ceca448384dc730fa7b0ca1e9fa987f984b7e8f85766906f01154c4fdc3bc580

Sharing

Copy URL

Twitter E-mail

General

Target

ceca448384dc730fa7b0ca1e9fa987f984b7e8f85766906f01154c4fdc3bc580
Size

911KB
MD5

03a3532098d9b205a7f6911f0576ba47
SHA1

c042c9387c6bc762bcee2d73b31093905016543b
SHA256

ceca448384dc730fa7b0ca1e9fa987f984b7e8f85766906f01154c4fdc3bc580
SHA512

58df9f0c11b185ef671e911eb6e69097ffa41ff4a0d678ec9b90706152905ef57bf478d60f34378e61460722db556b7655cad5498d801b97469b91508af90405
SSDEEP

24576:CIl91k2p9LYIDRKY2dYaeWxTOQvkIsKh4:1XVpaIKd/eWxTOQvkdKh4

Score

N/A

Malware Config

Signatures

Files

ceca448384dc730fa7b0ca1e9fa987f984b7e8f85766906f01154c4fdc3bc580
.exe windows x86

9ff154028e01751fcb3ce4422eff87d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadBitmapA
PostMessageW
IsWindowUnicode
GetWindowTextLengthW
GetMenuDefaultItem
PostThreadMessageA
DrawTextA
EqualRect
EnumDesktopWindows
GetWindow
PtInRect
GetLastActivePopup
IsDlgButtonChecked
SetWindowContextHelpId
GetAsyncKeyState
GetCapture
ShowWindow
MoveWindow
ValidateRect

shell32

DragQueryPoint
SHBrowseForFolderA
ShellExecuteA
SHGetSpecialFolderLocation

version

VerQueryValueA
VerInstallFileA
GetFileVersionInfoSizeA

kernel32

lstrcpyA
SetMailslotInfo
IsBadWritePtr
PeekConsoleInputW
TryEnterCriticalSection
_llseek
SetFileAttributesA
GetCurrentProcess
ExpandEnvironmentStringsW
GetCurrentProcessId
OpenFile
DosDateTimeToFileTime
SystemTimeToFileTime
GlobalReAlloc
CreateDirectoryW
CreateIoCompletionPort
CreateWaitableTimerA
DebugBreak
ExitProcess
GetCommConfig
GetEnvironmentVariableW
UnmapViewOfFile
FillConsoleOutputCharacterA
GetVolumeInformationW
GetFullPathNameA
SetNamedPipeHandleState
GlobalDeleteAtom
GetTempFileNameA
LocalLock
GetCompressedFileSizeW
GetSystemInfo
SetConsoleOutputCP
EnumResourceLanguagesW
GetSystemTime
SetStdHandle
FindCloseChangeNotification
EnumResourceNamesA
WriteFile
MoveFileW
SetHandleCount
WriteProcessMemory
SetCommMask
DuplicateHandle
EnumSystemCodePagesA
GetHandleInformation
FindResourceExW
SetProcessShutdownParameters

gdi32

GetEnhMetaFileDescriptionA
GetTextExtentPointA

ws2_32

WSASocketW
gethostname
WSAHtons
WSAIsBlocking
shutdown
WSAGetServiceClassInfoW

advapi32

GetFileSecurityA
CreatePrivateObjectSecurity
RegConnectRegistryA
QueryServiceConfigA
SetThreadToken
CryptEncrypt

Sections

.text
Size: 12KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 603KB - Virtual size: 603KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ff154028e01751fcb3ce4422eff87d1

Headers

File Characteristics

Imports

user32

shell32

version

kernel32

gdi32

ws2_32

advapi32

Sections

.text Size: 12KB - Virtual size: 228KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 603KB - Virtual size: 603KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 12KB - Virtual size: 228KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 603KB - Virtual size: 603KB

.rsrc
Size: 17KB - Virtual size: 16KB