8579d64c2cb499fcdc031aba5c7fe77bcadf6e6f46742e8ad9ed6dbf317007f0

Sharing

Copy URL Twitter E-mail

General

Target

8579d64c2cb499fcdc031aba5c7fe77bcadf6e6f46742e8ad9ed6dbf317007f0
Size

1.8MB
MD5

0ac81cb6e513747dbffe8563e4c3209d
SHA1

734c905609e3f41af1b2faa82e7e81373198e497
SHA256

8579d64c2cb499fcdc031aba5c7fe77bcadf6e6f46742e8ad9ed6dbf317007f0
SHA512

1e40e4186ee54fbd60bcaeff2755b75aff3284e96d4fb35a2a6731d6dd9f460bf39d93b8482c48f574d86f1934a86e2f6e1e96fd8a971da01f05b0e06c8dd5c3
SSDEEP

49152:vkFItyK0qdcdo/2ssgTllOBNtZCyXXOQa7eNNSKQcwiHhzR:C1do+9EiBNy87teKQcBHhz

Score

N/A

Malware Config

Signatures

Files

8579d64c2cb499fcdc031aba5c7fe77bcadf6e6f46742e8ad9ed6dbf317007f0
.exe windows x86

966ff7b85dd4442e9b4509bffd95c591

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathRemoveFileSpecW

wininet

InternetOpenUrlW
HttpQueryInfoW
InternetCloseHandle
InternetReadFile
InternetOpenW

kernel32

Process32NextW
CreateToolhelp32Snapshot
DeleteCriticalSection
SetFilePointer
FileTimeToSystemTime
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileSectionW
PeekNamedPipe
CreateProcessW
GetCurrentProcess
WaitForSingleObject
GetExitCodeProcess
GetModuleFileNameW
CreateEventW
CreatePipe
DuplicateHandle
GetCurrentDirectoryW
FormatMessageW
LocalFree
FindResourceExW
FindResourceW
LoadResource
SizeofResource
LockResource
GetProcAddress
EnterCriticalSection
MultiByteToWideChar
TerminateProcess
LeaveCriticalSection
OpenProcess
InitializeCriticalSection
SystemTimeToFileTime
CreateMutexW
GetVolumeInformationW
GetDiskFreeSpaceExW
VirtualAlloc
VirtualFree
LoadLibraryW
FreeLibrary
CreateFileA
GetFileTime
FindNextFileW
FindClose
MoveFileW
FindFirstFileW
GetFileSize
FlushFileBuffers
DeleteFileW
GetModuleHandleA
GetLocalTime
GetFileAttributesW
WideCharToMultiByte
CreateDirectoryW
GetFileSizeEx
Process32FirstW
DosDateTimeToFileTime
MulDiv
FreeResource
GetProcessHeap
SetEndOfFile
WriteConsoleW
CreateThread
GetSystemTime
GlobalFree
Sleep
GlobalAlloc
GetDateFormatA
GetTimeFormatA
CloseHandle
DeviceIoControl
GetLastError
CreateFileW
ReadFile
WriteFile
GetTickCount
SetFilePointerEx
ExitProcess
HeapCreate
HeapDestroy
HeapSize
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
SetStdHandle
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
LoadLibraryA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
SetFileTime
GetDiskFreeSpaceW
GetStringTypeW
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
ExitThread
GetCurrentThreadId
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
GetCPInfo
LCMapStringW
LCMapStringA
HeapReAlloc

user32

wvsprintfW
wsprintfW
CharLowerW
MessageBoxW
ShowWindow
FindWindowW
CharLowerA
GetSystemMetrics
CharUpperW
GetClientRect
IsZoomed
PostQuitMessage
ScreenToClient
ClientToScreen
SetWindowPos
SendMessageW
GetWindowTextW
PtInRect
GetWindowTextLengthW
PostMessageW
MoveWindow
GetMonitorInfoW
MapWindowPoints
GetDC
InflateRect
OffsetRect
ReleaseDC
SetWindowRgn
GetWindowRect
IsIconic
SetForegroundWindow
DefWindowProcW
IsWindow
DispatchMessageW
TranslateMessage
SetFocus
GetMessageW
EnableWindow
GetWindow
LoadImageW
CallWindowProcW
GetPropW
SetPropW
RegisterClassW
LoadCursorW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
GetKeyState
InvalidateRect
SetTimer
KillTimer
SetCapture
ReleaseCapture
DestroyWindow
GetFocus
GetCursorPos
UpdateLayeredWindow
IsRectEmpty
EndPaint
BeginPaint
GetUpdateRect
SetCursor
SetWindowLongW
CharNextW
DrawIconEx
CreateCaret
HideCaret
ShowCaret
SetCaretPos
GetSysColor
FillRect
DrawTextW
CharPrevW
SetRect
InvalidateRgn
CreateAcceleratorTableW
SetWindowTextW
GetParent
IntersectRect
GetWindowLongW
MonitorFromWindow

gdi32

SetWindowOrgEx
DeleteObject
CreateRoundRectRgn
BitBlt
DeleteDC
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
SetStretchBltMode
GetTextMetricsW
CreateFontIndirectW
GetObjectW
GetStockObject
CreatePen
Rectangle
RestoreDC
SaveDC
CreateDIBSection
GetDeviceCaps
GetObjectA
SelectClipRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
CombineRgn
StretchBlt
ExtTextOutW
SetBkColor
CreateSolidBrush
LineTo
MoveToEx
CreatePenIndirect
RoundRect
SetTextColor
SetBkMode
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCreateKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueExA

shell32

SHGetPathFromIDListW
SHFileOperationW
SHGetSpecialFolderPathW
ord165
SHBrowseForFolderW
ShellExecuteW

ole32

CLSIDFromString
CLSIDFromProgID
CoUninitialize
OleInitialize
OleUninitialize
CoInitialize
CoCreateInstance
OleSetContainedObject
OleLockRunning

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

ws2_32

htonl
send
gethostbyname
gethostbyaddr
closesocket
getservbyname
socket
recv
WSACleanup
htons
inet_addr
WSAStartup
connect
gethostname

iphlpapi

GetAdaptersInfo

gdiplus

GdipCloneBrush
GdipCreateFontFromLogfontA
GdiplusStartup
GdipCreateFontFromDC
GdipSetStringFormatAlign
GdipCreateLineBrushI
GdipDeleteFont
GdipDrawString
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipDeleteBrush
GdipFree
GdipAlloc
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteGraphics
GdiplusShutdown

comctl32

ord17
_TrackMouseEvent

Sections

.text
Size: 760KB - Virtual size: 759KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 930KB - Virtual size: 930KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

966ff7b85dd4442e9b4509bffd95c591

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

iphlpapi

gdiplus

comctl32

Sections

.text Size: 760KB - Virtual size: 759KB

.rdata Size: 120KB - Virtual size: 120KB

.data Size: 13KB - Virtual size: 25KB

.rsrc Size: 930KB - Virtual size: 930KB

.reloc Size: 48KB - Virtual size: 48KB

.text
Size: 760KB - Virtual size: 759KB

.rdata
Size: 120KB - Virtual size: 120KB

.data
Size: 13KB - Virtual size: 25KB

.rsrc
Size: 930KB - Virtual size: 930KB

.reloc
Size: 48KB - Virtual size: 48KB