cd338f0b603ab352cd16572ba551d1d76dce9633d76164ad7ba80e8f8a1bedb0

Sharing

Copy URL

Twitter E-mail

General

Target

cd338f0b603ab352cd16572ba551d1d76dce9633d76164ad7ba80e8f8a1bedb0
Size

360KB
MD5

fbd516945e7cb2d18d09f9495fd613b0
SHA1

f78d63ce48af318861634ab20410b38afb6128c2
SHA256

cd338f0b603ab352cd16572ba551d1d76dce9633d76164ad7ba80e8f8a1bedb0
SHA512

daa2806e2597e4b2802df709594615e4c14316d48ccf6b7e87b8a81fcc6874389304be8286b00229e8ca9da293bf9e710fa79421217e1809aff52d3dfc29c032
SSDEEP

6144:FFGOugHsJBMiA1862lKdTsScrbupwQEkR3z8qvgbDpQK1YFONcn1CnM:zGxgAtzdgdGSskR3IqoDSlFOmL

Score

N/A

Malware Config

Signatures

Files

cd338f0b603ab352cd16572ba551d1d76dce9633d76164ad7ba80e8f8a1bedb0
.exe windows x86

df52b36fa1e66a925945862927c9ead7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
CreateMutexA
GlobalAddAtomW
Beep
GetACP
SetCommMask
WritePrivateProfileSectionA
FindNextChangeNotification
GetFileInformationByHandle
UnhandledExceptionFilter
WritePrivateProfileStringA
GetTempFileNameA
CompareStringW
SetSystemTime
CopyFileExW
lstrcmpA
VirtualProtect
GetShortPathNameA
FormatMessageA
GlobalReAlloc
RemoveDirectoryA
GetHandleInformation
ExitProcess
WritePrivateProfileSectionW
SetEvent
GetSystemTimeAsFileTime
GetModuleHandleA
EraseTape
OpenSemaphoreW
AllocConsole
GetOEMCP
GetCurrentProcess
GetDiskFreeSpaceExA
FindFirstFileA
FreeResource
lstrcpyA
SetConsoleMode
GetCommConfig
SetProcessShutdownParameters
GetCommModemStatus
GetNumberFormatW
LocalAlloc
CreateWaitableTimerA
DosDateTimeToFileTime
GetWindowsDirectoryA
CreateFileW
GetUserDefaultLangID
lstrcmpiW
LeaveCriticalSection
CreateNamedPipeW
GetModuleFileNameW
GetLocaleInfoW
CreateDirectoryA
CreateDirectoryW
GlobalUnlock
GetLargestConsoleWindowSize
WaitNamedPipeA
GetTimeZoneInformation
SetNamedPipeHandleState
GetTempPathW
IsValidLocale
FlushFileBuffers
PurgeComm
QueryDosDeviceW
GetBinaryTypeW
GetBinaryTypeA
GetThreadPriority
VirtualFree
ReadConsoleOutputA
SetEnvironmentVariableA
ScrollConsoleScreenBufferA
GetStartupInfoA
SetThreadLocale
WriteConsoleOutputCharacterA
SetLastError
IsBadWritePtr
TlsGetValue
SizeofResource
GetCommandLineA
VirtualAlloc
CompareStringA

user32

GetWindowLongA
GetUpdateRgn
InvalidateRgn
SetMenuItemInfoA
EnableMenuItem
PtInRect
SendMessageCallbackW
DrawTextExW
IsCharAlphaA
EnumWindowStationsA
GetMenuItemID
AppendMenuW
RegisterWindowMessageA
ValidateRect
ExitWindowsEx
PostMessageW
CharPrevA
CreateCaret
GetKeyNameTextW
GetClipboardFormatNameW
RemovePropA
GetWindowTextW
CharNextW
CharUpperA
MapDialogRect
SetClipboardData
DestroyMenu
GetTitleBarInfo
OpenInputDesktop
GetThreadDesktop
CharUpperW
CallWindowProcW
SwitchDesktop
LoadImageW
LoadMenuIndirectW
SendMessageA
SetRect
ExcludeUpdateRgn
DeleteMenu
DrawMenuBar
ArrangeIconicWindows
DestroyCaret
DrawFocusRect
GetSubMenu
GetKeyboardLayout
LoadStringW
CharToOemA
CloseDesktop
CharPrevW
ActivateKeyboardLayout
MessageBeep
UpdateWindow
GetSystemMetrics
FindWindowW
CreateIcon

gdi32

ExcludeClipRect
SetMapMode
DeleteObject
GetCharacterPlacementA
TranslateCharsetInfo
StretchDIBits
GetCurrentPositionEx
CreateHalftonePalette
ExtCreateRegion
ExtCreatePen
GetCharWidth32W
GetMetaFileBitsEx
SelectClipRgn
RemoveFontResourceA
CloseFigure
SetWindowOrgEx
SelectObject

advapi32

SetNamedSecurityInfoA
AllocateLocallyUniqueId
GetExplicitEntriesFromAclW
ChangeServiceConfigW
RegOpenKeyA
CryptGenKey
CryptGenRandom
RegCreateKeyExA
SetFileSecurityA
CryptEncrypt
BuildTrusteeWithNameW
RegSaveKeyW
AccessCheck
InitiateSystemShutdownA
RegCreateKeyA
RegisterServiceCtrlHandlerW
SetSecurityInfo
SetTokenInformation
RegCloseKey
LookupAccountNameA
EnumDependentServicesA
CryptReleaseContext
RegEnumValueA
QueryServiceStatus
PrivilegeCheck
ObjectDeleteAuditAlarmW
DestroyPrivateObjectSecurity
GetServiceDisplayNameW
GetUserNameA
ImpersonateNamedPipeClient
CreateProcessAsUserA
EqualSid
GetServiceKeyNameW
ReadEventLogW
CryptSetProvParam
RegSetValueExA
IsValidSid
MakeSelfRelativeSD
IsTextUnicode
GetAclInformation

shell32

ShellExecuteA
Shell_NotifyIconW
DragQueryPoint
SHChangeNotify

ole32

CLSIDFromString
OleCreateMenuDescriptor
OleSetMenuDescriptor
CoReleaseServerProcess
CoFreeAllLibraries
CoMarshalInterThreadInterfaceInStream
OleConvertIStorageToOLESTREAM

oleaut32

SysStringLen
VariantCopy
LoadTypeLi
SafeArrayPutElement
SetErrorInfo
VariantChangeType
SafeArrayGetElement
SysAllocStringLen
QueryPathOfRegTypeLi
SafeArrayUnaccessData
SafeArrayCreate

comctl32

ImageList_Merge
ImageList_SetIconSize

shlwapi

PathGetDriveNumberW
PathParseIconLocationW
PathIsUNCA
PathFindFileNameW
PathAppendA
StrToIntW
PathCompactPathW
StrRChrA
StrCpyNW
StrCmpNA
StrCatBuffA
StrRChrW
StrStrIW
UrlCombineW

msvcrt

strerror
_stricoll
strncat
_itow
atol
_fdopen
_strtime
wcstoul
_wcsicmp
_makepath
putc
_chmod
_mbsnicmp
rename
_getdrive
wctomb
_mbscpy
vfwprintf
iswctype
wprintf
isdigit
_pctype
_mbscmp
__doserrno
longjmp

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

df52b36fa1e66a925945862927c9ead7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 268KB - Virtual size: 266KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 268KB - Virtual size: 266KB