c2a342f98bacd322a491e70b1fd9210c2c4570e50f403a73dc48a37ae8535685

Sharing

Copy URL Twitter E-mail

General

Target

c2a342f98bacd322a491e70b1fd9210c2c4570e50f403a73dc48a37ae8535685
Size

6.0MB
MD5

12db371d7c63e532a34e187dbd455f77
SHA1

2ba0ca514ea6218a8824b4ec38be45cd461ee56a
SHA256

c2a342f98bacd322a491e70b1fd9210c2c4570e50f403a73dc48a37ae8535685
SHA512

7dfa840606983501525a92c93d46452ab72e6032f2cb360f7a938caf8e282491593183118a23d6bd92ad281d3ecb8786db767c450946070d03defcb3ed25bb20
SSDEEP

196608:EmuUyRZOIb+WNeXCjWVg2Fl5CiUTWePm1:vtSb+XSUF78

Score

N/A

Malware Config

Signatures

Files

c2a342f98bacd322a491e70b1fd9210c2c4570e50f403a73dc48a37ae8535685
.exe windows x86

9fad9d83c5c039d67595eee1f1e6349c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
WideCharToMultiByte
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
CreateFileA
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
WritePrivateProfileStringA
WriteFile
WinExec
VirtualQuery
TerminateProcess
SetFileTime
SetFilePointer
SetFileAttributesA
SetCurrentDirectoryA
RemoveDirectoryA
ReadFile
OpenProcess
MulDiv
MoveFileA
LocalFileTimeToFileTime
LoadLibraryA
LeaveCriticalSection
IsDBCSLeadByte
InitializeCriticalSection
GlobalFindAtomA
GlobalDeleteAtom
GlobalAddAtomA
GetWindowsDirectoryA
GetVersionExA
GetTickCount
GetThreadLocale
GetTempPathA
GetSystemDirectoryA
GetStringTypeExA
GetStdHandle
GetShortPathNameA
GetProcAddress
GetPrivateProfileStringA
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileSize
GetFileAttributesA
GetExitCodeProcess
GetEnvironmentVariableA
GetDriveTypeA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetComputerNameA
GetCPInfo
GetACP
FreeLibrary
FormatMessageA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumCalendarInfoA
EnterCriticalSection
DosDateTimeToFileTime
DeviceIoControl
DeleteFileA
CreateProcessA
CreateFileA
CreateDirectoryA
CopyFileA
CloseHandle
Sleep
GetSystemTimeAsFileTime
CreateEventA
GetModuleFileNameW
GetModuleHandleA
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
LoadLibraryA
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetModuleHandleW
LoadResource
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
VirtualQuery
GetCommandLineA
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
RaiseException
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetKeyboardType
LoadStringA
MessageBoxA
CharNextA
CreateWindowExA
UnregisterClassA
TranslateMessage
SystemParametersInfoA
ShowWindow
SetWindowPos
SetWindowLongA
SetTimer
SetFocus
SetActiveWindow
SendMessageA
ReleaseDC
RegisterWindowMessageA
RegisterClassA
PostQuitMessage
PostMessageA
PeekMessageA
MessageBoxA
LoadStringA
LoadIconA
LoadCursorA
KillTimer
IsWindowVisible
GetWindowThreadProcessId
GetWindowTextA
GetWindowRect
GetWindowLongA
GetSystemMetrics
GetSysColor
GetWindow
GetMessageA
GetFocus
GetDesktopWindow
GetDC
GetClientRect
GetActiveWindow
FindWindowA
FillRect
EnumWindows
EndPaint
EnableWindow
DrawIcon
DispatchMessageA
DefWindowProcA
BeginPaint
CharNextA
CharToOemA
CharUpperBuffW

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
LookupAccountNameA
GetUserNameA

oleaut32

SysFreeString
SysAllocStringLen

gdi32

SelectObject
MoveToEx
LineTo
GetTextMetricsA
GetTextExtentPoint32A
GetDeviceCaps
DeleteObject
CreateSolidBrush
CreatePen
CreateFontA

shell32

ShellExecuteA

comctl32

InitCommonControls

Sections

:^%wMV3*
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

1+vcQr(C
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Pz@)`tm`
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

awbDW`LH
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

`.eJ&n'k
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

>-@Zyigr
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

gW`HFd*u
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

/XVkY6,M
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3I_.KAv6
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

+,+X]Q72
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fad9d83c5c039d67595eee1f1e6349c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

gdi32

shell32

comctl32

Sections

:^%wMV3* Size: 146KB - Virtual size: 146KB

1+vcQr(C Size: 8KB - Virtual size: 7KB

Pz@)`tm` Size: - Virtual size: 2KB

awbDW`LH Size: 4KB - Virtual size: 4KB

`.eJ&n'k Size: - Virtual size: 8B

>-@Zyigr Size: 512B - Virtual size: 24B

gW`HFd*u Size: 3.0MB - Virtual size: 3.0MB

/XVkY6,M Size: 2KB - Virtual size: 1KB

3I_.KAv6 Size: 2.8MB - Virtual size: 2.8MB

+,+X]Q72 Size: 11KB - Virtual size: 10KB

:^%wMV3*
Size: 146KB - Virtual size: 146KB

1+vcQr(C
Size: 8KB - Virtual size: 7KB

Pz@)`tm`
Size: - Virtual size: 2KB

awbDW`LH
Size: 4KB - Virtual size: 4KB

`.eJ&n'k
Size: - Virtual size: 8B

>-@Zyigr
Size: 512B - Virtual size: 24B

gW`HFd*u
Size: 3.0MB - Virtual size: 3.0MB

/XVkY6,M
Size: 2KB - Virtual size: 1KB

3I_.KAv6
Size: 2.8MB - Virtual size: 2.8MB

+,+X]Q72
Size: 11KB - Virtual size: 10KB