c43a1cb0ddbe9c27bf99ac587218fc9abfea5509468938035166c630a9eebf39

Sharing

Copy URL Twitter E-mail

General

Target

c43a1cb0ddbe9c27bf99ac587218fc9abfea5509468938035166c630a9eebf39
Size

189KB
MD5

24b2ac499876b81eafdb59eb5b666470
SHA1

25e2be8b3c00cfd76cb2e8bf7ac8d333593410d3
SHA256

c43a1cb0ddbe9c27bf99ac587218fc9abfea5509468938035166c630a9eebf39
SHA512

3688bf6bccb888fab076d3cda8218b4026b78b8295bc321bc34c30008c06f299634bc547d22c02de3edceeec99bd9e4326136fe24987369341651ed2463764c6
SSDEEP

3072:lpS8N83tj7j1W1u/qJj/TwZI/ifuBnxVakAEwFDf9j1tbM:lpcnXAjbz/IujarECf9jT

Score

N/A

Malware Config

Signatures

Files

c43a1cb0ddbe9c27bf99ac587218fc9abfea5509468938035166c630a9eebf39
.exe windows x86

9a9a818dec61ca498a985664b5a0615e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
CreateFileMappingA
HeapFree
UnmapViewOfFile
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetStartupInfoA
WaitForMultipleObjects
LocalSize
TerminateProcess
OpenProcess
GetCurrentThreadId
GetSystemInfo
GetComputerNameA
GetVersionExA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcess
HeapAlloc
GetProcessId
GetProcessHeap
InterlockedDecrement
GetModuleFileNameA
OpenEventA
SetErrorMode
CreateMutexA
MultiByteToWideChar
lstrcmpiA
LCMapStringW
LCMapStringA
SetStdHandle
FlushFileBuffers
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
IsBadWritePtr
HeapReAlloc
HeapCreate
HeapDestroy
GetEnvironmentVariableA
InitializeCriticalSection
CreateProcessA
lstrcatA
WaitForSingleObject
MoveFileA
SetFilePointer
ReadFile
GetFileSize
LocalAlloc
LocalReAlloc
LocalFree
FindClose
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
lstrlenA
GetFileAttributesA
CreateDirectoryA
GetLastError
DeleteFileA
GetCurrentProcessId
GetLocalTime
GetTickCount
CancelIo
InterlockedExchange
lstrcpyA
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
Sleep
LoadLibraryA
CloseHandle
FreeLibrary
GetProcAddress
SetEvent
SetUnhandledExceptionFilter
SetLastError
TlsAlloc
GetVersion
GetCommandLineA
GetModuleHandleA
ExitProcess
ExitThread
TlsGetValue
TlsSetValue
CreateThread
RaiseException
RtlUnwind

user32

SetRect
DispatchMessageA
TranslateMessage
GetMessageA
CharNextA
wsprintfA
CloseWindow
IsWindow
PostMessageA
OpenDesktopA
GetThreadDesktop
GetUserObjectInformationA
OpenInputDesktop
SetThreadDesktop
CloseDesktop
IsWindowVisible
GetWindowThreadProcessId
ExitWindowsEx
GetCursorInfo
GetWindowTextA
GetCursorPos
ReleaseDC
GetDesktopWindow
GetDC
DestroyCursor
GetSystemMetrics
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetCursorPos
WindowFromPoint
SetCapture
mouse_event
MapVirtualKeyA
SendMessageA
LoadCursorA
MessageBoxA

advapi32

CloseEventLog
BuildExplicitAccessWithNameA
GetKernelObjectSecurity
GetSecurityDescriptorDacl
SetEntriesInAclA
MakeAbsoluteSD
SetKernelObjectSecurity
DuplicateTokenEx
ImpersonateLoggedOnUser
CreateProcessAsUserA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyA
RegSaveKeyA
RegRestoreKeyA
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
FreeSid
OpenSCManagerA
DeleteService
CloseServiceHandle
RegCreateKeyExA
RegSetValueExA
OpenEventLogA
ClearEventLogA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

OleRun
CoInitialize
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance

oleaut32

SysFreeString
GetErrorInfo
VariantClear
SysAllocString

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA

psapi

GetModuleFileNameExA

Exports

Exports

AAAAAAAAAAAAAAA
CCCCCCCCCCCCCCCCC
HHHHHHHHHHHHH
QQ841374296
XCXXXXXXXXXXXXXXXXXXXX
XSW3600
hk3600
zxsahduo

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a9a818dec61ca498a985664b5a0615e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

wininet

psapi

Exports

Exports

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 23KB - Virtual size: 32KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 23KB - Virtual size: 32KB

.rsrc
Size: 2KB - Virtual size: 1KB