96bfee84b6d76e93d8bbe642e00fbfe9b0af4290fb835662dd2de4808cc9c049

Sharing

Copy URL Twitter E-mail

General

Target

96bfee84b6d76e93d8bbe642e00fbfe9b0af4290fb835662dd2de4808cc9c049
Size

252KB
MD5

87a5f7671673588c63876533de8b55cd
SHA1

0332e4bdf97ef70b46cc2f38c7284d80945f7336
SHA256

96bfee84b6d76e93d8bbe642e00fbfe9b0af4290fb835662dd2de4808cc9c049
SHA512

1dda4e41e818fe7863ace5bebbe537fca0bdd0bed0818fbf703be888e8e92d2ac464e6ae1e3cd00752a30dfcf8d2b2205ceaf8e9c0022cf30623558969e2b7c0
SSDEEP

6144:Ccjr0I/BsJpbrD/GLswD3LD6a5VAAnK0KRp7i:Ccv01brbGLspa0f0KRp

Score

N/A

Malware Config

Signatures

Files

96bfee84b6d76e93d8bbe642e00fbfe9b0af4290fb835662dd2de4808cc9c049
.exe windows x86

88c7d01060658968f705f99024621ebf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString

kernel32

CreateThread
RemoveDirectoryA
MapViewOfFile
FindNextChangeNotification
OpenProcess
LockResource
HeapAlloc
TlsGetValue
EnterCriticalSection
FormatMessageA
CreateEventA
FindClose
CreateDirectoryA
ResumeThread
GetSystemTimeAsFileTime
WaitForMultipleObjects
LeaveCriticalSection
UnmapViewOfFile
FindResourceExA
FindFirstFileA
CreateFileMappingA
SizeofResource
LoadResource
HeapDestroy
HeapFree
ReleaseSemaphore
FindNextFileA
WideCharToMultiByte
HeapSize
CloseHandle
GetCurrentThreadId
GetACP
WaitForSingleObject
DeleteCriticalSection
CreateSemaphoreA
DeleteFileA
GetProcessHeap
FindCloseChangeNotification
LocalFree
GetSystemTime
RaiseException
ReleaseMutex
CreateMutexA
OpenFileMappingA
lstrlenA
HeapReAlloc
TlsSetValue
GetThreadLocale
FindResourceA
FindFirstChangeNotificationA
LocalAlloc
CompareFileTime
VirtualAlloc

advapi32

CryptAcquireContextA
RegCloseKey
ControlService
OpenServiceW
OpenServiceA
OpenSCManagerA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
QueryServiceStatus
QueryServiceStatusEx
StartServiceA
CryptGenRandom
CryptReleaseContext
CloseServiceHandle

user32

wsprintfA

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA

oleaut32

SystemTimeToVariantTime
VarUdateFromDate
VariantTimeToSystemTime

shlwapi

PathIsURLA
PathIsUNCA

resutils

ResUtilCreateDirectoryTree
ResUtilEnumResources
ResUtilSetExpandSzValue
ResUtilGetAllProperties
ResUtilSetPropertyTableEx
ResUtilGetResourceDependencyByName
ResUtilVerifyPropertyTable
ResUtilGetResourceDependentIPAddressProps
ResUtilVerifyPrivatePropertyList

fontext

DllCanUnloadNow

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 227KB - Virtual size: 825KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88c7d01060658968f705f99024621ebf

Headers

File Characteristics

Imports

ole32

kernel32

advapi32

user32

rpcrt4

oleaut32

shlwapi

resutils

fontext

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 227KB - Virtual size: 825KB

.rsrc Size: 2KB - Virtual size: 5KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 227KB - Virtual size: 825KB

.rsrc
Size: 2KB - Virtual size: 5KB