1e10dc0788be6c3829b51f56c31a641f0400c0bae1fc1617c05c385fd2c289d0

Sharing

Copy URL Twitter E-mail

General

Target

1e10dc0788be6c3829b51f56c31a641f0400c0bae1fc1617c05c385fd2c289d0
Size

383KB
MD5

3db85a87c1b79172b7c109a56c4e93ba
SHA1

44d6761abf04198590fcbcbd6246a5933f5dff16
SHA256

1e10dc0788be6c3829b51f56c31a641f0400c0bae1fc1617c05c385fd2c289d0
SHA512

5f6003e11fae29b14dbb3dc581f6f5173f26570a1f1c87ae99cd266b0f11a083a3cbdcf47097fa42dfdeda246c769603048ac62cf72f2d1ef605c6d9cf295130
SSDEEP

6144:cBvWbR5IOzmfWT5RJA7YwVX5N6LcmPmRfatqBDlpTTkur1Y37hp3CAOziG0:mWbRSOzm+T5RJAUwALcmPmRfJBDnX1Se

Score

1^/10

Malware Config

Signatures

Files

1e10dc0788be6c3829b51f56c31a641f0400c0bae1fc1617c05c385fd2c289d0
.exe windows x86

68210cbcac87951e5789b8fe41914ddd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA
StrStrIA
PathRemoveFileSpecW
PathRemoveFileSpecA
PathFileExistsW
PathFileExistsA
PathAppendW
PathAppendA

winhttp

WinHttpQueryDataAvailable
WinHttpCrackUrl
WinHttpOpen
WinHttpReceiveResponse
WinHttpCloseHandle
WinHttpOpenRequest
WinHttpSetTimeouts
WinHttpSendRequest
WinHttpReadData
WinHttpConnect

iphlpapi

GetAdaptersInfo

psapi

GetModuleFileNameExA

kernel32

HeapReAlloc
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
WriteConsoleW
TlsAlloc
SwitchToThread
SetLastError
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CloseHandle
CreateMutexW
GetModuleHandleW
WriteFile
GetModuleFileNameA
GetModuleFileNameW
CreateProcessA
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
GetProcAddress
GetCurrentProcess
GetEnvironmentVariableA
SetEnvironmentVariableA
WaitForSingleObject
GetFileSize
ReadFile
FindClose
GetTickCount
lstrcpynW
TlsGetValue
CreateDirectoryW
GetFileAttributesA
GetFileAttributesW
FindNextFileW
SetEndOfFile
SetFilePointer
OpenProcess
TerminateProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Process32First
Process32Next
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcessId
GetCurrentThreadId
SetEvent
ResetEvent
CreateEventW
GetExitCodeThread
ResumeThread
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryW
DecodePointer
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
EncodePointer
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
HeapAlloc
HeapFree
TlsSetValue
TlsFree
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlUnwind
RaiseException
HeapSize
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetACP
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
FreeLibrary
WaitForSingleObjectEx

user32

GetWindowLongW
GetMessageW
TranslateMessage
DispatchMessageW
PostMessageW
DefWindowProcW
PostQuitMessage
RegisterClassExW
ShowWindow
CreateWindowExW
SetTimer
DestroyWindow
CallWindowProcW
wsprintfW
SetWindowLongW

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExW
GetTokenInformation
OpenProcessToken
RegSetValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteExA
SHGetSpecialFolderPathW
SHCreateDirectoryExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68210cbcac87951e5789b8fe41914ddd

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

winhttp

iphlpapi

psapi

kernel32

user32

advapi32

shell32

version

Sections

.text Size: 289KB - Virtual size: 289KB

.rdata Size: 86KB - Virtual size: 85KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 289KB - Virtual size: 289KB

.rdata
Size: 86KB - Virtual size: 85KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB