73f54efdba5c790e7ac8a3287e3cca36bbb82aae6feb32e14769a44ee2c645f0

Sharing

Copy URL Twitter E-mail

General

Target

73f54efdba5c790e7ac8a3287e3cca36bbb82aae6feb32e14769a44ee2c645f0
Size

240KB
MD5

b13a6b81c780b80c3c509d3697addeb8
SHA1

88e96a491a6c4fb23db7f19e743da47fc7420092
SHA256

73f54efdba5c790e7ac8a3287e3cca36bbb82aae6feb32e14769a44ee2c645f0
SHA512

2e81c0f546377e3a54f8e3c3f4211ee89d2a3963c95a419c3336f0183d421edac2c4a40c210da7cb68cbb82d988c0a18732bc6654911216687f46219bfee8e9e
SSDEEP

6144:UJst6ezN05tDE/XMtebTLYa2+AkRE1YZLgjC7mTrXRfG4RCQ:UJeJN05tcseTPREe027q

Score

N/A

Malware Config

Signatures

Files

73f54efdba5c790e7ac8a3287e3cca36bbb82aae6feb32e14769a44ee2c645f0
.exe windows x86

b5ae1043a609c18816eef0f07496e570

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
LocalLock
GetTimeZoneInformation
FindClose
RtlUnwind
GetEnvironmentStringsW
GetThreadTimes
GetCurrentProcess
GetCommandLineA
VirtualAlloc
HeapCreate
GetStringTypeW
HeapReAlloc
FreeEnvironmentStringsW
VirtualQueryEx
FreeEnvironmentStringsA
TlsAlloc
UnhandledExceptionFilter
GetModuleFileNameA
SetThreadPriority
GetEnvironmentStrings
TlsSetValue
DeleteCriticalSection
GetDateFormatA
TlsFree
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetCommandLineW
lstrcpy
GetProcessHeap
QueryPerformanceCounter
LeaveCriticalSection
InterlockedDecrement
VirtualFree
InitializeCriticalSection
LCMapStringA
GetNamedPipeHandleStateA
HeapAlloc
GetACP
HeapFree
SetConsoleTitleA
SetUnhandledExceptionFilter
GetCurrentProcessId
CreateThread
GetFileType
Sleep
IsDebuggerPresent
GetOEMCP
OpenWaitableTimerA
EnterCriticalSection
GetLastError
WritePrivateProfileStringA
SetEnvironmentVariableA
InterlockedIncrement
GetProfileStringW
IsValidCodePage
SetLastError
SetHandleCount
SetConsoleCtrlHandler
GetFullPathNameW
SetThreadLocale
HeapSize
TlsGetValue
DeleteFileW
SetComputerNameW
GetModuleFileNameW
GetProcAddress
EnumSystemLocalesA
FreeLibrary
GetLocaleInfoA
GetTimeFormatA
InterlockedExchange
WideCharToMultiByte
MultiByteToWideChar
GetCPInfo
VirtualQuery
LCMapStringW
IsValidLocale
SystemTimeToTzSpecificLocalTime
GetUserDefaultLCID
GetCurrentThreadId
GetStartupInfoW
GetStringTypeA
TerminateProcess
CompareStringW
GetStdHandle
GetCompressedFileSizeA
WriteFile
HeapDestroy
GetCurrentThread
GetLocaleInfoW
GetLogicalDriveStringsA
ExitProcess
GetVersionExA
GetAtomNameA
GetStartupInfoA
GetModuleHandleA

wininet

InternetQueryOptionA
FindFirstUrlCacheEntryExW
FindNextUrlCacheContainerW
InternetCheckConnectionA
InternetWriteFileExA
FtpRenameFileA
RetrieveUrlCacheEntryFileA
HttpAddRequestHeadersA
ShowSecurityInfo
InternetGoOnline
SetUrlCacheEntryInfoW
InternetAttemptConnect
FtpOpenFileA
InternetHangUp
InternetWriteFileExW
InternetSecurityProtocolToStringW
GetUrlCacheGroupAttributeA
FtpPutFileW
FtpOpenFileW
CreateUrlCacheContainerA
InternetCrackUrlW
FreeUrlCacheSpaceW

comdlg32

FindTextA
ChooseFontA
FindTextW
GetSaveFileNameW
ReplaceTextA
PrintDlgW
LoadAlterBitmap
PrintDlgA
GetFileTitleA
GetSaveFileNameA
ReplaceTextW
PageSetupDlgW
ChooseColorW
PageSetupDlgA

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5ae1043a609c18816eef0f07496e570

Headers

File Characteristics

Imports

kernel32

wininet

comdlg32

Sections

.text Size: 116KB - Virtual size: 116KB

.data Size: 114KB - Virtual size: 129KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 116KB - Virtual size: 116KB

.data
Size: 114KB - Virtual size: 129KB

.rsrc
Size: 9KB - Virtual size: 8KB