c6c80e8645bd0bf7d3be119e3f0b6262123c7b0e0a5ca3f1d223ef9b0f98bdbc

Sharing

Copy URL Twitter E-mail

General

Target

c6c80e8645bd0bf7d3be119e3f0b6262123c7b0e0a5ca3f1d223ef9b0f98bdbc
Size

3.3MB
MD5

8010d825a727a65d814438c2bd017d8b
SHA1

e5727dea1e8978cd74a0676a5a08b9ecfbe3b971
SHA256

c6c80e8645bd0bf7d3be119e3f0b6262123c7b0e0a5ca3f1d223ef9b0f98bdbc
SHA512

96b1a3c45c04ffd572ff5af675e93c73f1573530bc95104a32a10ef98eadcc4c5a1d4c5502789700033b785609f2abed558c65a4a7a4515fdcc622d48c71301e
SSDEEP

49152:RSaeh1Z+hBG3YBDy36ISsm8Z0FRIbowfEL9mVI4ecj7aDEP2dYm7Vq7Nm:RSak/2sXLSsh2kboBpWnj7aDE+t76m

Score

N/A

Malware Config

Signatures

Files

c6c80e8645bd0bf7d3be119e3f0b6262123c7b0e0a5ca3f1d223ef9b0f98bdbc
.exe windows x86

8014928f1a6c4c004e430a474e4149b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
SetErrorMode
SetPriorityClass
ConnectNamedPipe
GetTapeParameters
GetStdHandle
SetTapePosition
DeleteFileA
CreateNamedPipeA
WaitNamedPipeA
lstrcpyA
GetPriorityClass
LoadLibraryExA
OpenMutexA
SetFilePointer
ReadFile
GetUserDefaultLangID
FormatMessageA
CreateFileA
GetLastError
DisconnectNamedPipe
CloseHandle
GetStartupInfoA
GetFileInformationByHandle
FlushFileBuffers
SetLastError
InterlockedExchange
GetModuleHandleA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FlushViewOfFile
SetEndOfFile
OpenEventA
WaitForMultipleObjects
ResetEvent
GetCurrentProcessId
GetVersionExA
GetComputerNameA
OpenProcess
GetCurrentDirectoryA
SleepEx
SuspendThread
Sleep
GetCurrentThread
DuplicateHandle
GetFullPathNameA
GetFileAttributesA
GetDriveTypeA
CreateEventA
InterlockedIncrement
InterlockedDecrement
SetEvent
GetTempPathA
WriteFile
ReleaseMutex
CreateMutexA
WaitForSingleObject
ReleaseSemaphore
CreateSemaphoreA
SetThreadPriority
ResumeThread
GetCurrentThreadId
FindNextFileA
FindClose
FindFirstFileA
GetModuleFileNameA
lstrcmpA
lstrlenA
LocalFree
TlsAlloc
TlsFree
GetSystemInfo
InitializeCriticalSection
DeleteCriticalSection
TlsSetValue
TlsGetValue
LeaveCriticalSection
InterlockedExchangeAdd
EnterCriticalSection
VirtualAlloc
VirtualFree
GetEnvironmentVariableA
FreeLibrary
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetVersion
LocalAlloc

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
rename
perror
strrchr
modf
sqrt
pow
log
floor
exp
_HUGE
ceil
atan2
fabs
acos
asin
atan
cos
cosh
log10
sin
__dllonexit
tan
tanh
malloc
ftell
fseek
fread
_setmaxstdio
strstr
isdigit
_except_handler3
qsort
_snprintf
_isatty
_fileno
sprintf
_open_osfhandle
signal
rand
srand
free
getenv
sscanf
fgetc
system
printf
_fullpath
strtok
_stricmp
fputs
fputc
ctime
_onexit
?terminate@@YAXXZ
sinh
_controlfp
atol
__CxxFrameHandler
abort
fclose
fopen
fprintf
memmove
_CxxThrowException
isprint
_purecall
_vsnprintf
_close
_dup2
_strnicmp
_write
_umask
_read
_lseek
_open
_stat
_unlink
_getpid
_strlwr
vsprintf
putc
getchar
isalpha
localtime
_ftime
tolower
strncat
_getcwd
vfprintf
strerror
time
fgets
_errno
exit
_beginthreadex
fflush
fwrite
atoi
_access
_iob
strchr
strncmp
strncpy
_ftol
getc
_strdup

user32

SendMessageA
CreateWindowExA
LoadStringA
RegisterClassA
LoadCursorA
LoadIconA
TrackPopupMenu
GetCursorPos
SetMenuDefaultItem
CreatePopupMenu
SetForegroundWindow
ShowWindow
PostMessageA
SetFocus
DefWindowProcA
PostQuitMessage
DestroyMenu
AppendMenuA
DeleteMenu
GetSystemMenu
UpdateWindow
LoadImageA
GetSysColor
SetWindowLongA
WinHelpA
SetDlgItemTextA
SetCursor
GetDlgItem
SendDlgItemMessageA
GetParent
wsprintfA
SetWindowPos
SetDlgItemInt
EnableWindow
GetDlgItemInt
DialogBoxParamA
GetWindowLongA
EndDialog
TranslateMessage
DispatchMessageA
DestroyWindow
CharUpperBuffA
GetMessageA
DestroyIcon
CharLowerBuffA
MessageBoxA

advapi32

RegOpenKeyExA
RegCloseKey
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
GetUserNameA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetServiceStatus
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegisterServiceCtrlHandlerA
GetTokenInformation
EqualSid
StartServiceCtrlDispatcherA
FreeSid
SetSecurityInfo
SetEntriesInAclA
AllocateAndInitializeSid
GetSecurityInfo
RegQueryValueExA

mpr

WNetEnumResourceA
WNetCloseEnum
WNetGetUniversalNameA
WNetOpenEnumA

ole32

CoCreateGuid

icuuc30

utf8_nextCharSafeBody_3_0
u_toupper_3_0
u_strCompare_3_0
u_countChar32_3_0
ucnv_close_3_0
ucnv_fromUChars_3_0
ucnv_open_3_0
u_tolower_3_0

gdi32

GetStockObject
SetBkMode
CreateSolidBrush

shell32

Shell_NotifyIconA

comctl32

PropertySheetA
CreatePropertySheetPageA

ws2_32

htons
send
recv
select
__WSAFDIsSet
gethostbyname
inet_addr
WSACleanup
ntohl
htonl
closesocket
accept
listen
bind
getsockopt
setsockopt
connect
socket
shutdown
getservbyname
WSAGetLastError
gethostname
WSAStartup
getpeername
getsockname

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 804KB - Virtual size: 861KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8014928f1a6c4c004e430a474e4149b3

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

mpr

ole32

icuuc30

gdi32

shell32

comctl32

ws2_32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 224KB - Virtual size: 221KB

.data Size: 804KB - Virtual size: 861KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 224KB - Virtual size: 221KB

.data
Size: 804KB - Virtual size: 861KB

.rsrc
Size: 12KB - Virtual size: 10KB