d0cd21e41e1c6159e32882ef777c9f419f277a29d69d09e7a344f8532f35365f

Sharing

Copy URL Twitter E-mail

General

Target

d0cd21e41e1c6159e32882ef777c9f419f277a29d69d09e7a344f8532f35365f
Size

195KB
MD5

8851959ab1fb39dd4b5573378eb2c5f0
SHA1

19edfb42d6dc9c638f1ea90c38dd1dcbca84ba7a
SHA256

d0cd21e41e1c6159e32882ef777c9f419f277a29d69d09e7a344f8532f35365f
SHA512

824d7703c1c680e509c25b83d2255aecbf86c865f291a05637558ca0250be6eae59fee842da9c554b51821c6a21446c293632828e6f48f2cc0ece3c271f5501f
SSDEEP

6144:6GncUFB/Hu+JYDEV9vGpmYmggbdQbt0dg1Q:cUju3EV9vGk/qbhQ

Score

N/A

Malware Config

Signatures

Files

d0cd21e41e1c6159e32882ef777c9f419f277a29d69d09e7a344f8532f35365f
.exe windows x86

f674932166cd88dc33f0435600ffd349

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnlockFileEx
DeleteFileA
LockFileEx
GetModuleHandleA
GetTempPathA
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
GetProcAddress
FormatMessageA
LocalFree
FreeLibrary
WideCharToMultiByte
GetCurrentThread
GetFileAttributesA
CloseHandle
VirtualFree
ReadFile
WriteFile
CreateFileA
GetLastError
VirtualAlloc
GetModuleHandleW
LoadLibraryExA

advapi32

AccessCheck
GetFileSecurityA
RevertToSelf
ImpersonateSelf
OpenThreadToken
MapGenericMask

mpr

WNetAddConnection2A
WNetCancelConnection2A

cmutil

CmLoadIconA
CmParsePathW
CmStrrchrW
CmBuildFullPathFromRelativeA
CmEndOfStrW
WzToSzWithAlloc

user32

LoadRemoteFonts
SetRectEmpty
DdeQueryStringW
EnterReaderModeHelper
CharPrevExA
GetWindowContextHelpId
SetWindowPos
SendDlgItemMessageA
DdeImpersonateClient
UserRealizePalette
CreateIcon
OpenDesktopW
InitializeLpkHooks
GetSubMenu
DefRawInputProc
GetMenuItemRect
MessageBoxIndirectA
UserLpkTabbedTextOut
GetThreadDesktop
UserRegisterWowHandlers
CharLowerA
CheckDlgButton
GetClassInfoExW
IsChild
SetPropW
CreateDialogIndirectParamW
LoadMenuW
CharUpperBuffA
GetMonitorInfoW
SetMenuInfo
DispatchMessageA
CreateMenu
ReplyMessage
ChangeDisplaySettingsExW
TrackPopupMenuEx
MenuItemFromPoint
SetProgmanWindow
SwitchDesktop
PostThreadMessageA
EndMenu
ShowCaret
RegisterWindowMessageA
CreateMDIWindowA
RealGetWindowClass
DefDlgProcW
CopyImage
CreateDialogParamA
IMPSetIMEA
ToUnicode
DestroyIcon
EnumChildWindows
UnregisterUserApiHook
SwitchToThisWindow
SetDeskWallpaper
SetMenuItemBitmaps
UnhookWindowsHookEx
UnhookWinEvent
ScrollChildren
IMPSetIMEW
SetMenuItemInfoW
GetClientRect
FindWindowExW
PrivateExtractIconsA
SetClipboardData
CreateIconFromResourceEx

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 167KB - Virtual size: 554KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f674932166cd88dc33f0435600ffd349

Headers

File Characteristics

Imports

kernel32

advapi32

mpr

cmutil

user32

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 167KB - Virtual size: 554KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 20KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 167KB - Virtual size: 554KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 20KB