ced6d0ca3c2a7419a41b3d947c9badd22aab17abb40c12b04216e4c1033087ef

Sharing

Copy URL

Twitter E-mail

General

Target

ced6d0ca3c2a7419a41b3d947c9badd22aab17abb40c12b04216e4c1033087ef
Size

376KB
MD5

6606a798f2025546db48d4b4b28711ed
SHA1

262614c0781495b7ad7772f1c45338cc3c35f158
SHA256

ced6d0ca3c2a7419a41b3d947c9badd22aab17abb40c12b04216e4c1033087ef
SHA512

9627e5683c914951656701e4f99a4044493bd862c4e01620e82ebc921897ac16dfe40d108c09d778686b5b14ef5f3554ecaeeededf3b13137e1ef20601acad12
SSDEEP

6144:CL/e+PmwxSJQ/xALXqo1jmUZxL6xQGQo:CLW+PrSLXqs765

Score

N/A

Malware Config

Signatures

Files

ced6d0ca3c2a7419a41b3d947c9badd22aab17abb40c12b04216e4c1033087ef
.exe windows x86

b16cf117ca9e882db02f4d0ecb0421f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

storm

ord253
ord252
ord269
ord267
ord266

fog

ord10019
gdwInvBitMasks
gdwBitMasks
ord10022
ord10029

ddraw

DirectDrawEnumerateA
DirectDrawCreate

user32

LoadStringA
LoadCursorA
DialogBoxIndirectParamA
DialogBoxParamA
wvsprintfA
CreateDialogIndirectParamA
CreateDialogParamA
CreateWindowExA
EnumDisplaySettingsA
SetCursor
DefWindowProcA
RegisterClassA
SendMessageA
PostMessageA
SetForegroundWindow
SetActiveWindow
SetFocus
BringWindowToTop
GetWindowTextA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
EndDialog
MessageBoxA
DestroyWindow
UnregisterClassA
ShowWindow
GetDlgItem
SetWindowTextA

gdi32

GetStockObject

kernel32

RtlUnwind
TlsGetValue
WideCharToMultiByte
CloseHandle
FlushFileBuffers
LCMapStringW
LCMapStringA
ReadFile
SetStdHandle
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
TlsSetValue
lstrlenA
SleepEx
CreateThread
GetLastError
CreateEventA
SetLastError
GetProcAddress
LoadLibraryA
LockResource
LoadResource
FindResourceExA
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrcpynA
TerminateProcess
GetCurrentProcess
GetEnvironmentStringsW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
GetEnvironmentVariableA
TlsAlloc
GetVersionExA
InterlockedDecrement
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapCreate
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
InterlockedIncrement
HeapDestroy
VirtualFree
HeapFree
WriteFile
HeapReAlloc
HeapAlloc
HeapSize

advapi32

RegDeleteValueA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b16cf117ca9e882db02f4d0ecb0421f3

Headers

File Characteristics

Imports

storm

fog

ddraw

user32

gdi32

kernel32

advapi32

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 24KB - Virtual size: 45KB

.rsrc Size: 76KB - Virtual size: 75KB

.tc Size: 204KB - Virtual size: 204KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 24KB - Virtual size: 45KB

.rsrc
Size: 76KB - Virtual size: 75KB

.tc
Size: 204KB - Virtual size: 204KB