cc81ea6418c31d0ea66e4413df423997040d5a6cfb42a1f13a8eed5e05d816d0

General

Target

cc81ea6418c31d0ea66e4413df423997040d5a6cfb42a1f13a8eed5e05d816d0
Size

11.1MB
MD5

c5d44e386c234e2af63bfb09c85311fe
SHA1

9a94aac2d69f9cf0e7aaef6706a01353834a3433
SHA256

cc81ea6418c31d0ea66e4413df423997040d5a6cfb42a1f13a8eed5e05d816d0
SHA512

94079d15d1516d014a3c2fd3189a1489fc76c939917a09af537c07c2265c8912d4d402af4c8c608d21f44d6c5742dc2a9fc724fd4068fec1e7778b2f10cf15fb
SSDEEP

196608:oxqn0/M8r9+X2oPVmP/Ztjxj2xinlkPXZcpjWxmk0lDmX48M9irWIKfDaTjwAKoA:HYrEPVePjhEkWxm/lDmor+KfewAlLdC

Score

N/A

Malware Config

Signatures

Files

cc81ea6418c31d0ea66e4413df423997040d5a6cfb42a1f13a8eed5e05d816d0
.exe windows x86

b19f019db54d89f2ba776cb4ef335d21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
lstrlenW
ReadFile
GetFileSize
GetCommandLineA
GetProcAddress
GetLocaleInfoA
CreateFileA
GlobalAlloc
WaitForSingleObject
GetTickCount
LocalFree
FindClose
InterlockedCompareExchange
SetLastError
TlsGetValue
GetStartupInfoA
GetOEMCP
FormatMessageW
TlsFree
UnhandledExceptionFilter
GetACP
FlushFileBuffers
RtlUnwind
GetFileAttributesW
CreateEventW
GetEnvironmentStrings
CancelIo
GetModuleHandleA
ExitProcess

user32

DialogBoxParamW
SetWindowLongA
DestroyWindow
SetWindowTextW
UnregisterClassW
GetDesktopWindow
IsWindowEnabled
CharNextW
EqualRect
SetTimer
SetRect
RegisterClassW
SendDlgItemMessageW
IsIconic
EnableWindow
GetWindowLongA
CallWindowProcW
CopyRect
EndDialog

advapi32

GetUserNameA
ControlTraceA
DuplicateTokenEx
RegCreateKeyExW
AdjustTokenPrivileges
RevertToSelf
IsValidSid
GetSidIdentifierAuthority
GetAce
OpenProcessToken
EqualSid
CryptGenKey
CryptDestroyKey
CryptGetHashParam
AddAccessAllowedAce
RegSetValueExW
FreeSid
UpdateTraceA

msvcrt

exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit

crypt32

CertFreeCertificateContext

Sections

code
Size: 4.5MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 381KB - Virtual size: 578KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 6KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b19f019db54d89f2ba776cb4ef335d21

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

crypt32

Sections

code Size: 4.5MB - Virtual size: 5.4MB

.idata Size: 381KB - Virtual size: 578KB

.tls Size: 6KB - Virtual size: 4KB

.rsrc Size: 115KB - Virtual size: 114KB

code
Size: 4.5MB - Virtual size: 5.4MB

.idata
Size: 381KB - Virtual size: 578KB

.tls
Size: 6KB - Virtual size: 4KB

.rsrc
Size: 115KB - Virtual size: 114KB