c0ac06554cf0976ad4d51d2bc56b6fb6b860599d097cf7f123077bb5f67f32aa

Sharing

Copy URL Twitter E-mail

General

Target

c0ac06554cf0976ad4d51d2bc56b6fb6b860599d097cf7f123077bb5f67f32aa
Size

296KB
MD5

7c1331f526f4eb98c9178b02df8be20e
SHA1

601f20aca61fb2651b8b6c5ddd446f841660559e
SHA256

c0ac06554cf0976ad4d51d2bc56b6fb6b860599d097cf7f123077bb5f67f32aa
SHA512

3484efe91d61a748d299ca456f366d65bceb0694c6e1bbeb8d62801fea0cf81a38220713f235544f276e9628dd07aca61495528dc4d055f0ee41b44bc06a0345
SSDEEP

6144:c6fFG6pi1mbRSl6Ro1Ulpxs1QwHkzUx6S1wA5XMtzCoMCP/sIJPFMI9WIvxe:c6Y8Sipx5QbFJQ2HCPPPOwWI8

Score

N/A

Malware Config

Signatures

Files

c0ac06554cf0976ad4d51d2bc56b6fb6b860599d097cf7f123077bb5f67f32aa
.exe windows x86

3ed61d2759f6a5e5b8188ad64bb72a92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

DeleteUrlCacheEntryW

user32

CharNextW
UnregisterClassA

kernel32

CreateFileA
GetThreadLocale
FreeEnvironmentStringsW
IsDebuggerPresent
FlushFileBuffers
GetTempPathW
WriteConsoleW
WriteFile
FindResourceExW
FreeEnvironmentStringsA
GetStdHandle
LockResource
CreateEventW
SignalObjectAndWait
IsValidCodePage
RtlUnwind
HeapReAlloc
FreeLibrary
SetThreadLocale
UnhandledExceptionFilter
LoadResource
GetProcessHeap
LCMapStringA
HeapSize
WriteConsoleA
SetLastError
GetConsoleCP
TlsFree
DeleteCriticalSection
SetStdHandle
SetHandleCount
SetUnhandledExceptionFilter
lstrcmpiW
GetFileType
FindResourceW
CreateMutexW
HeapAlloc
lstrlenW
GetOEMCP
WaitForSingleObject
GetConsoleOutputCP
GetModuleHandleA
FormatMessageW
WaitForMultipleObjects
CreateThread
OutputDebugStringW
ResumeThread
GetACP
ReleaseMutex
ResetEvent
SetFilePointer
GetConsoleMode
LeaveCriticalSection
TlsGetValue
TlsSetValue
EnterCriticalSection
LoadLibraryExW
CloseHandle
GetSystemTimeAsFileTime
GetCurrentThreadId
CreateFileW
GetLocalTime
GetModuleHandleW
SizeofResource
GetUserDefaultLangID
OpenEventW
RaiseException
HeapDestroy
LocalFree
VirtualFree
WideCharToMultiByte
HeapFree
TlsAlloc
GetCommandLineA
LCMapStringW
VirtualAlloc
LoadLibraryW
VirtualAllocEx

urlmon

CoInternetGetSession
CoInternetCreateSecurityManager
FindMimeFromData

ole32

CoInitializeEx
CoCreateInstance
StringFromGUID2
CoUninitialize
OleRun
CLSIDFromString
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

shlwapi

PathAppendW
PathStripPathW
PathRemoveFileSpecW

oleaut32

SafeArrayRedim
SafeArrayGetLBound
LoadTypeLi
DispCallFunc
SysAllocStringByteLen
SysFreeString
SafeArrayGetUBound
SafeArrayGetVartype
UnRegisterTypeLi
SafeArrayUnlock
VariantInit
VariantClear
SafeArrayCopy
RegisterTypeLi
SafeArrayDestroy
VarUI4FromStr
LoadRegTypeLi
SafeArrayCreate
GetErrorInfo
SafeArrayLock
SysStringLen
VariantCopyInd
SysAllocString

advapi32

RegEnumKeyExW
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegQueryInfoKeyW
RegOpenKeyExW

atmlib

ATMFinish
ATMGetNtmFields
ATMBBoxBaseXYShowText
ATMFontStatusW
ATMForceFontChange
ATMFontAvailableA
ATMClient
ATMGetFontBBox
ATMEnumFontsA
ATMEndFontChange
ATMGetFontInfo
ATMGetOutline

kbdsl1

KbdLayerDescriptor

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ed61d2759f6a5e5b8188ad64bb72a92

Headers

File Characteristics

Imports

wininet

user32

kernel32

urlmon

ole32

shlwapi

oleaut32

advapi32

atmlib

kbdsl1

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 264KB - Virtual size: 1.3MB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 264KB - Virtual size: 1.3MB

.rsrc
Size: 6KB - Virtual size: 6KB