c4c9f68032b060e4877a1230105bc09a1231a14ee6e9d324801ae524e36f7877

Sharing

Copy URL Twitter E-mail

General

Target

c4c9f68032b060e4877a1230105bc09a1231a14ee6e9d324801ae524e36f7877
Size

964KB
MD5

f8c65a91fc686de19fa73ceb3612bed5
SHA1

3733327eb0b214c3d7d7e639778c2424f6cfac5d
SHA256

c4c9f68032b060e4877a1230105bc09a1231a14ee6e9d324801ae524e36f7877
SHA512

0f9317e41f2bdc9d68d3dfb4007377a4d23ab38cd72b887a170a2e7d05f5e0f5bfc7fe13ce955b6dbeda47a3b9d1dc6b73e7f5262590db5602902556034917a7
SSDEEP

12288:U3afpcJP0z//V2W8zXoyZQXsk0L4k76e6imrH8Rd6QMqikJ/Ghpf/3n:LyJKnhckHre6imrE+fJPn

Score

N/A

Malware Config

Signatures

Files

c4c9f68032b060e4877a1230105bc09a1231a14ee6e9d324801ae524e36f7877
.exe windows x86

1c9cd600efdd466cb12d420e9ed7d6e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

GetFileSecurityA
GetSecurityDescriptorOwner
GetUserNameA
LookupAccountSidA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueA
RegQueryValueExA
RegSetValueExA
SetFileSecurityA

kernel32

AllocConsole
BackupWrite
CloseHandle
CompareFileTime
CompareStringA
CopyFileA
CreateDirectoryA
CreateFileA
CreateFileW
CreateMutexA
CreateProcessA
CreateThread
DefineDosDeviceA
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
EnterCriticalSection
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstFileA
FindNextFileA
FlushConsoleInputBuffer
FlushFileBuffers
FormatMessageA
FreeConsole
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCompressedFileSizeA
GetComputerNameA
GetConsoleCP
GetConsoleCursorInfo
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetConsoleTitleA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileInformationByHandle
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLargestConsoleWindowSize
GetLastError
GetLocalTime
GetLocaleInfoA
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemTimeAsFileTime
GetTempPathA
GetThreadPriority
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
IsBadReadPtr
IsBadWritePtr
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
OpenProcess
PeekConsoleInputA
QueryDosDeviceA
RaiseException
ReadConsoleA
ReadConsoleInputA
ReadConsoleOutputA
ReadConsoleOutputW
ReadFile
ReleaseMutex
RemoveDirectoryA
RtlUnwind
SearchPathA
SetConsoleCP
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleMode
SetConsoleOutputCP
SetConsoleScreenBufferSize
SetConsoleTextAttribute
SetConsoleTitleA
SetConsoleWindowInfo
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetFileApisToANSI
SetFileApisToOEM
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetThreadLocale
SetThreadPriority
Sleep
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleInputA
WriteConsoleOutputA
WriteConsoleOutputW
WriteFile
lstrcpyW
lstrlenA
lstrlenW

mpr

WNetCancelConnection2A
WNetGetUniversalNameA
WNetGetConnectionA

winspool.drv

ClosePrinter
EndDocPrinter
EnumPrintersA
OpenPrinterA
StartDocPrinterA
WritePrinter

shell32

ExtractIconExA
FindExecutableA
SHFileOperationA
ShellExecuteA
ShellExecuteExA

user32

CharLowerA
CharToOemA
CharToOemBuffA
CharUpperA
CloseClipboard
CopyIcon
EmptyClipboard
EnumClipboardFormats
EnumThreadWindows
EnumWindows
GetAsyncKeyState
GetClipboardData
GetKeyboardLayoutList
GetSystemMetrics
GetWindowLongA
GetWindowPlacement
GetWindowTextA
GetWindowThreadProcessId
IsCharAlphaA
IsCharAlphaNumericA
IsCharLowerA
IsCharUpperA
IsIconic
IsWindowVisible
MapVirtualKeyA
MapVirtualKeyExA
MessageBeep
MessageBoxA
OemToCharA
OemToCharBuffA
OpenClipboard
PostMessageA
RegisterClipboardFormatA
SendMessageA
SetClipboardData
SetForegroundWindow
ShowWindowAsync
SystemParametersInfoA
VkKeyScanA
VkKeyScanExA
WaitForInputIdle
wsprintfA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 656KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 121KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 171KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c9cd600efdd466cb12d420e9ed7d6e6

Headers

File Characteristics

Imports

advapi32

kernel32

mpr

winspool.drv

shell32

user32

Exports

Exports

Sections

.text Size: 656KB - Virtual size: 656KB

.data Size: 121KB - Virtual size: 172KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 6KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 8KB

.reloc Size: 171KB - Virtual size: 172KB

.text
Size: 656KB - Virtual size: 656KB

.data
Size: 121KB - Virtual size: 172KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 6KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 8KB

.reloc
Size: 171KB - Virtual size: 172KB