c2b014023a8c968241a8b2126baba8286610b050e882c7e7afbe1d02336e1509

Sharing

Copy URL Twitter E-mail

General

Target

c2b014023a8c968241a8b2126baba8286610b050e882c7e7afbe1d02336e1509
Size

188KB
MD5

41347691cb19afea6eac05ffe4085242
SHA1

48a1d514e0809010817250c7c42df6f0032c25d3
SHA256

c2b014023a8c968241a8b2126baba8286610b050e882c7e7afbe1d02336e1509
SHA512

8177aeab827608285dc6a40ff7d81deb129c3dd492ac03c6c2e8a61982dd13e73a2cc2dba9a5bb8098bb7b6366145bcbf15a4afbbf9dcca5dfcdc858179a2d2a
SSDEEP

3072:ekd63WbeGp+Td2A4PREwRJ7WmjKryA/46OfgvQsdbD8Uh5/XR2jQDq:nMWyGpOMl+vmjKryrgIsdbzbhO

Score

N/A

Malware Config

Signatures

Files

c2b014023a8c968241a8b2126baba8286610b050e882c7e7afbe1d02336e1509
.exe windows x86

1e9511b982e79472eff7d8e20357f5f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
TlsFree
InterlockedDecrement
SetEvent
LoadResource
CreateFileW
GetStdHandle
TlsSetValue
GetConsoleMode
GetOEMCP
SetErrorMode
GlobalAlloc
TlsAlloc
HeapSize
FreeEnvironmentStringsW
GetCommandLineW
LCMapStringW
GetFileAttributesW
GetFileType
UnhandledExceptionFilter
GetCurrentProcessId
GetCommandLineA
CloseHandle
LCMapStringA
LoadLibraryA
GetProcAddress
IsBadWritePtr
VirtualAlloc
HeapAlloc
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
RtlUnwind
HeapFree
VirtualFree
GetCurrentThread
SetLastError
DeleteCriticalSection
GetEnvironmentStringsW
GetStringTypeA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
ExitProcess
GetVersion
MultiByteToWideChar
GetProcessHeap
GetCurrentThreadId
SetEndOfFile
GetVersionExA
WideCharToMultiByte
HeapCreate
GetFileSizeEx
QueryPerformanceCounter
FreeLibrary
FindFirstFileW
RegisterWaitForSingleObject
GetSystemInfo
CreateEventW
Sleep
GetStartupInfoA
GetModuleHandleA
TerminateProcess
SetUnhandledExceptionFilter
FlushFileBuffers
LoadLibraryW
GetLastError
RaiseException
GetTickCount
LoadLibraryExW
WriteFile
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetFileSize
GetACP
HeapDestroy
GetModuleFileNameW
FormatMessageW
GetCPInfo
LocalAlloc
CreateThread
SetHandleCount
GetStringTypeW
GetCurrentProcess
HeapReAlloc
GetModuleHandleW
lstrlenW
VirtualAllocEx

shlwapi

PathIsDirectoryA

ole32

CoFreeUnusedLibraries
CreateStreamOnHGlobal
RevokeDragDrop
CoUninitialize
CoInitialize
CLSIDFromProgID
CreateILockBytesOnHGlobal
CLSIDFromString
OleFlushClipboard
CoLockObjectExternal
CoQueryProxyBlanket
CoDisconnectObject
ReleaseStgMedium
StgCreateDocfileOnILockBytes
StringFromCLSID
CoTaskMemFree
CoRegisterMessageFilter
CoRevokeClassObject
OleRun
GetRunningObjectTable
CoSetProxyBlanket
CoInitializeSecurity
CoGetClassObject
CoCreateInstance
CreateBindCtx
CoCreateGuid
OleInitialize
OleRegGetUserType
OleUninitialize
CoTaskMemAlloc
RegisterDragDrop

advapi32

RegEnumKeyExW
AllocateAndInitializeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CryptReleaseContext
RegCreateKeyExA
RegDeleteKeyW
RegEnumValueW
RegQueryInfoKeyW
FreeSid
CryptAcquireContextA
OpenThreadToken
AdjustTokenPrivileges
InitializeAcl
GetLengthSid
EqualSid
AddAccessAllowedAce
RegDeleteValueA
RegDeleteKeyA
CryptGenRandom
LookupPrivilegeValueA
AddAccessAllowedAceEx
CloseServiceHandle
CryptAcquireContextW
DeregisterEventSource
RegEnumValueA
RegEnumKeyExA
RevertToSelf
QueryServiceStatus
OpenServiceW
CryptDestroyHash
CryptCreateHash
CryptHashData
RegSetValueExA
GetTokenInformation
RegCreateKeyExW
RegSetValueExW
OpenProcessToken
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e9511b982e79472eff7d8e20357f5f7

Headers

File Characteristics

Imports

kernel32

shlwapi

ole32

advapi32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 128KB - Virtual size: 225KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 128KB - Virtual size: 225KB

.rsrc
Size: 16KB - Virtual size: 14KB