1c7314afbcf908bd8053b6f6a40028f0c16cad93966be554474304ec2710e6d2

Sharing

Copy URL Twitter E-mail

General

Target

1c7314afbcf908bd8053b6f6a40028f0c16cad93966be554474304ec2710e6d2
Size

293KB
MD5

f7c3c7cbd49f392c51fd8e39f98dfe4b
SHA1

0cea7e8d939ef5262bde7f0ec6e855190661e92a
SHA256

1c7314afbcf908bd8053b6f6a40028f0c16cad93966be554474304ec2710e6d2
SHA512

64506c4fd85f63c46d03bd1170f4be7e9c0630116cc1f061578d56e004abc45d1126f8943fa861bba9f19533fb2a33afd271c85631272f1d758af975a56377b3
SSDEEP

6144:6Z0ccmHjSCLtcPhPKsA71BUanJqmdiTjQIbPWq9R0D7c/pjA:KLJDSCaMsu5nJqPTWZyp

Score

N/A

Malware Config

Signatures

Files

1c7314afbcf908bd8053b6f6a40028f0c16cad93966be554474304ec2710e6d2
.exe windows x86

c18152690cf5ec1f146be36f0709f0f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtectEx
GetProcAddress
GetLastError
lstrcmpA
MultiByteToWideChar
LoadLibraryA
GlobalMemoryStatus
ExitProcess
GlobalFree
CloseHandle
GetLogicalDriveStringsA
CreateFileA
OpenFile
GetModuleHandleA
GetCommandLineA
ReadFile
WriteFile
GlobalAlloc
GetFileSize

user32

GetWindowTextLengthA
BeginPaint
GetMessageA
LoadIconA
CreateWindowExA
ShowWindow
LoadMenuA
DispatchMessageA
EndPaint
DrawEdge
wsprintfA
GetSysColor
MoveWindow
LoadCursorA
SetFocus
TranslateMessage
MessageBoxA
SetMenu
PostQuitMessage
SetWindowTextA
DefWindowProcA
LoadBitmapA
UpdateWindow
EndDialog
RegisterClassExA
GetDlgItem
SendMessageA
GetSystemMetrics
DialogBoxIndirectParamA
GetClientRect

gdi32

GetStockObject
SelectObject
DeleteDC
ExtFloodFill
GetPixel
DeleteObject
CreateSolidBrush
CreateCompatibleDC

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

DragQueryFileA

oleaut32

SysFreeString
SysAllocStringByteLen

comctl32

ord6
ord17

wininet

InternetGoOnline
InternetSetCookieA
InternetGetCookieExA

wldap32

ord47

msvcrt

_ultoa

msi

ord44

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ky1l
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kuy1l
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat_0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c18152690cf5ec1f146be36f0709f0f8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

oleaut32

comctl32

wininet

wldap32

msvcrt

msi

Sections

.text Size: 9KB - Virtual size: 8KB

.itext Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 195KB

.ky1l Size: 97KB - Virtual size: 97KB

.kuy1l Size: 167KB - Virtual size: 167KB

.rsrc Size: 11KB - Virtual size: 10KB

.idat_0 Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 8KB

.itext
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 195KB

.ky1l
Size: 97KB - Virtual size: 97KB

.kuy1l
Size: 167KB - Virtual size: 167KB

.rsrc
Size: 11KB - Virtual size: 10KB

.idat_0
Size: 2KB - Virtual size: 1KB