ce557c22e9259268d34d84cbddc06cbfb552a05aa92e593db5988edde8753888

Sharing

Copy URL Twitter E-mail

General

Target

ce557c22e9259268d34d84cbddc06cbfb552a05aa92e593db5988edde8753888
Size

160KB
MD5

199f6209e4e1e2c995d962b03787ea30
SHA1

6ff54301e718227fbf670b21ed2e1860c0e4a808
SHA256

ce557c22e9259268d34d84cbddc06cbfb552a05aa92e593db5988edde8753888
SHA512

6bf7a5976d70ced37f3ff49251708b773abb7890f6cc766b8d934a9ada943716f5f11cda50487ac02881dd77597026777ff8cc0ecdac28ba161d533fbaf64d2f
SSDEEP

3072:xOWNnKN6RKGVmYHJM0Aw09VjhY8vxlzbDnFbDuK0YlsQLEn2vyKYtuIn+ewHqN:/NQ6zBHJM0u9VjhJv51LlsGynKS1wHqN

Score

N/A

Malware Config

Signatures

Files

ce557c22e9259268d34d84cbddc06cbfb552a05aa92e593db5988edde8753888
.exe windows x86

e41e8a9bae6381292f6f66e32cd21c85

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcscat
malloc
wcslen
_wcsnicmp
_initterm
free
wcsstr
_wtoi

kernel32

RtlZeroMemory
SetThreadPriority
GetSystemTimeAsFileTime
GetProcessHeap
VirtualAllocEx
lstrlenW
LCMapStringA
GetPrivateProfileStructW
ExpandEnvironmentStringsW
QueryPerformanceCounter
ReadConsoleInputW
UpdateResourceA
GetLogicalDriveStringsW
RtlMoveMemory
BaseCleanupAppcompatCacheSupport
LockResource
VerifyVersionInfoA
GetConsoleSelectionInfo
ZombifyActCtx
_lopen
HeapAlloc
WriteConsoleOutputAttribute
LCMapStringW
FindNextVolumeW
ScrollConsoleScreenBufferW
QueueUserAPC
SwitchToThread
SwitchToFiber
ReadConsoleOutputCharacterA
GetCurrentProcessId
FlushConsoleInputBuffer
GetProfileSectionW
GetLastError
InterlockedExchange
InterlockedCompareExchange
QueryDepthSList
SleepEx
GetTickCount
CloseHandle
GetExitCodeThread
CompareStringW
FindActCtxSectionStringA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
UnregisterConsoleIME
GetVolumePathNameA
SetFileAttributesW
DeleteCriticalSection
GetStringTypeA
EnumDateFormatsA
SetTapeParameters
GetCurrentProcess
FreeLibrary
WaitForSingleObject
EndUpdateResourceA
ReadFileEx
GetLongPathNameA
HeapFree
IsBadCodePtr
LocalFree
GetCPInfoExW
CreateConsoleScreenBuffer
CallNamedPipeA
GetGeoInfoW
WaitForSingleObject
GlobalReAlloc
TerminateProcess
OpenEventW
FindNextChangeNotification
SetInformationJobObject
SetConsoleFont
EnumResourceLanguagesA

ole32

CoInitializeEx
StringFromGUID2
CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

oleaut32

VariantClear
SysFreeString
VariantInit
SysAllocString

rpcrt4

NdrClientCall2
RpcBindingFree
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcStringFreeW
RpcBindingSetAuthInfoExW

rtutils

TraceRegisterExA
TraceVprintfExA
TraceDeregisterW

user32

LoadStringW

ws2_32

htonl

ntdll

RtlIpv4AddressToStringW

sxs

SxsProbeAssemblyInstallation
SxsBeginAssemblyInstall

shlwapi

PathIsRootA
PathFindExtensionA
StrStrNW
wvnsprintfA
StrRStrIA
PathCombineA
DelayLoadFailureHook
StrRetToStrW
PathQuoteSpacesW
IntlStrEqWorkerW
StrIsIntlEqualA
SHSetValueA
PathRemoveFileSpecA
PathAppendA
PathRemoveArgsA
PathSearchAndQualifyA
PathIsLFNFileSpecW
PathIsUNCServerA
SHStrDupA
PathFindSuffixArrayA
PathFindNextComponentA
SHRegisterValidateTemplate

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.WQ
Size: 3KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.W
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CBeK
Size: 2KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zB
Size: 3KB - Virtual size: 18KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Qw
Size: 3KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AAVBXH
Size: 3KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e41e8a9bae6381292f6f66e32cd21c85

Headers

File Characteristics

Imports

msvcrt

kernel32

ole32

oleaut32

rpcrt4

rtutils

user32

ws2_32

ntdll

sxs

shlwapi

Sections

.text Size: 30KB - Virtual size: 29KB

.WQ Size: 3KB - Virtual size: 46KB

.rdata Size: 4KB - Virtual size: 3KB

.W Size: 3KB - Virtual size: 16KB

.CBeK Size: 2KB - Virtual size: 17KB

.data Size: 7KB - Virtual size: 11KB

.zB Size: 3KB - Virtual size: 18KB

.Qw Size: 3KB - Virtual size: 28KB

.AAVBXH Size: 3KB - Virtual size: 18KB

.rsrc Size: 97KB - Virtual size: 97KB

.text
Size: 30KB - Virtual size: 29KB

.WQ
Size: 3KB - Virtual size: 46KB

.rdata
Size: 4KB - Virtual size: 3KB

.W
Size: 3KB - Virtual size: 16KB

.CBeK
Size: 2KB - Virtual size: 17KB

.data
Size: 7KB - Virtual size: 11KB

.zB
Size: 3KB - Virtual size: 18KB

.Qw
Size: 3KB - Virtual size: 28KB

.AAVBXH
Size: 3KB - Virtual size: 18KB

.rsrc
Size: 97KB - Virtual size: 97KB