0dd7f3dffe8c6e69df6137cb413ad25c474d73a86f1d46d52846990aa66e6f43

Sharing

Copy URL

Twitter E-mail

General

Target

0dd7f3dffe8c6e69df6137cb413ad25c474d73a86f1d46d52846990aa66e6f43
Size

343KB
MD5

012d9088558072bc3103ab5da39ddd54
SHA1

a6eee7369eb008fe48789ad4e8d2d8dcba4f23d9
SHA256

0dd7f3dffe8c6e69df6137cb413ad25c474d73a86f1d46d52846990aa66e6f43
SHA512

ecd1258b11d5f66c25f2ab26430c23b9b6d9e04777962ea11e275f64a86a9dcd1400a665d022a8924b727ac3298c8569f49f268a619b21818fb980d1e0a38418
SSDEEP

6144:s5h/BeaX6+PpEWgTO3x5N22vWvLRKKAX5l++SyIIdvw:s5LeaX6gcT85I2vCMX5l+ZGdv

Score

N/A

Malware Config

Signatures

Files

0dd7f3dffe8c6e69df6137cb413ad25c474d73a86f1d46d52846990aa66e6f43
.exe windows x86

92740ddb409bf75e0ecaa69c14440233

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memmove
_except_handler3
memcpy
_vsnprintf
_vsnwprintf
_itoa
_purecall
memset

kernel32

FindNextFileW
LoadLibraryW
FreeLibrary
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
lstrcmpA
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
CreateMutexW
ReleaseMutex
FindResourceExW
LoadResource
SizeofResource
LockResource
CreateProcessW
Sleep
CreateThread
ResumeThread
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
GetDateFormatW
GetTimeFormatW
FindClose
HeapAlloc
HeapFree
GetProcessHeap
GetEnvironmentVariableW
CopyFileExW
GetUserDefaultUILanguage
GetTickCount
MoveFileExW
ExpandEnvironmentStringsW
GetVolumeInformationW
GetDiskFreeSpaceExW
WaitForMultipleObjects
ResetEvent
GetTempPathW
GetLogicalDrives
GetDriveTypeW
LocalFree
CloseHandle
CreateEventW
GetLastError
DeleteCriticalSection
GetHandleInformation
SetThreadPriority
GetModuleFileNameW
GetCurrentThread
GetModuleHandleW
SetEvent
GetComputerNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
QueryPerformanceCounter
SetFileAttributesW
FindFirstFileW
WaitForSingleObject
DeleteFileW
GetFileTime
SetLastError
GetFileSizeEx
FlushFileBuffers
ReadFile
WriteFile
SetFileTime
HeapReAlloc
SetFilePointerEx
SetErrorMode
CreateFileW
GetCommandLineW
ExitProcess
GetCurrentThreadId
GetFileAttributesW

user32

DestroyWindow
SetTimer
PostMessageW
SetFocus
RegisterClassExW
FlashWindowEx
InvalidateRect
GetWindowTextW
MonitorFromWindow
SetWindowPos
ShowWindow
CreateWindowExW
IsWindowVisible
GetMonitorInfoW
DefWindowProcW
DialogBoxParamW
SetWindowLongW
EndDialog
CreateDialogParamW
MonitorFromPoint
UnregisterClassW
SetForegroundWindow
ReplyMessage
GetForegroundWindow
IsDialogMessageW
MessageBoxW
MessageBoxIndirectW
InSendMessage
ClientToScreen
GetWindowLongW
GetClassNameW
GetCaretPos
TrackPopupMenu
AppendMenuW
GetCursorPos
CreatePopupMenu
SetMenuDefaultItem
DestroyMenu
LoadIconW
CloseClipboard
EmptyClipboard
OpenClipboard
SetClipboardData
GetScrollInfo
ScrollWindowEx
GetSystemMetrics
UpdateWindow
SetScrollInfo
GetKeyState
EndPaint
ScreenToClient
GetWindowRect
DrawTextW
GetParent
GetClientRect
BeginPaint
DrawFocusRect
IntersectRect
GetDlgItem
SendMessageW
GetDlgCtrlID
SetWindowTextW
MoveWindow
GetDC
ReleaseDC
CharLowerW
PostQuitMessage
MsgWaitForMultipleObjects
TranslateMessage
PeekMessageW
DispatchMessageW
SystemParametersInfoW
AdjustWindowRectEx

advapi32

CryptExportKey
CryptAcquireContextW
CryptSetKeyParam
CryptGetKeyParam
RegSetValueExW
RegEnumKeyExW
RegFlushKey
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptGetHashParam
CryptDecrypt
CryptDestroyKey
CryptGenKey
CryptEncrypt
CryptImportKey
CryptReleaseContext

shell32

SHGetFolderPathW
CommandLineToArgvW
SHGetFileInfoW
ShellExecuteExW

uxtheme

SetWindowTheme

gdi32

GetDeviceCaps
CreateSolidBrush
GetObjectW
CreateCompatibleDC
SelectObject
DeleteObject
SetBkMode
SetBkColor
DeleteDC
SetTextColor
GetObjectA
CreateFontIndirectW

comctl32

InitCommonControlsEx
ord413
ord410

shlwapi

StrCmpIW
StrChrW
StrCmpW
PathMatchSpecW
StrCmpNW
ord12
PathFindFileNameW
PathRemoveFileSpecW
PathUnquoteSpacesW
PathQuoteSpacesW
PathRemoveBackslashW
PathAddBackslashW

msimg32

AlphaBlend

winhttp

WinHttpWriteData
WinHttpConnect
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpOpen
WinHttpOpenRequest
WinHttpReadData
WinHttpAddRequestHeaders
WinHttpReceiveResponse
WinHttpSendRequest

gdiplus

GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipCreateHBITMAPFromBitmap
GdiplusStartup
GdipFree
GdipCloneBrush
GdipCreateFontFromLogfontA
GdipSetStringFormatLineAlign
GdipDeleteFont
GdipDeleteGraphics
GdipDrawImageRectI
GdipSetStringFormatAlign
GdipCreateSolidFill
GdipDrawString
GdipCreateFromHDC
GdipSetStringFormatHotkeyPrefix
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateFontFromDC
GdipGetImageHeight
GdipGetImageWidth
GdiplusShutdown
GdipCloneImage
GdipDeleteBrush

ole32

CoInitializeEx
CoUninitialize
CoTaskMemFree
StringFromGUID2

crypt32

CryptStringToBinaryA
CryptImportPublicKeyInfo
CryptDecodeObjectEx

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 253KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92740ddb409bf75e0ecaa69c14440233

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

uxtheme

gdi32

comctl32

shlwapi

msimg32

winhttp

gdiplus

ole32

crypt32

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 253KB - Virtual size: 252KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 253KB - Virtual size: 252KB

.reloc
Size: 8KB - Virtual size: 7KB