73e0513da86bf1154abc63967162cfee90755d99608b13ff09cefe0597539d00

Sharing

Copy URL

Twitter E-mail

General

Target

73e0513da86bf1154abc63967162cfee90755d99608b13ff09cefe0597539d00
Size

403KB
MD5

74d11a3ceeac2e646d672d3fcbf5c4c8
SHA1

8333a9edce52e14c3a80800e185b2096674dbe41
SHA256

73e0513da86bf1154abc63967162cfee90755d99608b13ff09cefe0597539d00
SHA512

4085bb42265098efd16872375297527b429bc6034e111a32ea9912453855e610449d5975f1ab5a92eafa20dea8df27be127098c7d53fe4f02e8eafe7a8d59c4d
SSDEEP

12288:gzBo2mBjSeuQr5Sa6iPXKnHD1ISAxsgAc/qhrgiMr2xcwAL/2HCi3LFm:XB/qlmr22wKsL

Score

N/A

Malware Config

Signatures

Files

73e0513da86bf1154abc63967162cfee90755d99608b13ff09cefe0597539d00
.exe windows x86

247793999d41822e76df5f3916993577

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
GetProfileSectionA
FindAtomW
FlushConsoleInputBuffer
VirtualQueryEx
FindFirstFileExW
MoveFileW
GlobalHandle
SetThreadContext
lstrcpynW
SetConsoleWindowInfo
OpenFile
TerminateThread
OpenMutexA
ReadConsoleInputA
SetConsoleTitleW
GetModuleHandleW
GlobalFlags
GetExitCodeThread
WaitForSingleObject
GetPrivateProfileStructW
FindNextFileW
GetSystemPowerStatus
GetVolumeInformationW
VirtualProtectEx
GetPrivateProfileSectionNamesW
GetCurrentDirectoryA
EnumResourceTypesW
GetDriveTypeA
EnumCalendarInfoExA
SignalObjectAndWait
WritePrivateProfileStructW
lstrcmp
FindResourceExW
CreateMailslotW
GetProfileSectionW
SetLocalTime
GlobalFix
TransactNamedPipe
EnumSystemLocalesA
DosDateTimeToFileTime
GlobalReAlloc
lstrlenW
GlobalCompact
SystemTimeToFileTime
UnlockFileEx
SearchPathW
GetCommandLineA
AddAtomA
GetTempPathA
CompareStringA
GetWindowsDirectoryW
GetLongPathNameA
CreateWaitableTimerA
SetComputerNameW
CreateMutexW
CreateProcessW
GetThreadPriorityBoost
EnumCalendarInfoExW
EnumTimeFormatsA
LocalHandle
GetExitCodeProcess
SetFileTime
GlobalMemoryStatus
FindResourceW
ConnectNamedPipe
HeapCompact
UnmapViewOfFile
IsValidCodePage
CreateMutexA
GetFileAttributesA
GetACP
GetLargestConsoleWindowSize
ReadFileEx
GlobalGetAtomNameW
CreateNamedPipeW
LocalShrink
ExitThread
WaitNamedPipeA
EnumResourceLanguagesW
DeleteAtom
SetConsoleTextAttribute
GetCompressedFileSizeA
SystemTimeToTzSpecificLocalTime
EnumDateFormatsW
GetLogicalDrives
GlobalAddAtomW
GetFileType
IsDebuggerPresent
ReadConsoleW
lstrcpyW
GlobalAddAtomA
GlobalFindAtomW
EnumResourceNamesA
RtlMoveMemory
CreateDirectoryExA
WritePrivateProfileSectionA
GetNumberOfConsoleMouseButtons
GetSystemDirectoryW
GetNamedPipeInfo
FindFirstFileW
EnumDateFormatsExW
GlobalLock
SetFileAttributesW
WriteFileEx
CreateTapePartition
SetFilePointer
GetSystemTime
WriteProfileStringA
DisconnectNamedPipe
GetConsoleOutputCP
GetCalendarInfoW
GetShortPathNameA
TlsAlloc
GetPrivateProfileStringW
GetComputerNameW
GlobalWire
GetStartupInfoW
PulseEvent
HeapWalk
GetTempFileNameA
GetCurrencyFormatA
lstrlen
GetProcessHeap
GetLocaleInfoA
FindFirstChangeNotificationA
GetCompressedFileSizeW
GetConsoleTitleA
OutputDebugStringW
CreateEventW
OpenWaitableTimerA
FillConsoleOutputAttribute
GetVersion
GetCommandLineW
SetEvent
Thread32Next
CreatePipe
OpenEventA
Heap32ListNext
SetSystemTimeAdjustment
WinExec
WriteProfileStringW
SetConsoleCursorPosition
SetThreadLocale
VirtualFree
GetAtomNameA
GetProcessAffinityMask
GlobalFindAtomA
DebugBreak
MapViewOfFile
GetConsoleTitleW
GetProfileStringA
lstrcpyA
lstrcmpi
CreateDirectoryW
SetCurrentDirectoryA
GetLocalTime
CreateSemaphoreW
FindFirstFileA
UpdateResourceW
LockResource
CreateFileA
GetConsoleScreenBufferInfo
GetStringTypeExA
SetSystemTime
WideCharToMultiByte
Process32Next
WriteConsoleOutputW
FileTimeToSystemTime
GetEnvironmentStringsA
GlobalUnWire
ConvertDefaultLocale
SetConsoleCtrlHandler
FindClose
LocalUnlock
GetSystemInfo
InitializeCriticalSection
GlobalUnfix
SetConsoleMode
SetThreadPriorityBoost
GetModuleFileNameW
GetHandleInformation
OpenFileMappingA
GlobalUnlock
LocalLock
WaitForDebugEvent
GetProcAddress
GetUserDefaultLCID
DeleteFiber
OutputDebugStringA
WriteProfileSectionW
ResetEvent
SetEnvironmentVariableW
GetLogicalDriveStringsW
EnumDateFormatsExA
lstrcatW
GetEnvironmentStringsW
FlushViewOfFile
GetFullPathNameA
DefineDosDeviceW
LoadLibraryExA
GetSystemDefaultLCID
GetFileInformationByHandle
FormatMessageA
ReadConsoleOutputAttribute
ReadProcessMemory
DefineDosDeviceA
SetVolumeLabelW
GetProcessVersion
OpenEventW
GetDiskFreeSpaceA
WriteConsoleInputA
WritePrivateProfileStringA
SetWaitableTimer
ExpandEnvironmentStringsW
GetPrivateProfileSectionNamesA
ResetWriteWatch
lstrlenA
CreateThread
GetStringTypeA
WaitCommEvent
OpenProcess
SetConsoleActiveScreenBuffer
SetVolumeLabelA
GetStdHandle
GetComputerNameA
InterlockedExchangeAdd
CommConfigDialogW
EnumSystemCodePagesW
CopyFileA
LeaveCriticalSection
LoadLibraryExW
GetProfileStringW
PeekConsoleInputW
GetStringTypeW
GetCurrencyFormatW
LoadResource
GetPrivateProfileStringA
TlsFree
GetPrivateProfileSectionW
GetProcessHeaps
GetThreadSelectorEntry
CommConfigDialogA
FlushInstructionCache
RtlFillMemory
SetConsoleScreenBufferSize
GetSystemDefaultLangID
WriteFileGather
CreateEventA
WriteProfileSectionA
EnumResourceLanguagesA
Heap32First
LocalCompact
ReadDirectoryChangesW
GetTempPathW
CreateFileMappingW
GetLongPathNameW
FormatMessageW
lstrcatA
FindResourceExA
GetFileSize
FindFirstChangeNotificationW
SetCurrentDirectoryW
SetEnvironmentVariableA
EnumCalendarInfoA
WriteConsoleOutputAttribute
EnumCalendarInfoW
FreeLibrary
OpenFileMappingW
CreateToolhelp32Snapshot
UnlockFile
ReadConsoleA
CreateProcessA
SetThreadIdealProcessor
SetComputerNameA
SuspendThread
SetConsoleOutputCP
GetPrivateProfileStructA
GetNumberFormatA
VirtualProtect
CreateSemaphoreA
WriteConsoleOutputCharacterW
WriteConsoleInputW
LocalFlags
MoveFileExW
TransmitCommChar
FreeConsole
FillConsoleOutputCharacterA
GetQueuedCompletionStatus
CreateMailslotA
WriteConsoleOutputA
FoldStringA
lstrcmpW
LoadLibraryW
GetLastError
ReleaseSemaphore
RtlZeroMemory
GetFullPathNameW
GetLocaleInfoW
GetSystemDirectoryA
FillConsoleOutputCharacterW
BeginUpdateResourceA
CreateWaitableTimerW
OpenSemaphoreA
GetStringTypeExW
VirtualUnlock
GetFileTime
GetShortPathNameW
GlobalSize
GetWindowsDirectoryA
OpenSemaphoreW
GetAtomNameW
GetEnvironmentVariableA
DeleteFileA
GetWriteWatch
RemoveDirectoryA
SetLocaleInfoA
LoadModule
DuplicateHandle
EraseTape
VirtualFreeEx
LockFileEx
EnumResourceTypesA
EnterCriticalSection
lstrcmpiA
FlushFileBuffers
GetPrivateProfileIntW
WriteProcessMemory

advapi32

CryptImportKey
GetUserNameA
CryptGetDefaultProviderW
RegCreateKeyExA
ReportEventA
InitiateSystemShutdownA
RegCreateKeyW
LookupPrivilegeDisplayNameW
CryptEncrypt
RegOpenKeyA
CryptDestroyKey
CryptSetProviderW
LookupAccountSidA
InitializeSecurityDescriptor
CryptSetProviderExW
LookupPrivilegeValueA
StartServiceW
RegOpenKeyW
CryptDuplicateKey
LookupSecurityDescriptorPartsA
RegQueryValueA
CryptSetProviderA
LookupPrivilegeNameW
CryptSetProviderExA
RevertToSelf
CryptDestroyHash
StartServiceA
ReportEventW
RegSetValueExA
GetUserNameW
RegDeleteKeyA
RegEnumValueW
LogonUserA
RegCreateKeyA
RegSetValueA
CryptGetProvParam
RegReplaceKeyW
RegSetValueW
RegEnumKeyExW
CryptSetProvParam
RegQueryValueExW
RegOpenKeyExW
RegConnectRegistryW
RegSetValueExW
LookupPrivilegeDisplayNameA
CryptGetDefaultProviderA
CryptCreateHash
RegQueryValueW
RegEnumKeyExA
AbortSystemShutdownA
RegDeleteValueW
CryptSignHashA
CryptSetKeyParam
LogonUserW
CryptEnumProvidersA
CryptDuplicateHash
RegSaveKeyA
RegQueryInfoKeyA
CryptSetHashParam
LookupPrivilegeNameA
RegDeleteKeyW
RegQueryValueExA
RegEnumValueA
RegSaveKeyW
RegCloseKey
CryptDecrypt
CryptContextAddRef
CryptDeriveKey
AbortSystemShutdownW
RegNotifyChangeKeyValue
RegFlushKey
LookupPrivilegeValueW
RegConnectRegistryA
LookupAccountNameW
CryptGenKey
CryptAcquireContextW
CryptHashData
RegLoadKeyA
CryptEnumProviderTypesA
RegLoadKeyW
CryptEnumProvidersW
RegOpenKeyExA
RegQueryMultipleValuesW
RegDeleteValueA
CryptEnumProviderTypesW
CryptGenRandom
RegSetKeySecurity
CryptGetUserKey
LookupAccountNameA
CryptExportKey
LookupAccountSidW
CryptVerifySignatureW
CreateServiceW
RegCreateKeyExW

shell32

CommandLineToArgvW
DragQueryFileA
DragQueryFile
SHQueryRecycleBinW
SHGetDiskFreeSpaceA
SHGetPathFromIDList
SHBrowseForFolderW
SHGetSpecialFolderPathW
SHGetPathFromIDListA
SHGetFileInfo
SHGetInstanceExplorer
SHChangeNotify
SheGetDirA
SHEmptyRecycleBinA
RealShellExecuteW
RealShellExecuteExA
SHGetSpecialFolderPathA
ShellExecuteEx
DragFinish

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 285KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

247793999d41822e76df5f3916993577

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

Sections

.text Size: 97KB - Virtual size: 97KB

.data Size: 285KB - Virtual size: 285KB

.reloc Size: 14KB - Virtual size: 13KB

.bss Size: 5KB - Virtual size: 5KB

.text
Size: 97KB - Virtual size: 97KB

.data
Size: 285KB - Virtual size: 285KB

.reloc
Size: 14KB - Virtual size: 13KB

.bss
Size: 5KB - Virtual size: 5KB