c64c580ac4a45271380733ffd4e8fd22eaef5303ac34faaec03d4132985d6bfb

Sharing

Copy URL Twitter E-mail

General

Target

c64c580ac4a45271380733ffd4e8fd22eaef5303ac34faaec03d4132985d6bfb
Size

272KB
MD5

7938886eb7047ba4299e97edccb12829
SHA1

50f766cb6d82a1352cd17879d141d531d9e68ff3
SHA256

c64c580ac4a45271380733ffd4e8fd22eaef5303ac34faaec03d4132985d6bfb
SHA512

bcd468e50b7820c15369531ad751f8641c4a0993cb1c28b01634e94407ad085119d185db9cb926d68245f312f1cc86043594735d9b4b022917d9ec1b8e1e011a
SSDEEP

6144:KtD779QJqN5gVmnGe2wMyhLu/d9jeEBrnqZ/q3/ec7qHPqf+:KtDX9QogVAKyq96yrnqomc7ePT

Score

N/A

Malware Config

Signatures

Files

c64c580ac4a45271380733ffd4e8fd22eaef5303ac34faaec03d4132985d6bfb
.exe windows x86

d1f2f7a14e6f94a8c9a108378dd93a9d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
InitializeCriticalSectionAndSpinCount
MapViewOfFile
LocalFree
GetCurrentThreadId
FileTimeToSystemTime
GetSystemTimeAsFileTime
GetFileSize
ResetEvent
SystemTimeToFileTime
FreeLibrary
CloseHandle
WaitForSingleObject
HeapFree
FreeEnvironmentStringsW
CreateFileMappingW
WideCharToMultiByte
lstrlenA
DeviceIoControl
CreateFileW
UnhandledExceptionFilter
HeapAlloc
VirtualProtect
LeaveCriticalSection
LocalAlloc
EnterCriticalSection
SetUnhandledExceptionFilter
SetFilePointer
GetModuleHandleW
FreeEnvironmentStringsA
GetDiskFreeSpaceA
ReadFile
CreateEventW
lstrlenW
IsProcessorFeaturePresent
DeleteCriticalSection
VirtualFree
GetProcessHeap
GetLocalTime
SetLastError
GlobalMemoryStatus
GetSystemDefaultLangID
UnmapViewOfFile
VirtualAllocEx

ntdll

RtlUnwind

msvcrt

malloc
free
memset
memmove
time
_wcsnicmp
__dllonexit
wcsncmp
rand
_wtoi
_itow
_purecall
_initterm
_vsnwprintf
_onexit
memcpy
_amsg_exit
_unlock
wcsstr
_ui64tow
srand
_XcptFilter
_lock
wcschr

rpcrt4

UuidFromStringW
RpcStringFreeW
I_RpcMapWin32Status
UuidToStringW

advapi32

CryptGenKey
RegCreateKeyExA
CryptDecrypt
CryptExportKey
CryptCreateHash
CryptAcquireContextW
RegSetValueExA
CryptGetHashParam
TraceEvent
CryptDestroyKey
RegQueryValueExA
CryptDestroyHash
CryptVerifySignatureA
CryptHashData
CryptSignHashA
CryptEncrypt
CryptImportKey
RegCloseKey
CryptReleaseContext

user32

GetKeyboardLayout
MessageBoxIndirectA
SendDlgItemMessageA
CreateWindowExW
EnableMenuItem
LoadMenuIndirectA
DialogBoxParamW
DialogBoxParamA
MonitorFromPoint
MessageBeep
GetMessageW
CreateDialogIndirectParamW
GetKeyState
LoadMenuIndirectW
SetFocus
InsertMenuItemW

traffic

TcQueryFlowA
TcSetFlowW

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 241KB - Virtual size: 729KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1f2f7a14e6f94a8c9a108378dd93a9d

Headers

File Characteristics

Imports

kernel32

ntdll

msvcrt

rpcrt4

advapi32

user32

traffic

Sections

.text Size: 16KB - Virtual size: 16KB

.data Size: 241KB - Virtual size: 729KB

.rdata Size: 3KB - Virtual size: 403KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 241KB - Virtual size: 729KB

.rdata
Size: 3KB - Virtual size: 403KB

.rsrc
Size: 11KB - Virtual size: 10KB