44da2fe1f8189a48dd37190c9a2d5d01c313e5a952207cafefc1895fb70926ef

Sharing

Copy URL Twitter E-mail

General

Target

44da2fe1f8189a48dd37190c9a2d5d01c313e5a952207cafefc1895fb70926ef
Size

68KB
MD5

8b5f39849d0546415f5439199b91f4f3
SHA1

9bfdd3335990f004cfa705d6aaf686b047a169c6
SHA256

44da2fe1f8189a48dd37190c9a2d5d01c313e5a952207cafefc1895fb70926ef
SHA512

bc9c3c6e784ce1ce45266c302c583a720046556294d4ffe2cb19a707f13c2adfb875a400ed68837816b96208abe447980a38f2daff6aeaa8e6ef8d1329090e45
SSDEEP

1536:p1MkAxMSa72e71Vq65O+9HdoIPtk9yXTq4:Gu2e7i6D9Hdostk9l4

Score

N/A

Malware Config

Signatures

Files

44da2fe1f8189a48dd37190c9a2d5d01c313e5a952207cafefc1895fb70926ef
.exe windows x86

38c935111df1f1e4f6cbc623b450d3fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_CxxThrowException
??0exception@@QAE@ABV0@@Z
_onexit
__dllonexit
atol
exit
_access
__CxxFrameHandler
_chdrive
_chdir
strstr
sprintf
strncpy
time
srand
rand
??3@YAXPAX@Z
??1type_info@@UAE@XZ
??0exception@@QAE@ABQBD@Z
_strupr
_chmod
_stricmp
_strlwr
strncmp
isdigit
memchr
memset
strlen
strcpy
_strnicmp
strcat
free
malloc
printf
atoi
??2@YAPAXI@Z
strcspn
memcpy
sscanf
strchr
strrchr
strcmp
memmove
memcmp
??1exception@@UAE@XZ

kernel32

LocalFree
FreeResource
CloseHandle
WriteFile
CreateFileA
DeleteFileA
GetTempFileNameA
GetTempPathA
LockResource
LoadResource
SizeofResource
FindResourceA
CreateThread
FreeLibrary
WinExec
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CreateDirectoryA
CopyFileA
lstrcpyA
ReadFile
CreateMutexA
lstrcatA
GetTickCount
GetLastError
Sleep
GetModuleFileNameA
lstrcmpiA
RemoveDirectoryA
SetFileAttributesA
lstrlenA
GetLocalTime
CreateProcessA
OpenProcess
GetCurrentProcessId
GetStartupInfoA
ExitThread
WaitForSingleObject
GetVersionExA
ResetEvent
SetEvent
OutputDebugStringA
InterlockedDecrement
TerminateProcess
GetCurrentProcess
MultiByteToWideChar
GetFileSize
GetModuleHandleA
FormatMessageA

user32

GetDesktopWindow
DestroyWindow
KillTimer
ShowWindow
SetWindowTextA
PostMessageA
CreateWindowExA
IsWindow
DispatchMessageA
TranslateMessage
FindWindowA
CharLowerA
RegisterClassExA
LoadCursorA
PostQuitMessage
DefWindowProcA
MessageBoxA
GetDC
GetSystemMetrics
GetMessageA
LoadStringA
SetTimer
GetActiveWindow
SetWindowPos
GetClientRect
ReleaseDC
PeekMessageA
GetWindowThreadProcessId
MoveWindow

advapi32

RegEnumKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CryptReleaseContext
CryptEncrypt
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptDestroyHash
CryptDestroyKey
CryptAcquireContextA
CryptDecrypt
RegEnumValueA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegConnectRegistryA
RegCreateKeyExA

shell32

ShellExecuteA
Shell_NotifyIconA

urlmon

URLDownloadToCacheFileA
URLDownloadToFileA

wininet

InternetOpenA
InternetOpenUrlA
InternetSetStatusCallback
InternetReadFile
InternetCloseHandle
InternetCrackUrlA
InternetGetConnectedState
HttpQueryInfoA
InternetQueryDataAvailable

ole32

CoInitializeEx
OleRun
CLSIDFromString
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
GetErrorInfo
SysFreeString
VariantClear
VariantInit

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

gdi32

GetDeviceCaps

Sections

pec1
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

38c935111df1f1e4f6cbc623b450d3fc

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

urlmon

wininet

ole32

oleaut32

version

gdi32

Sections

pec1 Size: 64KB - Virtual size: 64KB

.rsrc Size: 60KB - Virtual size: 60KB

.pec Size: 16KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 4KB

pec1
Size: 64KB - Virtual size: 64KB

.rsrc
Size: 60KB - Virtual size: 60KB

.pec
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 4KB