c1d8e7a05c42bf57f6847e2b003e5c02b7159e8c3ffa485bfcec810ce9e70217

Sharing

Copy URL

Twitter E-mail

General

Target

c1d8e7a05c42bf57f6847e2b003e5c02b7159e8c3ffa485bfcec810ce9e70217
Size

637KB
MD5

e742997a2640a9a53683492d0858ab0a
SHA1

bb99ac59d7d63cfb1dd11dbe020238fc59a5a315
SHA256

c1d8e7a05c42bf57f6847e2b003e5c02b7159e8c3ffa485bfcec810ce9e70217
SHA512

ce333abee2b80ba249f09ca0e4b2d2e3b36e30f81eed563265e9255f373a3b5834cd7bd1e80e3456fd6217eeeb23fde40ed92a483c726aaf7daedfc4cb4395f3
SSDEEP

12288:wQAaAajMSFORKX4/X61y45TPc2olKwJxsWCcNhHGSFt+iCH2VJ4kC:wplajMqORKUq142oUw/NhHGSF05kC

Score

N/A

Malware Config

Signatures

Files

c1d8e7a05c42bf57f6847e2b003e5c02b7159e8c3ffa485bfcec810ce9e70217
.exe windows x86

ec8aaa0e7db1bae8c585a46710a09e54

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_get_osfhandle
iswdigit
_wcsrev
tolower
_beginthread
_Getdays
islower
fseek
_mbsupr

kernel32

CreateProcessW
CreateTimerQueueTimer
SetVolumeLabelW
GetLocaleInfoW
OpenFile
VirtualAlloc
SetConsoleOutputCP
RegisterWaitForSingleObject
CancelWaitableTimer
GetFileAttributesA
ExpandEnvironmentStringsA
AreFileApisANSI

advapi32

GetSecurityDescriptorDacl
RegSetValueExA
LsaQueryInformationPolicy
InitializeSecurityDescriptor
LookupAccountNameA
ConvertSidToStringSidA
ClearEventLogW
RegSetValueA
LsaSetInformationPolicy

uxtheme

GetWindowTheme
DrawThemeText
GetThemeMetric
GetThemeSysColor
GetCurrentThemeName
IsAppThemed
GetThemePartSize
GetThemeFont
GetThemeMargins
GetThemeBackgroundRegion
IsThemePartDefined
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground

netapi32

NetUserGetLocalGroups
NetGetJoinInformation
NetShareEnum
NetUserGetInfo
NetUnjoinDomain
I_NetServerSetServiceBitsEx
NetQueryDisplayInformation
NetServerTransportEnum

user32

UnregisterClassW
EnumPropsW
wsprintfA
MonitorFromRect
GetCapture
PeekMessageW
DeregisterShellHookWindow

imm32

ImmUnlockIMC
ImmReleaseContext
ImmSetCandidateWindow
ImmLockIMCC
ImmConfigureIMEW
ImmUnlockIMCC
ImmSetCompositionStringW
ImmDisableIME
ImmIsIME
ImmGetGuideLineW
ImmCreateContext
ImmGetImeMenuItemsW
ImmGetCompositionFontW
ImmGetIMEFileNameA

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 226KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 167KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 190KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec8aaa0e7db1bae8c585a46710a09e54

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

uxtheme

netapi32

user32

imm32

Sections

.text Size: 50KB - Virtual size: 49KB

.bss Size: 226KB - Virtual size: 268KB

DATA Size: 167KB - Virtual size: 265KB

DATA Size: 190KB - Virtual size: 357KB

.rsrc Size: 512B - Virtual size: 472B

.reloc Size: 1024B - Virtual size: 556B

.text
Size: 50KB - Virtual size: 49KB

.bss
Size: 226KB - Virtual size: 268KB

DATA
Size: 167KB - Virtual size: 265KB

DATA
Size: 190KB - Virtual size: 357KB

.rsrc
Size: 512B - Virtual size: 472B

.reloc
Size: 1024B - Virtual size: 556B