60D6993AA5A8AFAEC167636B1D2231843134714A95CF4[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

60D6993AA5A8AFAEC167636B1D2231843134714A95CF4.exe
Size

377KB
MD5

9b016e3b25b11e608fa1539322664d66
SHA1

262c47104bd793df0d61cff8e6c57ba2b054b062
SHA256

60d6993aa5a8afaec167636b1d2231843134714a95cf4137a0cb765e10fd4284
SHA512

d53d99675bc57d3c7e30c21fbda808712799ca8fcad3d3d0894b3fce5043bb629196f1c619af5a2e08136864f3ab4b82c3285f6535d1a0a0da0423506a3d601c
SSDEEP

6144:/RfEh4bm8qjveEEXHJNKG4exSHNA7GKP5TH7As3/GLrgHv4durdWyjq/VCEvf:/hEhmmqXHJNKPDNAT6s3u4Hv1jE

Score

N/A

Malware Config

Signatures

Files

60D6993AA5A8AFAEC167636B1D2231843134714A95CF4.exe
.exe windows x86

ba79ff35b392436bc3d6cfb11bda44d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoW
ShellExecuteExW
SHBrowseForFolderW
DragQueryFileW
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderPathW
ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderA

version

GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

wininet

HttpAddRequestHeadersA
InternetConnectA
InternetCloseHandle
InternetQueryOptionA
HttpOpenRequestA
InternetOpenA

comdlg32

GetSaveFileNameA
GetSaveFileNameW
GetOpenFileNameA
GetOpenFileNameW

advapi32

RegCreateKeyExA
RegEnumKeyExA
CryptDecrypt
ReportEventA
CryptEncrypt
RegCloseKey
DeregisterEventSource
RegOpenKeyExA
RegSetValueExA
CryptReleaseContext
RegEnumKeyExW
RegEnumValueW
CryptCreateHash
RegisterEventSourceA
RegCreateKeyExW
RegSetValueExW
RegEnumValueA
CryptDeriveKey
CryptAcquireContextA
CheckTokenMembership

comctl32

PropertySheetW
InitCommonControlsEx

gdi32

SetBkMode
TextOutW
SelectObject
Rectangle
CreatePen
ExtTextOutA
BitBlt
GetGlyphOutlineW
GetStockObject
CreateCompatibleDC
GetTextExtentPoint32A
DeleteDC
ExtTextOutW
GetTextExtentPoint32W
GetGlyphOutlineA
DeleteObject
CreateFontIndirectA
GetDeviceCaps
TextOutA

winmm

waveOutReset
PlaySoundA
waveInStop

kernel32

QueryPerformanceFrequency
SetErrorMode
SystemTimeToTzSpecificLocalTime
HeapFree
OutputDebugStringA
GetFileAttributesW
CopyFileExW
GetCurrentProcess
CreateDirectoryA
GetProcessTimes
GetShortPathNameW
CopyFileW
OpenMutexA
FindFirstFileExW
LoadLibraryExA
LoadLibraryA
GetFileAttributesA
InterlockedExchange
GetStringTypeW
VirtualFree
UnmapViewOfFile
GetCurrentThreadId
GetShortPathNameA
CopyFileA
SearchPathA
OpenEventA
GetLongPathNameW
FindFirstChangeNotificationW
GetOEMCP
FreeEnvironmentStringsA
CreateDirectoryExW
CompareStringA
MoveFileA
GlobalAlloc
SetStdHandle
GetConsoleOutputCP
ResetEvent
GetStdHandle
FreeEnvironmentStringsW
HeapReAlloc
GetModuleHandleA
InterlockedIncrement
LockResource
HeapAlloc
GetFileAttributesExA
GetStringTypeA
SetEnvironmentVariableA
LeaveCriticalSection
GetCommandLineA
GetLongPathNameA
TlsAlloc
EnterCriticalSection
GetTempPathA
RtlUnwind
CreateEventA
GetTimeFormatW
LoadResource
CompareStringW
TlsSetValue
GetUserDefaultLCID
GetVersionExA
QueryPerformanceCounter
GetSystemDefaultLCID
ReadFile
SetEvent
GetTimeFormatA
IsDebuggerPresent
SetFilePointer
GetTempPathW
ExitProcess
GetDriveTypeA
CreateFileMappingA
LoadLibraryW
SizeofResource
WriteFile
CreateFileW
GetACP
CreateProcessW
GetThreadPriority
Module32Next
GetFileSize
VirtualQuery
GetLocaleInfoA
GetSystemInfo
FindFirstChangeNotificationA
SetUnhandledExceptionFilter
FlushFileBuffers
LCMapStringW
WriteConsoleW
WaitForMultipleObjects
CreateFileA
Sleep
GetCurrentProcessId
CloseHandle
LoadLibraryExW
SetEndOfFile
GetDateFormatW
GetProcAddress
RaiseException
GetSystemDirectoryA
FindFirstFileExA
MapViewOfFile
GetModuleHandleW
RemoveDirectoryW
GetConsoleCP
GetLastError
TlsFree
CreateThread
FreeLibrary
FindFirstFileW
CreateMutexA
DeleteCriticalSection
DeviceIoControl
TlsGetValue
InterlockedDecrement
GetFileAttributesExW
SetLastError
FindResourceA
GetCurrentThread
MoveFileExA
FormatMessageA
FindFirstFileA
HeapSize
GetConsoleMode
HeapDestroy
CreateToolhelp32Snapshot
InitializeCriticalSection
GlobalFree
SetFileAttributesW
FindClose
GetVersion
HeapCreate
DebugBreak
DeleteFileW
WaitForSingleObject
MoveFileWithProgressA

user32

SetWindowLongA
GetDlgItem
DialogBoxIndirectParamA
GetMenu
IsIconic
SetCursor
MessageBeep
UnhookWindowsHookEx
DialogBoxParamW
EnumThreadWindows
SendMessageW
GetClassNameA
GetDesktopWindow
GetDC
PostMessageA
SetActiveWindow
EndPaint
MsgWaitForMultipleObjects
DefWindowProcW
InsertMenuItemW
DefWindowProcA
SetDlgItemTextA
CallNextHookEx
ReleaseCapture
ReleaseDC
MessageBoxW
SystemParametersInfoA
UnregisterClassW
GetWindowLongA
GetAsyncKeyState
GetTopWindow
LoadCursorA
CallWindowProcW
ShowWindow
LoadIconA
GetWindowRect
CallWindowProcA
CreateWindowExA
RedrawWindow
SetFocus
UnregisterClassA
CreateWindowExW
GetWindowTextW
IsWindow
LoadImageA
MessageBoxA
GetFocus
SendMessageA
GetClassInfoA
SetWindowTextW
EnableWindow
SetDlgItemTextW
PostQuitMessage
RegisterClassW
SetWindowTextA
DestroyWindow
MoveWindow
GetWindow
GetClientRect
InsertMenuItemA
AppendMenuW
EndDialog
IsWindowVisible
RegisterClassA
GetWindowTextLengthA
GetMenuItemInfoA
AppendMenuA
SetForegroundWindow
SetWindowPos
SetWindowsHookExA
BeginPaint
ScreenToClient
PeekMessageA
DispatchMessageA
GetActiveWindow
GetWindowTextA
IsDialogMessageA
GetParent
SetWindowLongW
AdjustWindowRectEx
GetCursor

Sections

.text
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 241KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ba79ff35b392436bc3d6cfb11bda44d1

Headers

File Characteristics

Imports

shell32

version

wininet

comdlg32

advapi32

comctl32

gdi32

winmm

kernel32

user32

Sections

.text Size: 71KB - Virtual size: 72KB

.data Size: 19KB - Virtual size: 18KB

.rdata Size: 241KB - Virtual size: 240KB

.bss Size: - Virtual size: 16KB

.idata Size: 8KB - Virtual size: 7KB

.CRT Size: 1024B - Virtual size: 768B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 35KB - Virtual size: 34KB

.text
Size: 71KB - Virtual size: 72KB

.data
Size: 19KB - Virtual size: 18KB

.rdata
Size: 241KB - Virtual size: 240KB

.bss
Size: - Virtual size: 16KB

.idata
Size: 8KB - Virtual size: 7KB

.CRT
Size: 1024B - Virtual size: 768B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 35KB - Virtual size: 34KB