7bdb8fe05ca5580e26701b18af8a732075c0d14d3097cba53688978cd2015
.exe windows x86

486275d380a62c8409ae3b1b0113394e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
TlsAlloc
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
VirtualAlloc
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
Sleep
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
FreeEnvironmentStringsA
SetEnvironmentVariableA

user32

CreateWindowExA
SendMessageW
SetActiveWindow
SetCapture
SetWindowPos
UnregisterClassA
GetMenuItemCount
GetActiveWindow
GetKeyState
InflateRect
LoadIconA
SetWindowTextW
ReleaseCapture
ClientToScreen
DefWindowProcW
GetClientRect
DestroyWindow
SetTimer
OffsetRect
DrawFocusRect
SetWindowLongW
ShowWindowAsync
DestroyMenu
PtInRect
SetMenuItemInfoA
LoadStringW
GetSubMenu
CreateWindowExW
TrackPopupMenu
AllowSetForegroundWindow
MoveWindow
MessageBeep
AdjustWindowRectEx
RegisterClassW
GetCursorPos
PostMessageW
DestroyIcon
ReleaseDC
CheckMenuItem
GetMenu
GetMenuStringW

ole32

OleUninitialize
CoRegisterSurrogate
OleInitialize
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CoTaskMemFree
RegisterDragDrop
CoLockObjectExternal
CoRegisterMessageFilter
StringFromCLSID
RevokeDragDrop
CoFreeUnusedLibraries
CoRevokeClassObject
OleFlushClipboard
OleRun
CreateStreamOnHGlobal
CoQueryProxyBlanket
CLSIDFromString
CoUninitialize
CoCreateGuid
CoDisconnectObject
CoInitialize
ReleaseStgMedium
CoGetClassObject
CreateBindCtx
GetRunningObjectTable
CoCreateInstance
CoInitializeSecurity
CreateILockBytesOnHGlobal

advapi32

InitializeAcl
CryptAcquireContextA
QueryServiceStatus
LookupPrivilegeValueA
RegDeleteKeyW
RegDeleteKeyA
RegOpenKeyExA
CryptCreateHash
RegEnumKeyExW
CryptReleaseContext
EqualSid
CryptDestroyHash
SetSecurityDescriptorDacl
CloseServiceHandle
CryptGenRandom
DeregisterEventSource
RevertToSelf
AddAccessAllowedAce
RegQueryInfoKeyW
RegCreateKeyExW
RegCreateKeyExA
RegDeleteValueA
GetLengthSid
AdjustTokenPrivileges
RegEnumKeyExA
RegQueryValueExA
CryptAcquireContextW
OpenServiceW
AddAccessAllowedAceEx
RegEnumValueW
AllocateAndInitializeSid
RegSetValueExA
OpenThreadToken
RegSetValueExW
CryptHashData
RegQueryValueExW
RegEnumValueA
GetTokenInformation
FreeSid
OpenProcessToken
InitializeSecurityDescriptor
RegOpenKeyExW
RegCloseKey
RegDeleteValueW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

486275d380a62c8409ae3b1b0113394e

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 144KB - Virtual size: 241KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 144KB - Virtual size: 241KB

.rsrc
Size: 12KB - Virtual size: 10KB