f11a10858d519fc3c2947637df38f532ad4d86e8b986da20ce6194e8c13b15c4

Sharing

Copy URL

Twitter E-mail

General

Target

f11a10858d519fc3c2947637df38f532ad4d86e8b986da20ce6194e8c13b15c4
Size

526KB
MD5

e1d68aef78ff9d53ab3f547b08825792
SHA1

c6de9559dd48590873a8bef6e11bf9a274eb4d44
SHA256

f11a10858d519fc3c2947637df38f532ad4d86e8b986da20ce6194e8c13b15c4
SHA512

8e50bdad5823d3a193df8625dbf5c7d12134325d8cd17d4de09cf8bc6b882860d4e20f537755e1ec717be9689f9ffa228afab58a76c874dedbf02ef6d5e17f1d
SSDEEP

12288:C9qECi5Y8g2KpkWU3RHzFGqQnbJ8Ks3z:C9qF2YZ+5lybJPs3z

Score

N/A

Malware Config

Signatures

Files

f11a10858d519fc3c2947637df38f532ad4d86e8b986da20ce6194e8c13b15c4
.exe windows x86

6db73cda1fb5bbef2ae95e6a0b28a9f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptDestroyHash
CryptEncrypt
RegEnumKeyA
CryptAcquireContextW
CryptImportKey
CryptEnumProvidersA
RegFlushKey
CryptHashSessionKey

comdlg32

ChooseFontA
PageSetupDlgA
PrintDlgA

shell32

ShellExecuteExW

kernel32

GetModuleHandleA
VirtualFree
GetTickCount
TlsAlloc
VirtualAlloc
GetPrivateProfileSectionA
GetSystemTime
VirtualProtectEx
GetFileType
OpenMutexA
GetStringTypeW
InterlockedDecrement
GetCurrentThread
CommConfigDialogA
GetCommandLineW
UnhandledExceptionFilter
GetCurrentProcessId
GetEnvironmentStringsW
SetStdHandle
CloseHandle
FreeEnvironmentStringsW
LCMapStringA
GetLocalTime
GetEnvironmentStrings
MultiByteToWideChar
TlsSetValue
GetStartupInfoA
DeleteCriticalSection
EnumCalendarInfoW
GetLastError
HeapFree
WriteFile
FreeEnvironmentStringsA
GetCurrentThreadId
GetTimeZoneInformation
GetModuleFileNameA
GetSystemTimeAsFileTime
SetFilePointer
TlsFree
GetConsoleTitleW
GetCommandLineA
QueryPerformanceCounter
InterlockedExchange
ReadConsoleOutputAttribute
GetStartupInfoW
ExitProcess
CompareStringW
HeapDestroy
RtlUnwind
GetModuleFileNameW
GetVersion
SetEnvironmentVariableA
FileTimeToSystemTime
GetStringTypeA
IsBadWritePtr
GetCurrentProcess
LoadLibraryA
EnterCriticalSection
WideCharToMultiByte
ReadFile
FlushFileBuffers
InterlockedIncrement
GetCPInfo
GlobalFindAtomW
LeaveCriticalSection
HeapCreate
CompareStringA
HeapAlloc
SetLastError
HeapReAlloc
GetStdHandle
CreateMutexA
SetHandleCount
GetDriveTypeW
InitializeCriticalSection
TerminateProcess
TlsGetValue
LCMapStringW
VirtualQuery
GetProcAddress

wininet

InternetConfirmZoneCrossing
InternetOpenW

user32

SetMenuItemBitmaps
FindWindowA
MapVirtualKeyA
CopyImage
LoadImageW
LoadIconA
GetDesktopWindow
CreateCaret
RegisterClassExA
MonitorFromWindow
CharPrevA
GetScrollInfo
UnpackDDElParam
SetDoubleClickTime
RegisterClassExW
InSendMessageEx
LoadAcceleratorsW
ChildWindowFromPoint
SendMessageA
RegisterClassA

comctl32

InitCommonControlsEx

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6db73cda1fb5bbef2ae95e6a0b28a9f1

Headers

File Characteristics

Imports

advapi32

comdlg32

shell32

kernel32

wininet

user32

comctl32

Sections

.text Size: 151KB - Virtual size: 150KB

.rdata Size: 4KB - Virtual size: 9KB

.data Size: 357KB - Virtual size: 356KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 151KB - Virtual size: 150KB

.rdata
Size: 4KB - Virtual size: 9KB

.data
Size: 357KB - Virtual size: 356KB

.rsrc
Size: 13KB - Virtual size: 12KB