c3512ddca3b3f1479180f21a337199adf1b6b9746591e29b0dde660ced03f2a1

Sharing

Copy URL Twitter E-mail

General

Target

c3512ddca3b3f1479180f21a337199adf1b6b9746591e29b0dde660ced03f2a1
Size

334KB
MD5

2574e37c24f8e794db977b3d20cc4d12
SHA1

224b9743a407e62fc7aad2e13176e10036353296
SHA256

c3512ddca3b3f1479180f21a337199adf1b6b9746591e29b0dde660ced03f2a1
SHA512

69787ae74875f092b1fce654d4c81971c971bf2396ea58eb5c49fef1411540507d4eb29eba357e59f7c0f254ee627d19307c2e58a8f5b2d9620ee7ab771a1777
SSDEEP

6144:YYlwutM5ylcMZvneQcqayv/qPJeQwqcLx/0CbNdwt+5t+sJDyZTtTc08jqjH:eQCoAKx/0Cjwt+59DyZm08j2H

Score

N/A

Malware Config

Signatures

Files

c3512ddca3b3f1479180f21a337199adf1b6b9746591e29b0dde660ced03f2a1
.exe windows x86

0d21c88eff20e6e4686eddc89379b220

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DuplicateIcon

comctl32

InitCommonControlsEx

comdlg32

GetSaveFileNameA
ChooseFontW

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleHandleA
GetConsoleMode
InitializeCriticalSection
HeapFree
GetCurrentProcess
LoadLibraryW
GetLocaleInfoW
GetCurrentThread
GetProfileIntW
FreeEnvironmentStringsA
GetStartupInfoA
EnterCriticalSection
InterlockedExchange
GetSystemTimeAsFileTime
GlobalUnfix
WriteConsoleW
GetConsoleOutputCP
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
GetComputerNameA
GetProcessHeap
GetTimeZoneInformation
LCMapStringA
HeapAlloc
CompareStringA
GetThreadTimes
CloseHandle
WriteFile
OpenMutexA
GetFileType
GetLocaleInfoA
GetOEMCP
WriteConsoleA
CompareStringW
RtlUnwind
SetThreadIdealProcessor
LocalCompact
GetTickCount
SetHandleCount
ExitProcess
WriteConsoleOutputA
FlushFileBuffers
QueryPerformanceCounter
GetDateFormatA
CreateMutexA
GetCurrentProcessId
WriteConsoleOutputAttribute
ReadConsoleOutputA
TerminateProcess
GetStringTypeExA
GetEnvironmentStrings
SetEnvironmentVariableA
GetFileAttributesW
UnhandledExceptionFilter
GetVersionExA
FreeLibrary
GetStdHandle
VirtualQuery
HeapSize
GetStringTypeExW
CreateFileA
LoadLibraryA
SetFilePointer
IsValidCodePage
GetCurrentThreadId
LeaveCriticalSection
InterlockedIncrement
VirtualLock
DeleteCriticalSection
VirtualAlloc
GetUserDefaultLCID
HeapReAlloc
GetMailslotInfo
GetModuleFileNameA
TlsGetValue
SetLastError
IsValidLocale
GetLastError
GetCommandLineA
GetStringTypeA
IsDebuggerPresent
GetACP
SystemTimeToFileTime
VirtualFree
GetStringTypeW
InterlockedDecrement
HeapDestroy
TlsFree
HeapCreate
LCMapStringW
FormatMessageA
GetConsoleCP
WideCharToMultiByte
SetWaitableTimer
WriteConsoleOutputW
Sleep
GetCPInfo
GetTimeFormatA
GetProcAddress
TlsAlloc
TlsSetValue
EnumSystemLocalesA
ReadFile
SetStdHandle
MultiByteToWideChar

wininet

RetrieveUrlCacheEntryFileW

user32

RegisterClassA
UnionRect
RegisterClassExA
GetKeyboardLayout

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d21c88eff20e6e4686eddc89379b220

Headers

File Characteristics

Imports

shell32

comctl32

comdlg32

kernel32

wininet

user32

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 9KB - Virtual size: 39KB

.data Size: 173KB - Virtual size: 173KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 9KB - Virtual size: 39KB

.data
Size: 173KB - Virtual size: 173KB

.rsrc
Size: 6KB - Virtual size: 5KB