455facede70e46324ae62c80dfa14a4fe19f4ded867cb2ca0757199c338538c4

Sharing

Copy URL

Twitter E-mail

General

Target

455facede70e46324ae62c80dfa14a4fe19f4ded867cb2ca0757199c338538c4
Size

340KB
MD5

25c249bf89b9cfc739218b94c87e21c0
SHA1

841b5450973119c8a679bc99c4c54503c7482c01
SHA256

455facede70e46324ae62c80dfa14a4fe19f4ded867cb2ca0757199c338538c4
SHA512

5c5729ca219305fc76cd87ef38f3c0b0843d8fc6fe4fcd4569b5ea3b2bffddcdf51552090374c57d9bac0a4b0ff4e4295ab3b58c14dd6eae59cfdedcf4daf1e2
SSDEEP

6144:G/f8fPWz3Tz5denLftACItq4JZzlZ4VnJVF+NVttoxeM4cbtn:G/fCK3TiftYNlkZ8rKeM

Score

N/A

Malware Config

Signatures

Files

455facede70e46324ae62c80dfa14a4fe19f4ded867cb2ca0757199c338538c4
.exe windows x86

9bd2d578743d06106d188d3acce06136

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__fmode
__p__commode
_adjust_fdiv
__set_app_type
_initterm
__getmainargs
_acmdln
exit
_except_handler3
_controlfp
__setusermatherr
wcsxfrm
_eof
_onexit
__dllonexit
_wcstoi64
_cwait

gdi32

BitBlt
IntersectClipRect
SetPolyFillMode
RestoreDC
CombineRgn
CopyEnhMetaFileA
GetTextFaceA
GetBrushOrgEx
SetTextAlign
CreateFontIndirectW
EnumFontsW
GetWindowOrgEx
OffsetViewportOrgEx
GetStockObject
CreateDCW
EnumFontFamiliesExW
CreateBitmap
GetObjectA
StrokePath
CreateICA
CreateDIBSection
ExtCreateRegion
RectVisible
CreatePen
ExtCreatePen
ResizePalette
SetViewportOrgEx
SetStretchBltMode
DeleteDC
GetCharABCWidthsW
GetNearestPaletteIndex
DeleteObject
GetDeviceCaps
SetPixelV
CreatePenIndirect
SetWindowExtEx
GetTextAlign
PtVisible
GetBkColor
GetObjectType
GetSystemPaletteEntries
SetTextColor

user32

GetClassNameA
GetClassNameW
IsWindowEnabled
RegisterWindowMessageA
FindWindowW
ClipCursor
GetUserObjectInformationW
GetClipCursor
GetWindow
TranslateAcceleratorA
LoadCursorFromFileA
ScreenToClient
SendDlgItemMessageA
GetDlgItemTextA
CreateCursor
CharLowerA
SetDlgItemTextW
KillTimer
WinHelpW
GetQueueStatus
UnpackDDElParam
CreateMenu
FindWindowExA
GetTabbedTextExtentA
GetMessageA
SetPropA
ShowCaret
GetWindowThreadProcessId
LoadKeyboardLayoutW
EnableScrollBar
GetWindowWord
ToAscii
DrawIconEx
EnableWindow
SetScrollPos
wvsprintfA
FindWindowExW
SetRectEmpty
SetWindowPos
CreateIconFromResource
SendNotifyMessageA
InsertMenuA
GetClassInfoW
GetMessagePos
AppendMenuW
DdeConnect
WinHelpA
GetClipboardViewer
EnumThreadWindows
IsChild
TrackPopupMenuEx
DestroyCursor
ShowOwnedPopups
MessageBeep
GetForegroundWindow
GetClipboardData
CheckRadioButton
IsClipboardFormatAvailable
MapWindowPoints
GetWindowLongA
IsMenu
GetKeyState
CharUpperBuffW
DialogBoxIndirectParamA
CharPrevW
ChangeDisplaySettingsA
SetForegroundWindow
RegisterHotKey
IsDlgButtonChecked
DrawTextA
SetWindowTextW
GetMenuItemID
CharUpperW
WindowFromDC
GetKeyNameTextW
LoadAcceleratorsA
ShowWindow
TrackPopupMenu
CloseDesktop
MapVirtualKeyExA
IsWindowVisible
DefWindowProcA
IsCharAlphaNumericA
GetGUIThreadInfo
SetClassLongA
GetWindowTextLengthA
CreateDialogIndirectParamA
LoadImageA
GetScrollRange
IsDialogMessageA
IsZoomed
VkKeyScanExW
BeginDeferWindowPos
SetMenuDefaultItem
GetCursorPos
DestroyCaret
GetKeyboardLayoutNameW
ClientToScreen
GetScrollInfo
InsertMenuW
PeekMessageW
SetKeyboardState
ModifyMenuA
AdjustWindowRect
GetDoubleClickTime
GetSystemMetrics
AttachThreadInput
DrawIcon
PostQuitMessage
GetProcessWindowStation
DispatchMessageW
ShowCursor
GetSysColorBrush
PostThreadMessageW

netapi32

NetServerEnum

mpr

WNetGetProviderNameA
WNetAddConnectionA
WNetCancelConnection2A

lz32

LZInit

advapi32

CreateServiceA
GetTrusteeTypeA
SetNamedSecurityInfoA
RegConnectRegistryA
CloseServiceHandle
QueryServiceConfigW
RegSetValueExA
StartServiceCtrlDispatcherW
SetServiceObjectSecurity
RegSetValueExW
RegisterEventSourceA
CreateProcessAsUserA

version

VerQueryValueW
VerInstallFileA

oleaut32

LPSAFEARRAY_UserSize
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserFree

mfc42

ord561
ord3738
ord4424
ord1018
ord4080
ord3079
ord3825
ord3831
ord3830
ord1073
ord2976
ord3081
ord2985
ord3262
ord1082
ord4465
ord3259
ord2982
ord1045
ord5714
ord1038
ord5307
ord1042
ord1046
ord2725
ord5302
ord1097
ord1088
ord2396
ord1054
ord1089
ord3922
ord5731
ord1007
ord1058
ord4486
ord6375
ord815
ord1576
ord1074
ord1168

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bd2d578743d06106d188d3acce06136

Headers

File Characteristics

Imports

msvcrt

gdi32

user32

netapi32

mpr

lz32

advapi32

version

oleaut32

mfc42

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 44KB - Virtual size: 1.4MB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 44KB - Virtual size: 1.4MB

.rsrc
Size: 72KB - Virtual size: 71KB