8c198926910c66ba36d7eef0b1b241b4a6da8f4f39843281ce703f89bc621006

Sharing

Copy URL Twitter E-mail

General

Target

8c198926910c66ba36d7eef0b1b241b4a6da8f4f39843281ce703f89bc621006
Size

1.9MB
MD5

a9c00f288376ad30a9dc03696877a84c
SHA1

cc58d6c16cca757172a4c0d7cc1a61380fc4a93f
SHA256

8c198926910c66ba36d7eef0b1b241b4a6da8f4f39843281ce703f89bc621006
SHA512

16019169d8360459dbe79e5c4d9ddd0c9091f4fcfab04a7442e80cf17d1af8071a35a6cdeb7af0153e650a148d332aaa6d1377f832de66c69709cc95001688c3
SSDEEP

49152:KPx2Hk5/iZg4+Eq/EBEmYEsoYSRb3yh6YjYnntEy+RaYyGYSCxnurE1LESjEz6za:x3OSG

Score

N/A

Malware Config

Signatures

Files

8c198926910c66ba36d7eef0b1b241b4a6da8f4f39843281ce703f89bc621006
.exe windows x86

8c9957baf392444d47313f29a76c3fcc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
CompareStringW
lstrlenA
TerminateProcess
ExitProcess
CreateProcessA
GetModuleHandleA
LocalFree
SetEndOfFile
CreateFileW
CreateFileA
GetLocaleInfoW
ReadFile
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetOEMCP
CloseHandle
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetLastError
WideCharToMultiByte
MultiByteToWideChar
CreateThread
InterlockedExchange
Sleep
LoadLibraryA
GetProcAddress
FreeLibrary
InterlockedDecrement
WriteFile
VirtualFree
HeapCreate
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
SetEnvironmentVariableA
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetTimeZoneInformation
GetSystemTimeAsFileTime
VirtualAlloc
GetCommandLineA
GetStartupInfoA
LCMapStringA

user32

PostMessageA
DialogBoxParamA
BeginPaint
EndPaint
PostQuitMessage
LoadBitmapA
SetWindowTextA
MessageBoxA
FindWindowExA
SetWindowPos
CreateDialogParamA
DestroyWindow
SendMessageA
GetWindowRect
GetWindowLongA
SetWindowLongA
SetLayeredWindowAttributes
ShowWindow
RedrawWindow
SendDlgItemMessageA
CheckDlgButton
EndDialog
IsDlgButtonChecked
SetDlgItemTextA
FindWindowA
GetWindow
RegisterWindowMessageA
SendMessageTimeoutA
GetWindowTextA
SetFocus

gdi32

CreatePatternBrush
GetStockObject
SetTextColor
SetBkMode
DeleteObject

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteA

ole32

CoUninitialize
CoInitialize

oleaut32

VariantClear
SysFreeString
SysAllocString

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c9957baf392444d47313f29a76c3fcc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB