774e2f96e8e63d5405e8a3cb2c2d788dd95c942d1a47683ced199da19d60fc94

Sharing

Copy URL Twitter E-mail

General

Target

774e2f96e8e63d5405e8a3cb2c2d788dd95c942d1a47683ced199da19d60fc94
Size

444KB
MD5

3d5bc0bf7dba38306d02956b825de2a2
SHA1

f2ee72559c2b0d0f40420d5131b4da91e9434b29
SHA256

774e2f96e8e63d5405e8a3cb2c2d788dd95c942d1a47683ced199da19d60fc94
SHA512

35c32709e62f97d6bb8949c4750c4cc2bbfaf0b2239d51ff973a69d9551722fd0f165238af072f642f7ec5a11ca1da879cd72f8a11229947b8c54724673d1dcd
SSDEEP

6144:7K8mr5ByZ0FA2bjWoaDEud5/nSkHP/fU5lvUZyrMKrsNNnnvyxItKR2Vgys3w8WC:m50ZepnsYun/n98/E9nP4ADsySfvnF

Score

N/A

Malware Config

Signatures

Files

774e2f96e8e63d5405e8a3cb2c2d788dd95c942d1a47683ced199da19d60fc94
.exe windows x86

de1e36098e0c9753b0e953f14a817dd4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptEnumProviderTypesW
LookupPrivilegeDisplayNameW
CryptEnumProviderTypesA
CreateServiceW
CryptReleaseContext
CryptDestroyHash
LookupAccountNameW
AbortSystemShutdownW
RegRestoreKeyA
RegCloseKey
CryptSetProviderExA
LookupSecurityDescriptorPartsA
InitializeSecurityDescriptor
AbortSystemShutdownA
RegLoadKeyA
ReportEventA
CryptHashData
RegReplaceKeyA
GetUserNameW
LookupAccountSidA

comdlg32

GetSaveFileNameW
ChooseFontA
FindTextW
PageSetupDlgW
ChooseFontW
GetOpenFileNameA
LoadAlterBitmap
GetOpenFileNameW
FindTextA
ReplaceTextW
GetFileTitleW
PrintDlgA
GetFileTitleA
ReplaceTextA

shell32

SHInvokePrinterCommandA
SHBrowseForFolderW
SHGetSpecialFolderLocation
RealShellExecuteA
FindExecutableA
RealShellExecuteExW
SHGetSpecialFolderPathA
ShellExecuteEx
SHGetMalloc
InternalExtractIconListA
DragQueryFile
SHGetFileInfo
DoEnvironmentSubstW
SHGetDiskFreeSpaceA
RealShellExecuteExA
ShellExecuteW
DragQueryPoint
CommandLineToArgvW
ShellAboutW
FreeIconList
SHBrowseForFolderA
SHFreeNameMappings
ExtractIconEx

wininet

UnlockUrlCacheEntryFileW
InternetGetCookieW
FtpRemoveDirectoryA
FtpGetFileA
InternetCombineUrlA
InternetCheckConnectionW
FtpSetCurrentDirectoryA
DeleteUrlCacheEntry
FtpSetCurrentDirectoryW
FtpGetCurrentDirectoryA
FtpGetFileSize
SetUrlCacheConfigInfoW
InternetAutodial
DeleteUrlCacheEntryA
InternetGetConnectedState
GetUrlCacheEntryInfoW
GopherOpenFileA
InternetGetCertByURL
InternetTimeToSystemTimeW

kernel32

IsValidLocale
GetOEMCP
GetCurrentProcess
QueryPerformanceCounter
FreeEnvironmentStringsA
SetLastError
GetTimeZoneInformation
GetCurrentProcessId
GetModuleFileNameA
GetACP
CompareStringW
SetConsoleWindowInfo
IsValidCodePage
HeapDestroy
VirtualFreeEx
HeapAlloc
HeapCreate
GetFileType
SetConsoleCtrlHandler
TlsGetValue
EnterCriticalSection
InterlockedDecrement
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetStartupInfoW
GetFileTime
FindResourceA
HeapSize
HeapLock
FreeEnvironmentStringsW
TransmitCommChar
GetCommandLineW
GetVersionExA
GetProcAddress
GetCurrentThreadId
TlsFree
HeapFree
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
GetCPInfo
RtlUnwind
InitializeCriticalSection
GetCommandLineA
GetDateFormatA
GetTickCount
ConnectNamedPipe
InterlockedIncrement
FindAtomW
WriteFile
GetProfileIntW
VirtualFree
GetStringTypeW
VirtualAlloc
WideCharToMultiByte
TlsSetValue
VirtualQuery
GetStdHandle
LCMapStringW
GetLocaleInfoW
GetLastError
GetStartupInfoA
SetHandleCount
GetProcessHeap
SetEnvironmentVariableA
GetEnvironmentStrings
GetUserDefaultLCID
GetLocaleInfoA
InterlockedExchange
SetFileTime
EnumSystemLocalesA
GetCurrentThread
GetModuleHandleA
LCMapStringA
GetTimeFormatA
CompareStringA
TlsAlloc
TerminateProcess
MultiByteToWideChar
HeapReAlloc
GetStringTypeA
DeleteCriticalSection
GetModuleFileNameW
Sleep
ExitProcess
LoadLibraryA
FreeLibrary
SetThreadLocale
SetTimeZoneInformation

gdi32

SetMagicColors
GetWindowOrgEx
EnumFontsW
EnumObjects
PolylineTo
SetMiterLimit
CreatePolyPolygonRgn
GetWindowExtEx
SetTextJustification
GetCharWidthFloatW
GetTextExtentPoint32A
AbortDoc
EnumMetaFile
LineDDA
DescribePixelFormat
PolyPolygon
EnumICMProfilesW

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de1e36098e0c9753b0e953f14a817dd4

Headers

File Characteristics

Imports

advapi32

comdlg32

shell32

wininet

kernel32

gdi32

Sections

.text Size: 119KB - Virtual size: 119KB

.data Size: 309KB - Virtual size: 309KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 119KB - Virtual size: 119KB

.data
Size: 309KB - Virtual size: 309KB

.rsrc
Size: 14KB - Virtual size: 14KB