allcome | Blitz[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Blitz.exe
Size

461KB
MD5

9c30b653d66d104fa03e85c9c5987c19
SHA1

1db5a95ca0e2303bc7bc69ce1259e59594cbeb4d
SHA256

6f38484383e3301e91664d2cf8cfdc9347c37fa2c11e9c03838484745f6f1ba2
SHA512

464b6e92be6e4c0b74161a1d3eecccd766e4ced0c7940ab235cc96e80703b391cf56142c6c256d8fd45498949fde9f5cc5a8977d89752fac0cca133410c4744d
SSDEEP

3072:xBHLe0crYUAc3W3RBjJ9wUZBva7oRrADruYQLeT8YGjpO3GNEZdmb2YgQzEAnjkd:x1vcruc3WBBEUy7oL3jkmb2FQ1jZLwf

Score

10^/10

allcome

Malware Config

Extracted

Family

allcome

http://dba692117be7b6d3480fe5220fdd58b38bf.xyz/API/2/configure.php?cf6zrlhn=Raqxnd

Wallets

D7pq84u7ke73RmCkRPc1z2nKBfmfPrYLxM

rEPri1dB2B6TxxzBw31ihKwGkEEE3ZCzH2

0x379844563B2947bCf8Ee7660d674E91704ba85cc

XqcVZ9pP5YyEwfQ4RkVXC5mWZgQBY3qNNz

TT5o47UN2jDfvmbv7EQm8NZ3xw7NcpKhKB

t1Qc898xYxqJ2Vsrd2X15EA3L2QzNrCdZ6W

GB3TZL2PBSQOQAEFU57JPIFAXG7R73ECOSQGT3XCDCOAUGUWUKWAVO7H

4AqLHHmtMTQRWomEbPd8yxFdEsZ5VMXy1MvwhG1TTWgcCbGzgaAcfkA54K45UbQXjtBa3UYhmr8vYaGNGAkVTfXCE5bbT12

qrkkg7692gv3fz407lt8zxdxtx2d4zuf2q204ykdzn

1NipSzEWByjXUarhF2p3qq51MVbnnoo6HZ

0x08BDb0e0339E7B9A725FD665Fc17B3AA3FF73BFc

LQtxqhZWP3EDi9n1tVdKNyZVR6wrFRr7hN

+79889916188

LP1oSHdQ3kdgrWnPvB5XtuBLZaMq9JMoWt

ltc1qq5k32ja0yun36ydqhv6edd8ydpmfkfy6g5e994

bc1qngt9pchlwak6rzc37ez05sfhzr8dnyupu7e769

bc1qnx4g8m8lctzxm5wlcfpw2ae8zkf6nxerdujzuu

89CBob8FyychG8inyWBBhqUxbPFGzVaWnBZRdeFi8V38XRRv312X6ViMPxCuom3GKk8hLFmZYmTPQ1qMmq6YY8rCNCDeubb

Signatures

Allcome family
allcome

Files

Blitz.exe
.exe windows x86

ed5e7a68bd9d3fcbe4fc8ca66473351b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalLock
GlobalUnlock
CopyFileA
SetFileAttributesA
CreateDirectoryA
Process32First
CreateMutexA
WaitForSingleObject
CreateToolhelp32Snapshot
Process32Next
CloseHandle
GetModuleFileNameA
MultiByteToWideChar
CreateFileW
DecodePointer
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapReAlloc
HeapSize
SetFilePointerEx
GetProcessHeap
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceFrequency
WaitForSingleObjectEx
Sleep
GetExitCodeThread
InitializeCriticalSectionEx
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
RtlUnwind
RaiseException
GetLastError
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetStdHandle
WriteFile
GetModuleFileNameW
HeapFree
HeapAlloc
GetFileType
LCMapStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
WriteConsoleW

user32

OpenClipboard
GetClipboardData
SetClipboardData
CloseClipboard
EmptyClipboard
GetKeyState
LoadStringA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

urlmon

IsValidURL

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 340KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

ed5e7a68bd9d3fcbe4fc8ca66473351b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

urlmon

wininet

Sections

.text Size: 76KB - Virtual size: 76KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 340KB - Virtual size: 340KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 76KB - Virtual size: 76KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 340KB - Virtual size: 340KB

.reloc
Size: 5KB - Virtual size: 5KB