af2c1e80bca7b70dbfe9e28dd2ea9731d756921a025496a462529a78a5771939

Sharing

Copy URL Twitter E-mail

General

Target

af2c1e80bca7b70dbfe9e28dd2ea9731d756921a025496a462529a78a5771939
Size

41KB
MD5

638df3b1caa0ce21a312c8e930f61b06
SHA1

406e08006029655791ef1205c7cd697fdaad229c
SHA256

af2c1e80bca7b70dbfe9e28dd2ea9731d756921a025496a462529a78a5771939
SHA512

0102ce1cdcb4e3a0b64634eb92dcf8606eaba495d1ba624a1da897d49752f56fe247d19dbe3e1c6279fb2d1fc801ed96bdd4405f819b4c9bd44f15ab45283b10
SSDEEP

768:F50qI0P1dHWEJ0HJOMxpJbvorCJViHWjv2Vjw3fPBMAoJJAY:Feh098v/5o2r2Zw3fPBMfJJAY

Score

N/A

Malware Config

Signatures

Files

af2c1e80bca7b70dbfe9e28dd2ea9731d756921a025496a462529a78a5771939
.exe windows x86

a92daf850ee5925c263acce1156296db

Code Sign

ce:38:85:a5:ff:2c:6d:26:a4:57:7f:bd:f1:9c:af:77:b3:e8:dc:53
Signer

Actual PE Digest

ce:38:85:a5:ff:2c:6d:26:a4:57:7f:bd:f1:9c:af:77:b3:e8:dc:53

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

NO CERTIFICATE

01/01/0001, 00:00
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetFileAttributesA
WideCharToMultiByte
InterlockedDecrement
CreateThread
CreateMutexA
ReadProcessMemory
GetThreadContext
CreateProcessA
lstrcatA
GetSystemDirectoryA
TerminateProcess
GetLastError
ResumeThread
SetThreadContext
WriteProcessMemory
FindResourceA
GetModuleHandleA
lstrcmpiA
GetModuleFileNameA
CopyFileA
ReleaseMutex
HeapFree
HeapAlloc
GetProcessHeap
GetFileSize
ReadFile
LocalFree
LoadResource
CreateFileA
SizeofResource
WriteFile
lstrcpyA
CloseHandle
FreeResource
WinExec
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
lstrlenA
VirtualAllocEx

user32

wsprintfA
GetWindowTextA
GetForegroundWindow

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA

ole32

CoCreateInstance
CoInitialize
OleRun
CoUninitialize

oleaut32

GetErrorInfo
SysFreeString
VariantClear

wininet

InternetReadFile
InternetCloseHandle
InternetSetCookieA
HttpAddRequestHeadersA
HttpOpenRequestA
HttpSendRequestA
InternetConnectA
InternetOpenA
HttpEndRequestA
InternetAttemptConnect
InternetWriteFile
HttpSendRequestExA

netapi32

Netbios

msvcp60

?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Xlen@std@@YAXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

msvcrt

??1type_info@@UAE@XZ
_onexit
__dllonexit
free
wcslen
atol
_exit
strchr
strncat
??2@YAPAXI@Z
strncmp
sprintf
printf
_XcptFilter
_strnicmp
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_CxxThrowException
_controlfp
atoi
strncpy
strcspn
strstr
__CxxFrameHandler
_except_handler3

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a92daf850ee5925c263acce1156296db

Code Sign

ce:38:85:a5:ff:2c:6d:26:a4:57:7f:bd:f1:9c:af:77:b3:e8:dc:53Signer

Signature Validations

Verification

01/01/0001, 00:00 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

wininet

netapi32

msvcp60

msvcrt

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 6KB - Virtual size: 6KB

ce:38:85:a5:ff:2c:6d:26:a4:57:7f:bd:f1:9c:af:77:b3:e8:dc:53
Signer

01/01/0001, 00:00
Valid: false

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 6KB - Virtual size: 6KB