cc8cd367e9a189083c595a46a4374ef66773f45091f6b0d04f87028788b46a76

Sharing

Copy URL

Twitter E-mail

General

Target

cc8cd367e9a189083c595a46a4374ef66773f45091f6b0d04f87028788b46a76
Size

288KB
MD5

096d6ad6fa277fcddde2e175ef55aafd
SHA1

23e5b7f53eb8fee0591f8908654f4a4cf17722f1
SHA256

cc8cd367e9a189083c595a46a4374ef66773f45091f6b0d04f87028788b46a76
SHA512

11cda4c2a8c564506b4135238023e16d0d96a1a7f14b262ec955c4e99b2cd8a45193d38252b3894bc0b2d9830e9b4f709425c35e653b811e7205946ac323afee
SSDEEP

6144:czroroe+qOf1fzMyJmC2Wnn5JU7Ekm8Nca0t:droe+FI1W+tm8Ka0t

Score

N/A

Malware Config

Signatures

Files

cc8cd367e9a189083c595a46a4374ef66773f45091f6b0d04f87028788b46a76
.exe windows x86

41933a43619e5286fb6fc3f53cd51801

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupIterateCabinetW

shell32

CommandLineToArgvW
SHGetFolderPathW

comdlg32

GetOpenFileNameW

shlwapi

PathCombineW
PathRemoveFileSpecW

ole32

CLSIDFromString
CoRevokeClassObject
CLSIDFromProgID
CoInitialize
CoLoadLibrary
OleRun
CoTaskMemFree
CoInitializeEx
CoTaskMemAlloc
StringFromCLSID
CoCreateInstance
StringFromGUID2
CoRegisterClassObject
CoTaskMemRealloc
CoUninitialize

oleaut32

VarBstrCmp
SafeArrayGetDim
SafeArrayGetUBound
CreateErrorInfo
SafeArrayDestroy
SetErrorInfo
SafeArrayGetLBound
SysStringLen
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
GetErrorInfo
VariantClear
SysAllocString
SysFreeString
SysAllocStringLen
VariantInit
SafeArrayGetElement

user32

GetSystemMenu
LoadStringW
DispatchMessageA
ShowWindow
GetMessageW
CreateWindowExW
MsgWaitForMultipleObjectsEx
MessageBoxW
DialogBoxParamW
GetMonitorInfoW
GetDesktopWindow
SetWindowLongW
SetCursor
GetWindow
GetFocus
GetWindowTextW
TranslateMessage
BeginPaint
MonitorFromWindow
PostThreadMessageW
EnableWindow
SetWindowPos
GetClientRect
SetForegroundWindow
CharNextW
GetDC
PeekMessageW
SetFocus
EndPaint
SystemParametersInfoW
IsWindowUnicode
GetClassInfoExW
PostMessageW
MapWindowPoints
GetSystemMetrics
UnregisterClassA
GetWindowTextLengthW
SendMessageW
GetWindowPlacement
EnableMenuItem
SetCapture
GetDlgItem
LoadCursorW
SetWindowTextW
ReleaseDC
SetDlgItemTextW
GetWindowRect
CallWindowProcW
GetDlgItemTextW
GetParent
MsgWaitForMultipleObjects
CharPrevW
TranslateAcceleratorW
SetWindowPlacement
EndDialog
LoadIconW
ReleaseCapture
GetWindowLongW
DefWindowProcW
RegisterClassExW
DestroyWindow
CreateDialogParamW
IsWindow
DispatchMessageW
GetMessageA

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

msi

ord8
ord32
ord204
ord45
ord113
ord205
ord92
ord111
ord120
ord160
ord70
ord159

gdi32

CreateFontIndirectW
GetDeviceCaps
DeleteObject

kernel32

RtlUnwind
LeaveCriticalSection
GetACP
TlsSetValue
FindResourceW
MapViewOfFile
CloseHandle
SetEnvironmentVariableA
WaitForSingleObject
IsWow64Process
IsValidLocale
RaiseException
HeapDestroy
CreateMutexW
LCMapStringW
SetFileAttributesW
LocalFree
GetShortPathNameW
OutputDebugStringW
LockResource
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
FindFirstFileW
GetProcessHeap
HeapFree
HeapSize
SetLastError
GetModuleHandleA
UnhandledExceptionFilter
LoadResource
WriteFile
FindResourceExW
GetTimeZoneInformation
CreateFileMappingW
InterlockedPopEntrySList
GetCommandLineA
EnterCriticalSection
CompareStringW
IsProcessorFeaturePresent
IsValidCodePage
MulDiv
CreateDirectoryW
CreateFileW
HeapAlloc
ResetEvent
GetTempFileNameW
ReleaseMutex
LocalAlloc
Process32NextW
GetStdHandle
UnmapViewOfFile
GetSystemInfo
lstrcmpA
FileTimeToSystemTime
SizeofResource
SetEndOfFile
LoadLibraryExW
FormatMessageW
GetCurrentDirectoryW
TlsGetValue
GetExitCodeThread
IsDebuggerPresent
FindNextFileW
GetTempPathW
GetPrivateProfileSectionW
GetFileType
WriteConsoleW
GetSystemDirectoryW
GetSystemTimeAsFileTime
EnumSystemLocalesA
CreateProcessW
GetDriveTypeW
SetHandleCount
GetLocalTime
CreateEventW
RemoveDirectoryW
FreeEnvironmentStringsW
PeekNamedPipe
GetConsoleMode
InterlockedPushEntrySList
GetFullPathNameW
FreeLibrary
CreateThread
GetSystemDefaultLCID
GetCurrentThreadId
CreateToolhelp32Snapshot
HeapReAlloc
WideCharToMultiByte
FlushFileBuffers
TlsAlloc
lstrlenW
TlsFree
GetPrivateProfileStringW
lstrlenA
Process32FirstW
lstrcmpiW
SetFilePointer
EnumUILanguagesW
FindFirstFileExW
ReadFile
DuplicateHandle
GetConsoleCP
VirtualFree
SetErrorMode
SetUnhandledExceptionFilter
GetWindowsDirectoryW
DeleteFileW
GetCommandLineW
GetModuleHandleW
GetFileInformationByHandle
FindClose
VirtualAlloc
FlushInstructionCache
SetStdHandle
GetOEMCP
VirtualAllocEx

ntprint

PSetupFreeMem
PSetupSelectDeviceButtons
PSetupGetDriverInfo3
PSetupThisPlatform
PSetupDriverInfoFromName

uniplat

CreateOverStructPool
ResetCallCount

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 236KB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41933a43619e5286fb6fc3f53cd51801

Headers

File Characteristics

Imports

setupapi

shell32

comdlg32

shlwapi

ole32

oleaut32

user32

version

msi

gdi32

kernel32

ntprint

uniplat

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 236KB - Virtual size: 7.5MB

.rdata Size: 6KB - Virtual size: 192KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 236KB - Virtual size: 7.5MB

.rdata
Size: 6KB - Virtual size: 192KB

.rsrc
Size: 27KB - Virtual size: 26KB