3cea5a4368f2a28abb78f9435c18d27aa061332910ea1b63f766128f5c6f18a3

Sharing

Copy URL Twitter E-mail

General

Target

3cea5a4368f2a28abb78f9435c18d27aa061332910ea1b63f766128f5c6f18a3
Size

154KB
MD5

4b88e18fcfbb8fe62998cfdaa4cf7ed0
SHA1

8de62c52ba2bcf714c1f3d1bdd32e7e2d8121c86
SHA256

3cea5a4368f2a28abb78f9435c18d27aa061332910ea1b63f766128f5c6f18a3
SHA512

e651c090c274d6508e67d958b5d42215c7f453d5061a3f2e787b8b3a089e7abe64a4ef2391a68da9ee69512657ddc16c418f3cd36a08b68dd60a00c7d6e97971
SSDEEP

1536:QdJ+IWTbzuJQT+APtSDfS7JriTdP3cKlDjZSu/ndqvOtunpsEt6u:OwIWPushcD67JrgRcKL/dqvw+psEt6u

Score

N/A

Malware Config

Signatures

Files

3cea5a4368f2a28abb78f9435c18d27aa061332910ea1b63f766128f5c6f18a3
.exe windows x86

9956484c58c38c825d1c18b150d9f117

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConnectNamedPipe
GetStringTypeExW
lstrcmp
_lcreat
GetNumberFormatW
CreateTimerQueueTimer
Beep
QueryInformationJobObject
GetModuleFileNameW
PurgeComm
GetProfileIntW
GetDiskFreeSpaceW
GetPrivateProfileSectionW
OpenSemaphoreA
GetThreadLocale
Sleep
CreateJobObjectW
GetEnvironmentStringsA
GetConsoleAliasesA
CreateMutexW
LockResource
GetConsoleAliasExesLengthW
TlsGetValue
GetTapePosition
SetVolumeLabelW
EnumLanguageGroupLocalesW
ReadConsoleOutputA
WritePrivateProfileStructW
ReadConsoleOutputCharacterW
PeekNamedPipe
FlushConsoleInputBuffer
FreeLibrary
GetSystemWindowsDirectoryW
GlobalAddAtomA
FlushInstructionCache
CopyFileExA
GlobalAlloc
GetConsoleMode
CreateHardLinkA
SetConsoleMode
WritePrivateProfileStructA
GetCurrentProcessId
SetCommConfig
GetVolumeInformationW
Process32FirstW
SetConsoleCP
GetPriorityClass
CreateTimerQueue
SetThreadIdealProcessor
LocalReAlloc
GetHandleInformation
DebugActiveProcess
LockFile
GetCommandLineA
lstrcpynA
GetSystemDefaultLCID
SetVolumeMountPointA
ClearCommError
ReleaseMutex
GetCurrentConsoleFont
WriteFileGather
ExitProcess
GetTempPathA
CreatePipe
RtlZeroMemory
SetConsoleCursorInfo
VirtualProtectEx
SetEndOfFile
SetConsoleTextAttribute
SetThreadContext
LoadLibraryA
GetProcAddress

user32

IsDialogMessageW
CreatePopupMenu
CharToOemA
RegisterClassExA
IsCharAlphaNumericA
CharToOemBuffA
DestroyMenu
IsWindowVisible
GetKeyNameTextA
UnhookWindowsHookEx
GetAltTabInfoW
EnumDesktopsW
DdeSetQualityOfService
ExitWindowsEx
SetDeskWallpaper
CheckMenuItem
DdeNameService
SetSystemCursor
UnhookWindowsHook
IsWindow
SetParent
EditWndProc
SetProcessWindowStation
EnumPropsA
GetDialogBaseUnits
DdeCreateDataHandle
CopyAcceleratorTableA
GetScrollBarInfo
GetWindowContextHelpId
RegisterWindowMessageW
ReleaseCapture
SetMenu
CountClipboardFormats
CreateMDIWindowW
ClientToScreen
VkKeyScanExW
CallMsgFilterW
FillRect
RemoveMenu
ReplyMessage
GetClipCursor
GetProcessWindowStation
OffsetRect
mouse_event
SetDlgItemTextW
BlockInput
InsertMenuW
FreeDDElParam
OemToCharW
WINNLSEnableIME
GetUpdateRgn
SetMessageExtraInfo
GetMessageTime
UnregisterClassW
GetAsyncKeyState
GetClassInfoExW
SetSysColors
UserHandleGrantAccess
GetWindowDC
IsDialogMessageA
PeekMessageA
UnregisterHotKey
SetWindowTextW
GetCaretBlinkTime
SendInput
FindWindowExW
SendMessageCallbackW
GetSubMenu
IsRectEmpty
IsDialogMessage
CallWindowProcA
RegisterDeviceNotificationW
GetCaretPos
EnumDisplaySettingsExA
MessageBoxExA
CallNextHookEx
InsertMenuA
GetWindowPlacement
DrawTextA
LoadStringW
SetRectEmpty
DrawFrameControl
CreateMDIWindowA
GetMenuItemInfoW
RegisterClipboardFormatW
EnumWindows
VkKeyScanW
CreateIcon
DlgDirSelectComboBoxExW
TranslateAcceleratorA
wsprintfW
WINNLSGetIMEHotkey
DefMDIChildProcA
LoadIconA
LoadCursorA

gdi32

GetStockObject

msvcrt

_utime64
iswspace
_daylight
_except_handler2
fputwc
_chgsign
_getmaxstdio
fgetwc
_fstat64
__p__environ
strncat
_spawnl
_wsystem
_exit
_wspawnlp
_rmdir
_ctime64
ldexp
_amsg_exit
acos
__p___wargv
_tzset
_putch
_wctime
_ismbcprint
_get_osfhandle
_mbsdec
_ismbcl1
_wfindfirst
_mbsspn
_mbscpy
_execlp
pow
_adj_fdivr_m32i
wcstod
strtok
sqrt
_environ
_endthreadex
_jn
_getch
_adj_fdiv_m16i
tmpfile
_ultow
_errno
_purecall
_isctype
_copysign
longjmp
fopen
_setmode
_execv
_inpd
__crtGetLocaleInfoW
ftell
_dup
_adjust_fdiv
wcsspn
_outpw
sinh
strerror
_cgets
_snprintf
_stat64
_chkesp
_unloaddll
_expand
_setmbcp
_strerror
_wgetcwd
__p__pgmptr
__p__mbcasemap
_ismbcl0
time
_findfirsti64
strlen
fprintf
_filbuf
_cscanf
_wcsset
__STRINGTOLD
__badioinfo
_strnset
_heapused
strchr
_wsplitpath
asctime
memmove
memcpy
__initenv
_locking
strpbrk
_wcsdup
_getdcwd
_getdiskfree
__setlc_active
memset

advapi32

RegOpenKeyExA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9956484c58c38c825d1c18b150d9f117

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 109KB - Virtual size: 109KB

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 109KB - Virtual size: 109KB

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 1KB - Virtual size: 1KB