c79c6121ef9ffbbcdc4cc90a9b0fdf5deb4595b756aed8e03266a6a12b44def9

Sharing

Copy URL

Twitter E-mail

General

Target

c79c6121ef9ffbbcdc4cc90a9b0fdf5deb4595b756aed8e03266a6a12b44def9
Size

304KB
MD5

63a9df4359c7838068fecae06ab7a5c5
SHA1

20bde5f0399bc14329ea683cd4f5152190dcd057
SHA256

c79c6121ef9ffbbcdc4cc90a9b0fdf5deb4595b756aed8e03266a6a12b44def9
SHA512

fb6c1fb0903bf981f2a491e75d8e0a7d516ecfa9aab23a90231e19118114073e27d00036248b1f01165f5e99132669f6ce3e2f0dc27bd7c119ce4b344b881d76
SSDEEP

6144:wcXlK4wFuk6c9oBJbszio36UPJnbgH0eJu8o2q5aLEMdM/w:RXlK3x96Z613JtgPJo2q8AM2/w

Score

N/A

Malware Config

Signatures

Files

c79c6121ef9ffbbcdc4cc90a9b0fdf5deb4595b756aed8e03266a6a12b44def9
.exe windows x86

b8079d9a5768f13f2bbc17daec817437

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathA

ole32

CoCreateInstance

user32

PeekMessageA
CharPrevA
DispatchMessageA
GetWindowRect
MsgWaitForMultipleObjects
GetDesktopWindow
AppendMenuA
wsprintfA
SendMessageA
TranslateMessage
CharUpperA

shlwapi

PathRemoveFileSpecA

shell32

SHCreateDirectoryExA

advapi32

SetSecurityDescriptorDacl
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegCloseKey
CloseServiceHandle
InitializeSecurityDescriptor
RegConnectRegistryA
RegOpenKeyExA
OpenServiceA
QueryServiceStatus
OpenSCManagerA
RegSetValueExA
GetUserNameA
RegEnumKeyExA

mapi32

ord183
ord75
ord129
ord13
ord17
ord137
ord135
ord174
ord140
ord60
ord139
ord185
ord15

kernel32

LoadLibraryExA
FindClose
GetLocalTime
WaitForSingleObject
CreateEventA
GetFileSize
LeaveCriticalSection
lstrcpyA
CreateMutexA
lstrcmpA
ReleaseMutex
WaitForMultipleObjects
FreeLibrary
WideCharToMultiByte
FileTimeToSystemTime
OutputDebugStringA
SetFilePointer
WriteFile
SetLastError
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
lstrlenW
ResetEvent
lstrcpynA
GetShortPathNameA
GetACP
CreateSemaphoreA
SetThreadPriority
CreateFileA
GetSystemTime
lstrlenA
SystemTimeToFileTime
CloseHandle
ReadFile
CreateThread
GetModuleHandleA
GetTempFileNameA
FormatMessageA
FindFirstFileA
OpenFile
OpenEventA
GlobalAlloc
ReleaseSemaphore
lstrcpyW
DeleteFileW
FindNextFileA
GlobalFree
CreateFileW
lstrcmpW
VirtualAllocEx

msvcrt

_mbscmp
wcscpy
isdigit
strncpy
_snprintf
_strlwr
fread
sscanf
_CxxThrowException
wcslen
_mbsdec
strlen
strcpy
strcspn
free
_wcsicmp
fclose
sprintf
_stricmp
fgets
_itoa
_makepath
wcscspn
_strcmpi
wcsncpy
_mbsicmp
memcmp
_mbsrchr
_mbsnbicmp
_splitpath
_access
strncmp
wcscat
atoi
memcpy
fwrite
strchr
wcscmp
_strnicmp
__CxxFrameHandler
abs
__dllonexit
_mbschr
_mbsnbcpy
_mbsnbcat
_wcsnicmp
_mbsinc
malloc
memmove
strcat
_mbsnbcmp
_snwprintf
calloc
_onexit
strstr
fopen
_initterm
localtime
memset

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

comctl32

ImageList_LoadImageA
ImageList_SetBkColor
ImageList_DragMove
ImageList_GetIcon
ImageList_DragEnter
InitMUILanguage
FlatSB_GetScrollProp
ImageList_Replace

rasser

PortGetStatistics

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 575KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8079d9a5768f13f2bbc17daec817437

Headers

File Characteristics

Imports

shfolder

ole32

user32

shlwapi

shell32

advapi32

mapi32

kernel32

msvcrt

version

comctl32

rasser

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 273KB - Virtual size: 575KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 273KB - Virtual size: 575KB

.rsrc
Size: 4KB - Virtual size: 4KB