cb151e5bc7fff1026a55f65254a8a42af5c328f06ebda0d183f1f338909c5668

Sharing

Copy URL Twitter E-mail

General

Target

cb151e5bc7fff1026a55f65254a8a42af5c328f06ebda0d183f1f338909c5668
Size

866KB
MD5

1d099758df87c54a57ea6ee118dce4d3
SHA1

e1987fd6a4dbb38f669ace3fc9e76e1b1d79584c
SHA256

cb151e5bc7fff1026a55f65254a8a42af5c328f06ebda0d183f1f338909c5668
SHA512

8252db73c4105bf66d1d552437dae27c259b46b1628856865a1fec9604e8f87b999be6798e4ef6fd2543046d98f4a4f3d269e3603500186d217423b1e5f72fc0
SSDEEP

12288:CcrjWi5COF7hT+KMlDKzzeM6m29vEt6UVpfp9IXWpsHX3u7Mr6XKbIeLrDo0yrS0:CcuWOD8JaQlPfp9ImplwWwIMrHu

Score

N/A

Malware Config

Signatures

Files

cb151e5bc7fff1026a55f65254a8a42af5c328f06ebda0d183f1f338909c5668
.exe windows x86

223ec9088a258af740900eff1b70d5cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowExW
GetWindowLongA
LoadCursorFromFileA
GetWindowPlacement
DdeSetQualityOfService
AllowSetForegroundWindow
MBToWCSEx
AppendMenuA
MessageBoxW
ReuseDDElParam
GetTabbedTextExtentW
MessageBoxExA
EndDialog
GetScrollRange
SendIMEMessageExW
SetScrollPos
DrawIcon
BroadcastSystemMessage
SetClassLongA
GetWindowTextLengthW
OpenDesktopW
EnumPropsW
IsZoomed
CallMsgFilterW
CharToOemBuffW
MonitorFromPoint
IsMenu
DdeGetLastError
CharUpperBuffW
MessageBoxIndirectW
ShowCaret
GetPriorityClipboardFormat
UnregisterDeviceNotification
EnterReaderModeHelper
UserLpkPSMTextOut
ScrollDC
LoadImageA
CopyAcceleratorTableA
DlgDirListW
GetWindowModuleFileNameA
ClientThreadSetup
IsWindowEnabled
OpenDesktopA
GetClipboardSequenceNumber
MenuItemFromPoint

kernel32

WideCharToMultiByte
GetProfileIntA
InterlockedIncrement
GetComputerNameA
FreeLibrary
MoveFileWithProgressA
QueryMemoryResourceNotification
BaseFlushAppcompatCache
CommConfigDialogA
ResetWriteWatch
VirtualAlloc
FileTimeToLocalFileTime
CreateDirectoryExA
GetACP
GlobalAddAtomA
CreateProcessInternalA
GetAtomNameA
WriteProfileSectionA
SetCommTimeouts
GetCommandLineW
TlsSetValue
UTUnRegister
CloseProfileUserMapping
HeapUnlock
GetModuleHandleW
DelayLoadFailureHook
GetConsoleCursorInfo
EnumResourceTypesA
SetLocaleInfoA
AttachConsole
TransactNamedPipe
lstrcpy
EnumSystemCodePagesA
lstrlen
GetConsoleInputExeNameW
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetComPlusPackageInstallStatus
GetModuleHandleA
ReadConsoleInputA
lstrcpyA
_lopen
SetFileTime
GetStartupInfoW
GetTickCount
WriteConsoleW
GetVolumeInformationA
BaseInitAppcompatCacheSupport
SetConsolePalette
PrivCopyFileExW
BackupRead
DeleteTimerQueue
SetSystemTime
GetSystemTimeAsFileTime
GetConsoleAliasW
RegisterConsoleIME
QueryActCtxW
FreeEnvironmentStringsW
SwitchToFiber
CreateMailslotA
GlobalFindAtomW
DosPathToSessionPathA
GetConsoleInputExeNameA
GlobalCompact
GetTapeParameters
GetExitCodeProcess
ReleaseSemaphore
MapUserPhysicalPagesScatter
Module32Next
GetFullPathNameA
GetFileTime
CreateHardLinkW
ExpandEnvironmentStringsW
GlobalUnWire
EnumerateLocalComputerNamesA
CallNamedPipeW

advapi32

InitializeSecurityDescriptor
SystemFunction018
GetServiceKeyNameW
LookupPrivilegeDisplayNameW
SystemFunction021
SystemFunction024
LsaNtStatusToWinError
NotifyBootConfigStatus
AddUsersToEncryptedFile
RegLoadKeyA
OpenThreadToken
RegCreateKeyExW
BuildSecurityDescriptorW
RevertToSelf
CredProfileLoaded
AccessCheckByType
WmiQueryAllDataMultipleA
UnregisterTraceGuids
DeleteService
RegQueryMultipleValuesA
CreateRestrictedToken
LsaQueryForestTrustInformation
StartServiceW
GetFileSecurityW
SetEntriesInAclW
AbortSystemShutdownW
SetNamedSecurityInfoExW
CredFree
CryptImportKey
StopTraceA
ClearEventLogA
RegConnectRegistryA
AccessCheckAndAuditAlarmW
QueryServiceObjectSecurity
ElfBackupEventLogFileW
CredRenameA
SaferiPopulateDefaultsInRegistry
ElfBackupEventLogFileA
LsaClearAuditLog
RegSetValueW
ElfOpenBackupEventLogW

msvcrt

wcspbrk
_wexeclpe
_putws
_fstati64
_wfindfirsti64
_beginthreadex
_strset
_wfsopen
__CxxFrameHandler
_mbscpy
_cprintf
_wcreat
??1bad_cast@@UAE@XZ
tanh
_mbsnbcnt
fputc
putc
_mbsnextc
_wsplitpath
_CxxThrowException
_popen
_mbsrev
_mbbtombc
_initterm
_yn
signal
putwchar
__crtLCMapStringW
_finite
_aligned_realloc
_mbsinc
iswupper
__p__dstbias
_read
log10
_lsearch
_wutime64
_execvpe
__pioinfo
exit
_wcsicmp
__isascii
_wspawnve

mlang

IsConvertINetStringAvailable
GetGlobalFontLinkObject
ConvertINetMultiByteToUnicode
ConvertINetReset
ConvertINetUnicodeToMultiByte
ConvertINetString
LcidToRfc1766A
Rfc1766ToLcidW
DllGetClassObject
Rfc1766ToLcidA
LcidToRfc1766W

shell32

SHGetMalloc

Sections

.text
Size: 387KB - Virtual size: 387KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

223ec9088a258af740900eff1b70d5cb

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

msvcrt

mlang

shell32

Sections

.text Size: 387KB - Virtual size: 387KB

.rdata Size: 211KB - Virtual size: 211KB

.data Size: 264KB - Virtual size: 1.7MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 387KB - Virtual size: 387KB

.rdata
Size: 211KB - Virtual size: 211KB

.data
Size: 264KB - Virtual size: 1.7MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 1024B