c5a0e8c2e91440dc8cadb814d9176fc4dae4becc368e3dc7dfd7d0ecc5536d99

Sharing

Copy URL Twitter E-mail

General

Target

c5a0e8c2e91440dc8cadb814d9176fc4dae4becc368e3dc7dfd7d0ecc5536d99
Size

333KB
MD5

7816b9149afa7de7a32840b3c09b6b5b
SHA1

3141a598558971eb6a35075ed597128abe561a29
SHA256

c5a0e8c2e91440dc8cadb814d9176fc4dae4becc368e3dc7dfd7d0ecc5536d99
SHA512

46a3cc2984311f9de41287fb5fe3f92492ae54a706ba101920071c397bbe39bf8ff0f29178661da03b0ed2a849c6f237e45511141eb2f246aaf3a8ab2dce6c9f
SSDEEP

6144:2348QL1SzX5Nu8LmGElwfY+Bh82bLe9iRN:QxzfElww+Bh82bV

Score

1^/10

Malware Config

Signatures

Files

c5a0e8c2e91440dc8cadb814d9176fc4dae4becc368e3dc7dfd7d0ecc5536d99
.exe windows x86

8c45f9e9bcc0b8dabcc5678d86c7e6e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetProcessImageFileNameA

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

kernel32

GlobalFlags
GlobalAddAtomA
lstrcmpW
GlobalFindAtomA
ReadFile
FlushFileBuffers
GetCurrentProcess
GetCPInfo
GetOEMCP
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoA
RtlUnwind
GetTimeFormatA
GetDateFormatA
RaiseException
HeapSize
HeapReAlloc
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GlobalGetAtomNameA
LocalReAlloc
GlobalHandle
GlobalReAlloc
LocalAlloc
GetModuleFileNameW
GetModuleHandleW
SetErrorMode
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryExA
CompareStringA
lstrcmpA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
InterlockedExchange
QueryPerformanceCounter
QueryPerformanceFrequency
FindResourceExA
Thread32First
OpenThread
SuspendThread
Thread32Next
ResumeThread
GetVersionExA
LoadLibraryA
FreeLibrary
GetTempPathA
TlsFree
TlsGetValue
TlsAlloc
TlsSetValue
HeapAlloc
HeapFree
VirtualFree
VirtualAlloc
InterlockedDecrement
HeapCreate
GetPrivateProfileIntA
FindFirstFileA
CompareFileTime
FindNextFileA
FindClose
GetFileAttributesA
SetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
OutputDebugStringA
SetFilePointer
WriteFile
CreateFileA
GetFileSize
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
CreateThread
GetCurrentThreadId
GetCurrentProcessId
DeleteCriticalSection
InitializeCriticalSection
CreateEventA
GetCommandLineA
lstrcpynA
SetCurrentDirectoryA
GetCurrentDirectoryA
OpenEventA
GetSystemInfo
TerminateProcess
GetProcAddress
GetModuleHandleA
SetEvent
lstrcatA
LockResource
MoveFileA
CopyFileA
CreateProcessA
GetPrivateProfileStringA
WritePrivateProfileStringA
Process32Next
Process32First
CreateToolhelp32Snapshot
OpenProcess
Sleep
GetTickCount
DeleteFileA
SizeofResource
LoadResource
FindResourceA
GetLastError
GetModuleFileNameA
WideCharToMultiByte
WaitForSingleObject
lstrlenA
CloseHandle
GetProcessHeap
GetTimeZoneInformation

user32

DestroyMenu
ShowWindow
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClientRect
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
CopyRect
CallWindowProcA
GetMenu
SetWindowLongA
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
ClientToScreen
GrayStringA
PostMessageA
DefWindowProcA
DestroyWindow
DispatchMessageA
DrawTextExA
DrawTextA
TabbedTextOutA
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
PeekMessageA
CreateWindowExA
RegisterClassExA
GetClassInfoA
MessageBoxA
IsIconic
SendInput
AttachThreadInput
GetWindowThreadProcessId
FindWindowA
SetForegroundWindow
SetWindowPos
BringWindowToTop
GetForegroundWindow
IsWindow
GetSubMenu
GetMenuItemCount
GetWindowTextA
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
PostQuitMessage
GetMenuState
GetMenuItemID

gdi32

GetStockObject
OffsetViewportOrgEx
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
CreateBitmap
GetDeviceCaps
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
SetViewportExtEx

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetValueExA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueA
RegOpenKeyA
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken
CreateProcessAsUserA
StartServiceA
ControlService
QueryServiceStatus
CloseServiceHandle
OpenServiceA
OpenSCManagerA

shell32

SHGetSpecialFolderPathA

shlwapi

SHGetValueA
PathFindExtensionA
PathFileExistsA
PathFindFileNameA

ole32

CoCreateGuid
StringFromGUID2

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantChangeType
VariantInit

ws2_32

ntohl
gethostname
inet_addr
WSAStartup
gethostbyname
inet_ntoa
htonl

iphlpapi

GetAdaptersInfo

Exports

Exports

overlap_free
overlap_malloc
pool_free
pool_malloc
vp_free
vp_malloc

Sections

.text
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c45f9e9bcc0b8dabcc5678d86c7e6e6

Headers

DLL Characteristics

File Characteristics

Imports

psapi

userenv

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

ws2_32

iphlpapi

Exports

Exports

Sections

.text Size: 247KB - Virtual size: 247KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 31KB - Virtual size: 31KB

.text
Size: 247KB - Virtual size: 247KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 31KB - Virtual size: 31KB