c3b1399ae2881c12ace981603c049938e4071d2840ab33e7642ebd6dea8db35f

Sharing

Copy URL Twitter E-mail

General

Target

c3b1399ae2881c12ace981603c049938e4071d2840ab33e7642ebd6dea8db35f
Size

672KB
MD5

11f9508fa82c3c060d30c72bb0ce1fd0
SHA1

b5a68008b57acaf5aea5c8e8f4393b75b79adf35
SHA256

c3b1399ae2881c12ace981603c049938e4071d2840ab33e7642ebd6dea8db35f
SHA512

3adf6dd04fe973109efe00209375fbc3972ea980f09243afdc24c04f3470b8ee7cc061ad91644beef9c3869b24fc6d515b9d98b6d9d2bc71ce20a127f42c56e8
SSDEEP

12288:+yuVHc27CggtI4TbFOhVPOLrC4KCaEdMzVKBS3SVBMJVzYLLwZPYDvIKn:fuVHcCqtnTbFOXWrC4KOdMpH3kBWVML3

Score

N/A

Malware Config

Signatures

Files

c3b1399ae2881c12ace981603c049938e4071d2840ab33e7642ebd6dea8db35f
.exe windows x86

2e8fab1808caa58142958222232c2bae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateIconFromResource
DefWindowProcW
InflateRect
DdeQueryNextServer
GetPropA
DdeImpersonateClient
WindowFromDC
CharLowerW
PeekMessageA
GetProcessWindowStation
MessageBoxW
ScrollDC
CreateWindowExA
SetRectEmpty
GetClipboardFormatNameW
SetDebugErrorLevel
SwapMouseButton
GetWindowDC
RegisterClassA
SetWindowContextHelpId
SetUserObjectSecurity
DestroyWindow
FlashWindowEx
RegisterClassExA
ShowWindow
GetGUIThreadInfo
SetClassLongW

shell32

ShellHookProc
ExtractIconEx

comctl32

ImageList_DragMove
ImageList_DragEnter
ImageList_GetImageRect
ImageList_Write
ImageList_Copy
ImageList_Draw
ImageList_Replace
ImageList_SetOverlayImage
CreateMappedBitmap
ImageList_GetBkColor
CreatePropertySheetPageW
CreatePropertySheetPage
InitCommonControlsEx
ImageList_LoadImage
CreatePropertySheetPageA
ImageList_AddMasked
CreateStatusWindowA
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_GetIcon
CreateStatusWindowW
ImageList_DrawIndirect

kernel32

RtlZeroMemory
ExitProcess
FindResourceExW
GetThreadPriorityBoost
GetLogicalDriveStringsA
GetCommandLineA
EnumResourceLanguagesW
TlsGetValue
ConvertDefaultLocale
WideCharToMultiByte
GetStartupInfoW
SetConsoleCursorInfo
GetCPInfo
ReadConsoleInputW
GlobalUnfix
GetProcAddress
CreateDirectoryExW
VirtualFree
GetPrivateProfileIntW
MoveFileA
InitializeCriticalSection
GetProfileSectionW
FreeEnvironmentStringsA
ReadConsoleOutputCharacterW
CreateToolhelp32Snapshot
HeapDestroy
GetVersion
VirtualUnlock
InterlockedIncrement
SuspendThread
GetSystemDirectoryA
SetThreadAffinityMask
LocalFlags
GlobalSize
EnumTimeFormatsA
LCMapStringA
GetModuleFileNameW
GetCompressedFileSizeW
EnterCriticalSection
VirtualQuery
GetLastError
UnhandledExceptionFilter
GetCurrentThread
GetConsoleOutputCP
LoadLibraryW
VirtualAlloc
LCMapStringW
GetModuleFileNameA
TerminateProcess
RtlUnwind
SetHandleCount
GetStringTypeA
GetEnvironmentStrings
SetStdHandle
FlushFileBuffers
EnumCalendarInfoExW
MultiByteToWideChar
FlushViewOfFile
FreeEnvironmentStringsW
HeapReAlloc
SetLastError
GetModuleHandleA
ContinueDebugEvent
CreateEventA
GetLocalTime
CompareStringW
GetTimeZoneInformation
GetStartupInfoA
IsBadWritePtr
GetStdHandle
FileTimeToLocalFileTime
CreateMutexA
SetFileAttributesA
WriteFile
GetCalendarInfoW
LockResource
GetCurrentThreadId
HeapAlloc
GetFileType
LoadLibraryA
GetProcAddress
WritePrivateProfileStructW
EnumSystemLocalesW
LeaveCriticalSection
OpenFileMappingA
GetThreadTimes
GetLongPathNameW
OpenMutexA
GetStringTypeExW
InterlockedDecrement
FillConsoleOutputCharacterA
ReadFile
SetEnvironmentVariableA
GetTickCount
QueryPerformanceCounter
WriteFileEx
TransactNamedPipe
TlsFree
SetFilePointer
AllocConsole
GetCurrentProcessId
GlobalFindAtomA
HeapCreate
GetStringTypeW
WaitForMultipleObjectsEx
OpenProcess
DeleteCriticalSection
WriteProfileStringA
GetVersionExW
GetCurrentProcess
LocalReAlloc
GetSystemTime
GlobalFix
FreeLibrary
GlobalHandle
GetPrivateProfileStructW
TlsAlloc
GetEnvironmentStringsW
GetFileAttributesExW
GetProcessHeap
InterlockedExchange
HeapFree
GetCommandLineW
CreateProcessA
CreateDirectoryA
GetSystemTimeAsFileTime
TlsSetValue
FileTimeToDosDateTime
CompareStringA
GetWindowsDirectoryA
WriteConsoleOutputCharacterW
CloseHandle

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 444KB - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e8fab1808caa58142958222232c2bae

Headers

File Characteristics

Imports

user32

shell32

comctl32

kernel32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 444KB - Virtual size: 441KB

.data Size: 136KB - Virtual size: 157KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 444KB - Virtual size: 441KB

.data
Size: 136KB - Virtual size: 157KB

.rsrc
Size: 24KB - Virtual size: 22KB