d007a7bfc0b1d4b6ede1738e030411450d7a933fcabdc09526fe9a5e02877fda

Sharing

Copy URL Twitter E-mail

General

Target

d007a7bfc0b1d4b6ede1738e030411450d7a933fcabdc09526fe9a5e02877fda
Size

212KB
MD5

8c544fab8dfea003ddb06cd64e0bf2a2
SHA1

e652d3f5a69cba9445100143ee6db2dec382a0b3
SHA256

d007a7bfc0b1d4b6ede1738e030411450d7a933fcabdc09526fe9a5e02877fda
SHA512

1dea64f43c8de763f362d424aa5ec430ab83b6fe4fd17866bb9ae89c104030da1caba7b23426b40bb9ac4f5c7b3913aed34a35afc0909627856493f4e7616fd4
SSDEEP

3072:ZIEyiQPBETrOw+RB6SXRdAcDNKeKBvDD8JyNhyPgyDrpwfwt2GmBGAs8NO3dfRnh:ZzQBld6ShdAa4hKyGY/fAAZNO3zSu

Score

N/A

Malware Config

Signatures

Files

d007a7bfc0b1d4b6ede1738e030411450d7a933fcabdc09526fe9a5e02877fda
.exe windows x86

e652e67e05a0f261eb1898d10a0240f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorA
ChooseFontW

comctl32

ImageList_Duplicate
ImageList_BeginDrag

oleaut32

SysStringLen
LoadTypeLibEx
VariantChangeType

advapi32

OpenServiceW
IsValidSid
CryptSetHashParam
CryptSetKeyParam
InitializeAcl
ImpersonateSelf
StartServiceCtrlDispatcherW
LookupAccountSidW
CryptDeriveKey
OpenEventLogW
GetSecurityInfo
RegOpenKeyExA
AllocateAndInitializeSid
CopySid
RegSaveKeyA
RegEnumKeyW
RegSetValueA
RegDeleteKeyW
SetFileSecurityA
GetPrivateObjectSecurity
InitiateSystemShutdownA
ReportEventW
CryptGenRandom
RegConnectRegistryA
AccessCheckAndAuditAlarmA
DeleteService
DuplicateToken
GetSidLengthRequired
MakeSelfRelativeSD
GetAce
GetSecurityDescriptorGroup
RegDeleteKeyA
RegCreateKeyW
AdjustTokenPrivileges

version

VerInstallFileA

ws2_32

WSAAsyncGetServByName
WSAAsyncGetServByPort
listen
WSADuplicateSocketA
WSAEnumNameSpaceProvidersA
WSAAddressToStringA
WSAUnhookBlockingHook
WSAProviderConfigChange
getservbyport
gethostbyaddr
htons
inet_ntoa
recvfrom

shell32

DragAcceptFiles
SHGetSettings

kernel32

GetTempPathW
GetModuleHandleA
GetConsoleCursorInfo
GetStartupInfoA
SetProcessAffinityMask
lstrcpyA
SetHandleCount
GetFileAttributesExA
EraseTape
GetDiskFreeSpaceW
SetMailslotInfo
SetFileTime
LocalSize
MoveFileExA
WaitNamedPipeA
FindFirstFileExW
SetupComm
SetConsoleWindowInfo
LocalAlloc
IsValidLocale
VirtualAlloc
Beep
FindFirstFileW
FindResourceExW
GetFileType
WritePrivateProfileStructA
EnumDateFormatsW
SizeofResource
GetCommConfig
GlobalAddAtomA
ClearCommBreak
GlobalGetAtomNameW
GetSystemTime
CreateDirectoryA
lstrcatW
LoadResource
GetNumberFormatW
GlobalFindAtomA
CreateNamedPipeW
_lread
ReleaseMutex
FindFirstFileA
MultiByteToWideChar
GetCurrentProcessId
GetComputerNameW
GetTapeParameters
DeleteFiber
WritePrivateProfileSectionW
GlobalAddAtomW
PeekNamedPipe
SetCurrentDirectoryA
IsBadStringPtrA
FormatMessageA
CreateDirectoryW

user32

OemToCharBuffW
GrayStringW
ShowOwnedPopups
OpenInputDesktop
ChangeDisplaySettingsA
SetWindowRgn
SetMessageQueue
IsWindowVisible
CreateAcceleratorTableW
OemKeyScan
GetKeyboardState
LoadCursorFromFileW
SendMessageW
CreateAcceleratorTableA
CreateIconFromResource
GetWindowTextLengthA
IsChild
DispatchMessageW
EnumClipboardFormats
DrawIconEx
GetKeyboardLayout
SetWindowContextHelpId
MapVirtualKeyA
GetCapture
MsgWaitForMultipleObjects
RegisterWindowMessageA
GetDialogBaseUnits
CallNextHookEx
DrawCaption
GetDC
ShowWindowAsync
GetKeyNameTextW
LoadIconA
SwapMouseButton
GetMenuStringA
DrawTextExW
InsertMenuItemW
GetSystemMenu
CharLowerBuffA
LookupIconIdFromDirectory
WinHelpA
GetClassInfoA
DefFrameProcW
UnregisterDeviceNotification

gdi32

PaintRgn
SetWorldTransform
RemoveFontResourceA
GetTextFaceW

ole32

OleInitialize
WriteClassStg
ProgIDFromCLSID
CoResumeClassObjects
CoGetInterfaceAndReleaseStream

msvcrt

setvbuf
_fileno
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_wcslwr
strstr
strspn
fgets
_wpopen
fgetwc
strftime
isxdigit
rewind
_beginthread
_mbsinc
wcsncmp
_mbscat
_wcsicmp
_getdrive
_wcsnset
_wgetenv
localtime
_umask
rename
exit
_popen
_mkdir
_strncoll
_mbslwr
_wcsupr
bsearch
_fstat
_snwprintf
time
fread
_ltoa
_c_exit
clearerr
asctime
__doserrno
_wfopen

Sections

.text
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e652e67e05a0f261eb1898d10a0240f2

Headers

File Characteristics

Imports

comdlg32

comctl32

oleaut32

advapi32

version

ws2_32

shell32

kernel32

user32

gdi32

ole32

msvcrt

Sections

.text Size: 196KB - Virtual size: 192KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 3KB

.text
Size: 196KB - Virtual size: 192KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 3KB