c18c96423347359ae3d5bb540928c0789bb06e80d43be6c4c87dab2b78398300

Sharing

Copy URL

Twitter E-mail

General

Target

c18c96423347359ae3d5bb540928c0789bb06e80d43be6c4c87dab2b78398300
Size

287KB
MD5

9b6e34a233cde15bf8de723fe9fd7688
SHA1

c1f1bb35282d576170202d7e4f87d5bd0e6882a8
SHA256

c18c96423347359ae3d5bb540928c0789bb06e80d43be6c4c87dab2b78398300
SHA512

785e5a322abfaed30e1b319374694ef284375e220ad24e5d34195a312ad8a520e8c8fa77bb00eda8b19f59d41e6177b448fd366e7d0e76bc2a2454f34ea6f40d
SSDEEP

6144:6UPr455vJdzLG1OJg6PqUdSwqmVvRXSvfGL2o5GpeZp:6UzE/0OJRiUA3mVvRXSnGqoA

Score

N/A

Malware Config

Signatures

Files

c18c96423347359ae3d5bb540928c0789bb06e80d43be6c4c87dab2b78398300
.exe windows x86

8add20d6a3a8d8da40f92e87ab8dc38a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
GetVolumeNameForVolumeMountPointW
WaitForSingleObject
GetCurrentThreadId
GetProcessHeap
HeapFree
IsDebuggerPresent
FindVolumeMountPointClose
EnterCriticalSection
ResumeThread
UnhandledExceptionFilter
GetLogicalDriveStringsW
FindNextVolumeMountPointW
ResetEvent
CreateEventW
GetDriveTypeW
LeaveCriticalSection
CreateThread
GetACP
FindFirstVolumeMountPointW
GetThreadLocale
FormatMessageW
SetUnhandledExceptionFilter
SetThreadLocale
lstrlenW
HeapReAlloc
HeapDestroy
CloseHandle
DeleteCriticalSection
GetSystemTime
RaiseException
HeapSize
GetSystemTimeAsFileTime
HeapAlloc
GetModuleHandleW
VirtualAlloc

ole32

CoGetInterfaceAndReleaseStream
StringFromGUID2
CoMarshalInterThreadInterfaceInStream
CoRevertToSelf
CoQueryProxyBlanket
CoInitializeEx
CoCreateGuid
CoUninitialize
CoImpersonateClient
CoCreateInstance
CoSetProxyBlanket

advapi32

OpenProcessToken
GetLengthSid
RegOpenKeyExW
EqualSid
IsValidSid
CopySid
RegSetValueExW
RegCloseKey
OpenThreadToken
SetThreadToken
GetTokenInformation

user32

wsprintfW
UnregisterClassA
GetWindowLongW

userenv

UnloadUserProfile

oleaut32

VariantTimeToSystemTime
SysStringLen
SysStringByteLen
SafeArrayLock
SysAllocStringLen
SafeArrayGetVartype
VarBstrCmp
SafeArrayCopy
SafeArrayUnlock
SafeArrayGetLBound
SysAllocString
SafeArrayDestroy
LoadTypeLi
SystemTimeToVariantTime
VariantInit
VariantClear
VariantCopy
SysAllocStringByteLen
SafeArrayCreate
VariantCopyInd
LoadRegTypeLi
SafeArrayGetUBound
SafeArrayRedim
SysFreeString

comctl32

CreateStatusWindow
ImageList_GetIcon
FlatSB_GetScrollPos
CreatePropertySheetPageW
ImageList_LoadImageW
DllGetVersion
ImageList_AddIcon
ImageList_GetIconSize
ImageList_DragLeave
CreateMappedBitmap
CreateUpDownControl
ImageList_DragEnter

iasacct

DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 249KB - Virtual size: 817KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8add20d6a3a8d8da40f92e87ab8dc38a

Headers

File Characteristics

Imports

kernel32

ole32

advapi32

user32

userenv

oleaut32

comctl32

iasacct

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 249KB - Virtual size: 817KB

.rsrc Size: 17KB - Virtual size: 120KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 249KB - Virtual size: 817KB

.rsrc
Size: 17KB - Virtual size: 120KB