cc2cc7c22eb8737702373377b3e7e970571aee18cf4aea8c0fdc7116a0395199

Sharing

Copy URL Twitter E-mail

General

Target

cc2cc7c22eb8737702373377b3e7e970571aee18cf4aea8c0fdc7116a0395199
Size

53KB
MD5

890ea08fd1e906bdc484f3627a3e71be
SHA1

658959ce00298c5897046505083b9f6d8222f660
SHA256

cc2cc7c22eb8737702373377b3e7e970571aee18cf4aea8c0fdc7116a0395199
SHA512

08f879e859d85a4f97772f49665df4e280d21624d4e78fa99254f1033a6396ef0b1a0e042b2810ff6cce95dabc8f8f2120511b46ac8c52cce776dc4aaa614477
SSDEEP

1536:QGFfYkTMrafgo7tlnEYz/1HtOzweyWCvsDbYVHYuVh:QGFwsMrceAqMV4uV

Score

N/A

Malware Config

Signatures

Files

cc2cc7c22eb8737702373377b3e7e970571aee18cf4aea8c0fdc7116a0395199
.exe windows x86

8ac585d6526f10c51b228783d41be098

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleDisplayMode
GetModuleFileNameW
VirtualAlloc
lstrcmpW
SetSystemTime
IsDBCSLeadByteEx
VerifyVersionInfoA
Heap32ListFirst
GetNativeSystemInfo
LocalSize
GetConsoleAliasExesA
GlobalUnlock
GetConsoleKeyboardLayoutNameW
GetModuleHandleA
GetPrivateProfileSectionNamesA
TlsSetValue
SetConsoleCursor
Process32FirstW
GetStringTypeExA
GetEnvironmentVariableW
GetComputerNameExW
InitializeSListHead
GlobalAlloc
GetPrivateProfileStructW
RtlUnwind
GetSystemWindowsDirectoryA
GetPrivateProfileSectionNamesW
IsBadHugeWritePtr
CompareStringW
GetProcessId
GetOverlappedResult
TzSpecificLocalTimeToSystemTime
ContinueDebugEvent
RemoveDirectoryA
UpdateResourceA
SetConsoleCursorMode
LoadLibraryA
lstrcmpA

apphelp

SdbEnumMsiTransforms
ApphelpGetFileAttributes
SdbGetEntryFlags
ApphelpCheckRunApp
SdbResolveDatabase
SdbReadDWORDTagRef
ApphelpCheckInstallShieldPackage
SdbCloseDatabase
SdbFindFirstNamedTag
SdbReadBYTETagRef
SdbFindNextTagRef
SdbCreateMsiTransformFile
SdbFindNextMsiPackage
SdbQueryData
AllowPermLayer
SdbTagToString
SdbGetTagDataSize
SdbQueryApphelpInformation
SdbReadWORDTag
SetPermLayers
SdbReadStringTagRef
SdbFindFirstTag
SdbReadBYTETag
ShimDumpCache
ApphelpFixMsiPackageExe
SdbRegisterDatabase
ApphelpCheckIME
SdbGetBinaryTagData
SdbReadQWORDTagRef
ApphelpCheckMsiPackage
SdbOpenApphelpDetailsDatabase
SdbFindFirstMsiPackage_Str
SdbReleaseDatabase

msvcrt

?unexpected@@YAXXZ
wcspbrk
__p__commode
___setlc_active_func
wcsncat
_cprintf
wcsxfrm
_mbspbrk
_access
scanf
__p___winitenv
_lsearch
vprintf
_execvpe
_mbsbtype
_wputenv
_ismbcsymbol
_wcmdln
wcstoul
_seh_longjmp_unwind
sscanf
difftime
exit
isgraph
_mbbtombc
??_Ebad_typeid@@UAEPAXI@Z
strncmp
_fpclass
__set_app_type
wcsncmp

faultrep

ReportHang
AddERExcludedApplicationA
ReportFault
AddERExcludedApplicationW

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ac585d6526f10c51b228783d41be098

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

apphelp

msvcrt

faultrep

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 374B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 374B

.rsrc
Size: 2KB - Virtual size: 1KB