ddcc021a110992b5221ba71302e6cb49dcd81a6fa18cc206fbe8c094cc6eb371

Sharing

Copy URL Twitter E-mail

General

Target

ddcc021a110992b5221ba71302e6cb49dcd81a6fa18cc206fbe8c094cc6eb371
Size

320KB
MD5

57bff67dd6b99beb2607f1fc2288f55c
SHA1

f840132bceebb8097124fc85d030f7934bc6bdc6
SHA256

ddcc021a110992b5221ba71302e6cb49dcd81a6fa18cc206fbe8c094cc6eb371
SHA512

b8e821620c576496a4f06d71b8246de8796b1ef7fbb54de648deb981cb45e4606a85c17ec083c5d8c210a5058b034d46b829223bc52e0aaebe0ebbb2197cd6f0
SSDEEP

6144:YcsfAJtO24jQjP1amiCDrXOO5xqLxl26+CR7+WQA5DohICJ8:1sfqYDcZiC/5xqL26aZJ8

Score

N/A

Malware Config

Signatures

Files

ddcc021a110992b5221ba71302e6cb49dcd81a6fa18cc206fbe8c094cc6eb371
.exe windows x86

f0a47a134520ec63b940f65e6c8a3693

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA

oleaut32

SafeArrayGetElement

shell32

ShellExecuteA
FindExecutableA
SHGetSpecialFolderPathW
SHGetPathFromIDListA
SHGetDesktopFolder
DragQueryPoint
ExtractIconExW

gdi32

SetLayout

ws2_32

WSAGetQOSByName
WSAAsyncGetHostByName
WSASetLastError
WSAHtons
gethostbyaddr
WSAAccept
accept
WSAEnumNetworkEvents
WSAGetServiceClassNameByClassIdW
WSALookupServiceNextW
WSALookupServiceEnd
gethostname
WSAConnect

user32

SetCaretBlinkTime
SendMessageA
GetDlgItemTextA
SetScrollRange
IsCharUpperA
CreateAcceleratorTableA
CreatePopupMenu
DefFrameProcA
ShowWindowAsync
ClipCursor
GetWindowWord
EndPaint
LookupIconIdFromDirectory
AttachThreadInput
MapVirtualKeyW
GetMessageW
GetUpdateRgn
GetScrollRange
GetThreadDesktop
CharToOemA
RegisterClipboardFormatA
SetLastErrorEx
GetForegroundWindow
EndMenu
GetKeyState
GetTabbedTextExtentW
IsWindowUnicode
CharPrevA
TranslateAcceleratorW
SetClassLongW
SetClipboardData
SetTimer
IsCharUpperW
GetAncestor
ShowWindow
GetClipboardData
SetUserObjectSecurity
InsertMenuW
CopyIcon
CharUpperA
SystemParametersInfoA
WinHelpW
CreateAcceleratorTableW
OpenDesktopA
SwapMouseButton
DrawMenuBar
DestroyCaret

kernel32

GetShortPathNameA
AllocConsole
MoveFileW
GetPrivateProfileStringW
CreateFileW
FormatMessageW
GetThreadContext
FatalAppExitA
lstrcmpiA
GlobalFree
GetCommandLineW
OutputDebugStringA
GetWindowsDirectoryA
ScrollConsoleScreenBufferA
ConnectNamedPipe
SetCurrentDirectoryA
GetCurrentDirectoryW
SetEnvironmentVariableA
GlobalAddAtomA
SizeofResource
LoadLibraryExA
SetProcessShutdownParameters
GetBinaryTypeW
UnmapViewOfFile
OpenFile
GetACP
FindResourceExW
GetPrivateProfileStringA
DeleteCriticalSection
ExitThread
FindFirstFileW
SetCommMask
GetSystemTimeAsFileTime
SetProcessWorkingSetSize
GetModuleHandleA
GetTapeParameters
VirtualLock
SetConsoleActiveScreenBuffer
GetSystemDirectoryW
lstrcpynA
SetConsoleTitleA
ExitProcess
_lopen
GetEnvironmentStringsW
LCMapStringA
FreeLibrary
FlushFileBuffers
LeaveCriticalSection
GetFileAttributesA
ReadDirectoryChangesW
CreatePipe
GetCPInfo
DosDateTimeToFileTime
SetHandleCount
VirtualAlloc
GetDriveTypeW
PurgeComm
GetCompressedFileSizeW
CancelIo
CreateEventA
SetThreadAffinityMask
CompareStringA
GlobalFlags
FindCloseChangeNotification
QueryDosDeviceA
QueryDosDeviceW
GetStartupInfoA
GlobalUnlock
GetProfileStringA
IsBadWritePtr
GetTempFileNameA
GetFileType
WriteConsoleOutputW
GetUserDefaultLangID
GetDateFormatA
SearchPathW
EnumResourceNamesW
GetBinaryTypeA

advapi32

CreateProcessAsUserA
RegEnumKeyExA
DestroyPrivateObjectSecurity
SetServiceStatus
DeregisterEventSource
SetSecurityDescriptorSacl
SetSecurityDescriptorGroup
SetKernelObjectSecurity
RegSaveKeyW
AbortSystemShutdownW
CryptDeriveKey
RegConnectRegistryA
ReportEventA
GetServiceDisplayNameA
RegReplaceKeyW
FreeSid
SetServiceObjectSecurity
RegisterEventSourceA

ole32

CoReleaseMarshalData
CoMarshalInterface
CoTreatAsClass
OleCreate
OleGetIconOfClass
StgCreateStorageEx
CoGetClassObject
CoFileTimeNow
OleSetClipboard

msvcrt

_adjust_fdiv
puts
_waccess
fgetws
_vsnwprintf
wcsncpy
frexp
atol
strstr
strrchr
setlocale
_sleep
_wcsnset
_wstrtime
_locking
_fstat
wcslen
strncat
_sopen
ctime
_mbslwr
_filelength
_putws
_getdcwd
_setmbcp
_mbsnbcpy
rand
_wchmod
realloc
towlower
_access
strcspn
bsearch
getc
free
ungetc
isxdigit
vfprintf
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_tell
__p__commode
__p__fmode
_controlfp
_except_handler3
__set_app_type

Sections

eyykago
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

yookaiu
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

qmkgwym
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wkggs
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0a47a134520ec63b940f65e6c8a3693

Headers

File Characteristics

Imports

version

oleaut32

shell32

gdi32

ws2_32

user32

kernel32

advapi32

ole32

msvcrt

Sections

eyykago Size: 200KB - Virtual size: 196KB

yookaiu Size: 8KB - Virtual size: 5KB

qmkgwym Size: 88KB - Virtual size: 85KB

wkggs Size: 20KB - Virtual size: 17KB

eyykago
Size: 200KB - Virtual size: 196KB

yookaiu
Size: 8KB - Virtual size: 5KB

qmkgwym
Size: 88KB - Virtual size: 85KB

wkggs
Size: 20KB - Virtual size: 17KB