5b050ea49ad048780e73e322f0c043bcc7e83765b6bd27b750dc584b1051aa60

Sharing

Copy URL Twitter E-mail

General

Target

5b050ea49ad048780e73e322f0c043bcc7e83765b6bd27b750dc584b1051aa60
Size

280KB
MD5

6ec6490be4533deb5ca32fae4bdd22c1
SHA1

cbbc6ad7855efd7ef9e1302cb6974b12f365a9a0
SHA256

5b050ea49ad048780e73e322f0c043bcc7e83765b6bd27b750dc584b1051aa60
SHA512

4e18bef6b72e8a7cc756104d3cc59eb36bd1d6bf04c4c14303eed11af0f5a6df01397131adb663e3e798a5809791726e44554696082ada5490539d6c6a3cb9df
SSDEEP

6144:g0uCGYzAB0LGLNJ5TrpZbd+NioC58Zut5C9KYjnvIQkSSwzJn/Pu:g0jzsBmmhTrpiNvpZutk9KSnY

Score

N/A

Malware Config

Signatures

Files

5b050ea49ad048780e73e322f0c043bcc7e83765b6bd27b750dc584b1051aa60
.exe windows x86

c118a1cb191e80eef5727bf2efe5f68e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

PolyPolyline
Chord
GetViewportExtEx
SelectObject
CreateEnhMetaFileA
SetBkColor
EndDoc
SetROP2
SetMetaFileBitsEx
GetTextCharsetInfo
CreateHalftonePalette
SetPixelV

comctl32

CreateStatusWindowW
ImageList_SetBkColor
ord17
ImageList_Duplicate

shell32

DragQueryPoint
SHGetDesktopFolder
SHBrowseForFolderA

ws2_32

WSAInstallServiceClassW
socket
getsockopt
closesocket
recv
WSALookupServiceNextA
sendto
WSALookupServiceBeginW
WSADuplicateSocketA
send
WSAAsyncGetServByPort

advapi32

DuplicateToken
IsTextUnicode
GetSecurityDescriptorLength
CryptSignHashW
GetSecurityDescriptorOwner
CryptDestroyHash
SetFileSecurityW
BuildTrusteeWithNameW
CryptGetHashParam
RegQueryInfoKeyW
AccessCheckAndAuditAlarmW
RevertToSelf
RegDeleteValueW
ImpersonateNamedPipeClient
DuplicateTokenEx
DeleteService
SetNamedSecurityInfoW
RegEnumKeyW
SetPrivateObjectSecurity
RegEnumKeyExW
CryptImportKey
AddAccessDeniedAce
GetTokenInformation
CryptSetHashParam
ChangeServiceConfigA
GetSecurityDescriptorSacl
LookupPrivilegeDisplayNameA
RegEnumValueW
AccessCheckAndAuditAlarmA
RegSetValueExW

user32

CallNextHookEx
DialogBoxIndirectParamW
CharUpperBuffA
CreateDialogIndirectParamW
OemToCharA
CopyAcceleratorTableW
RegisterClassExW
ToUnicodeEx
IsWindowEnabled
ReplyMessage
PeekMessageW
ShowOwnedPopups
DeleteMenu
SetFocus
UnregisterClassW
CheckDlgButton
SetRect
GetProcessDefaultLayout
MapVirtualKeyA
CharLowerBuffW
IsRectEmpty
EnumDisplaySettingsExW
RegisterHotKey
SetLastErrorEx
GetWindow
GetUpdateRect
IsZoomed
RegisterClassW
GetUserObjectInformationA
LoadAcceleratorsW
LoadImageW
LoadCursorW
DestroyCursor
ScrollWindowEx
InsertMenuW
CloseWindowStation

ole32

OleFlushClipboard
StgCreateStorageEx
OleSaveToStream
CoReleaseServerProcess

kernel32

UnmapViewOfFile
QueryDosDeviceW
GetTempFileNameA
LoadLibraryExW
WritePrivateProfileSectionW
GetThreadContext
EnumTimeFormatsW
LeaveCriticalSection
ExitProcess
InitializeCriticalSection
GetTickCount
GetOverlappedResult
EnumCalendarInfoA
GetModuleHandleA
SetupComm
LocalAlloc
UnhandledExceptionFilter
SetFileAttributesA
SetStdHandle
GetAtomNameA
GetCommConfig
SetThreadAffinityMask
GetFullPathNameA
SetCommTimeouts
IsProcessorFeaturePresent
GetCommModemStatus
GlobalUnlock
GetFileInformationByHandle
WriteConsoleOutputW
SearchPathW
GlobalFree
CreateDirectoryExA
GetPrivateProfileStringA
EraseTape
GetCommandLineW
OutputDebugStringW
SetThreadPriorityBoost
lstrcmpiA
GetBinaryTypeA
PrepareTape
CreateNamedPipeW
SetFileTime
SetCurrentDirectoryA
lstrcatW
VirtualAlloc
GetStartupInfoA

oleaut32

QueryPathOfRegTypeLi
SysStringLen
VariantCopy
LoadTypeLibEx
VariantChangeType
SafeArrayPutElement
SafeArrayGetLBound
LoadTypeLi

msvcrt

__p__commode
_getmbcp
__p___argv
_lseek
_mbschr
strncpy
_beginthread
_controlfp
freopen
sprintf
_fdopen
_wsystem
_chsize
wcstod
_mbsnbicmp
_itow
wcscoll
_wmakepath
_wfopen
_strncoll
_waccess
_finite
fwscanf
_eof
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_exit
__p__fmode
__set_app_type
_except_handler3

Sections

.text
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c118a1cb191e80eef5727bf2efe5f68e

Headers

File Characteristics

Imports

gdi32

comctl32

shell32

ws2_32

advapi32

user32

ole32

kernel32

oleaut32

msvcrt

Sections

.text Size: 190KB - Virtual size: 189KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 84KB - Virtual size: 83KB

.text
Size: 190KB - Virtual size: 189KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 84KB - Virtual size: 83KB