ccdb15d1291998bd8d7ae1b51f176ba3521a18bf5cfcce944e35c8d5c603b569

Sharing

Copy URL

Twitter E-mail

General

Target

ccdb15d1291998bd8d7ae1b51f176ba3521a18bf5cfcce944e35c8d5c603b569
Size

814KB
MD5

04054dedc3a8fa8b7b01319cbf3376b2
SHA1

644f331c15270bfbd8964728bc8838eeff407385
SHA256

ccdb15d1291998bd8d7ae1b51f176ba3521a18bf5cfcce944e35c8d5c603b569
SHA512

8ddfb9e99606346db3894b61e7855a131b54238e5a2bdbcccd6febb2dd2fd13c39fc6bc57aa594df42e817bd878bd1d8664a1a1e416b8c600ffe372ff9add97d
SSDEEP

24576:OQ72ygcsyHaLKxZ3m03Kk6iv8jGDvqUddY:OQ7b7srOxZ2Nk6RjGDv93Y

Score

N/A

Malware Config

Signatures

Files

ccdb15d1291998bd8d7ae1b51f176ba3521a18bf5cfcce944e35c8d5c603b569
.exe windows x86

9a86dd760056f7e182e817fd3395838e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetSystemTimeAsFileTime
ExitThread
SetFilePointer
SetUnhandledExceptionFilter
GetTickCount
TerminateThread
GetPrivateProfileStringW
WideCharToMultiByte
GetModuleHandleW
MoveFileW
CreateWaitableTimerW
WriteConsoleW
WaitForMultipleObjects
TlsAlloc
WaitForSingleObject
MoveFileExW
GetLocalTime
HeapAlloc
LCMapStringW
EnterCriticalSection
SetHandleCount
CreateThread
FindFirstFileW
GetProcAddress
CloseHandle
GetFileSizeEx
InterlockedDecrement
Sleep
MultiByteToWideChar
SetWaitableTimer
GetConsoleMode
IsValidCodePage
HeapFree
GetStartupInfoW
HeapSetInformation
ReleaseMutex
IsProcessorFeaturePresent
GetCurrentThreadId
GetStringTypeW
HeapSize
SetFilePointerEx
CreateFileW
InterlockedIncrement
CreateEventW
ReadFile
CreateMutexW
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetModuleFileNameW
TerminateProcess
SetStdHandle
GetFullPathNameW
GetCPInfo
GetStdHandle
GetFileType
SetFileTime
LoadLibraryW
GetCurrentProcess
HeapCreate
FindNextFileW
ReadConsoleInputA
FlushFileBuffers
GetCommandLineW
FreeEnvironmentStringsW
GetLastError
WriteFile
GetEnvironmentStringsW
ExitProcess
UnhandledExceptionFilter
FindClose
SleepEx
SetCurrentDirectoryW
TlsSetValue
TlsGetValue
SetConsoleMode
LeaveCriticalSection
RtlUnwind
IsDebuggerPresent
TlsFree
CreateDirectoryW
GetACP
HeapReAlloc
DeleteFileW
SetEvent
GetOEMCP
GetConsoleCP
InitializeCriticalSectionAndSpinCount

advapi32

OpenSCManagerW
CreateServiceW
OpenServiceW
ChangeServiceConfig2W
CloseServiceHandle
SetServiceStatus
DeleteService
RegisterServiceCtrlHandlerW
StartServiceW
StartServiceCtrlDispatcherW
ControlService

wininet

HttpOpenRequestA
HttpQueryInfoA
InternetSetOptionW
InternetReadFile
InternetOpenW
InternetQueryDataAvailable
InternetConnectA
HttpSendRequestA
InternetCloseHandle

dnsapi

DnsReplaceRecordSetA

Sections

.text
Size: 511KB - Virtual size: 510KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.stroke
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.char
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.soph
Size: - Virtual size: 42KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.joke
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.poke
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.key
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cond
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a86dd760056f7e182e817fd3395838e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

wininet

dnsapi

Sections

.text Size: 511KB - Virtual size: 510KB

.stroke Size: 55KB - Virtual size: 55KB

.char Size: 52KB - Virtual size: 51KB

.soph Size: - Virtual size: 42KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 824B

.joke Size: 512B - Virtual size: 104B

.poke Size: 512B - Virtual size: 73B

.key Size: 183KB - Virtual size: 183KB

.cond Size: 512B - Virtual size: 36B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 511KB - Virtual size: 510KB

.stroke
Size: 55KB - Virtual size: 55KB

.char
Size: 52KB - Virtual size: 51KB

.soph
Size: - Virtual size: 42KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 824B

.joke
Size: 512B - Virtual size: 104B

.poke
Size: 512B - Virtual size: 73B

.key
Size: 183KB - Virtual size: 183KB

.cond
Size: 512B - Virtual size: 36B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB