03a02c136d3bc6673315bce3f9ae664d3adfa417d8f3c5eab8f2ac1a4a1ab554

Sharing

Copy URL Twitter E-mail

General

Target

03a02c136d3bc6673315bce3f9ae664d3adfa417d8f3c5eab8f2ac1a4a1ab554
Size

240KB
MD5

7de14a65c40a037b34d3879211dd201a
SHA1

bd65123a1312685c8579ad972a88b7c4520f41d0
SHA256

03a02c136d3bc6673315bce3f9ae664d3adfa417d8f3c5eab8f2ac1a4a1ab554
SHA512

c5ed013ee75c9f2cfbb12bfa3b5fcef4d3189d107612a2ca8ca93135af5df3a20572c1293057ede943f8c76146f5e3039bf93167641c60f86aa4ee3ca130ff1f
SSDEEP

6144:T3rkj/S2Cv/lMl8JOCxPhZm6ySduV76QJ1Kc+Mua:T7kj/30lMlYPhuV76QJgVMx

Score

N/A

Malware Config

Signatures

Files

03a02c136d3bc6673315bce3f9ae664d3adfa417d8f3c5eab8f2ac1a4a1ab554
.exe windows x86

9d771163f7f95f15eb92c0115d2fc9c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
SetNamedPipeHandleState
GetBinaryTypeW
SetEnvironmentVariableA
GetACP
GetConsoleMode
CompareStringA
LCMapStringA
WriteConsoleOutputCharacterA
GetProcessTimes
GetDiskFreeSpaceW
Beep
SetConsoleCursorPosition
_lclose
SetConsoleWindowInfo
lstrcatW
GetProcessHeap
ReadConsoleInputW
GetWindowsDirectoryA
EnumCalendarInfoA
AllocConsole
CreateDirectoryExA
FlushFileBuffers
WritePrivateProfileStringA
GetSystemTimeAdjustment
GetOverlappedResult
CreateDirectoryA
SizeofResource
GlobalGetAtomNameW
DuplicateHandle
GetTempFileNameA
QueryDosDeviceA
GetTempPathW
GetProfileStringA
CreateDirectoryW
OpenMutexA
SetErrorMode
LoadResource
DeleteCriticalSection
FreeEnvironmentStringsA
RemoveDirectoryA
FreeLibrary
GetFileAttributesExA
ExitThread
GetPrivateProfileStringA
TryEnterCriticalSection
GetComputerNameW
GetTapeStatus
_lopen
FindFirstFileW
EnumTimeFormatsW
GlobalFree
GetLargestConsoleWindowSize
WritePrivateProfileStringW
GetStringTypeExW
CreatePipe
LocalFileTimeToFileTime
CopyFileExW
GetModuleHandleA
EnumCalendarInfoW
GetSystemDefaultLangID
EraseTape
WritePrivateProfileSectionW
OutputDebugStringA
SetFileAttributesA
CreateIoCompletionPort
UnhandledExceptionFilter
DosDateTimeToFileTime
EndUpdateResourceA
GetUserDefaultLangID
SetSystemTime
SuspendThread
WriteProcessMemory
GetOEMCP
AreFileApisANSI
SetConsoleActiveScreenBuffer
ReadFile
lstrlenA
SetMailslotInfo
VirtualAlloc
GetStartupInfoA

gdi32

CreateRoundRectRgn
SetPolyFillMode
CreateFontIndirectA
SetColorAdjustment
FrameRgn
TranslateCharsetInfo
GetClipBox
GetFontData
CreateDCW
StrokeAndFillPath
GetDeviceCaps
ExtEscape
PtVisible

ws2_32

htonl
WSASetLastError
gethostbyaddr
WSAGetServiceClassNameByClassIdW
WSAResetEvent
WSALookupServiceBeginA
WSAGetLastError
getsockname
sendto
WSAInstallServiceClassW
WSACancelAsyncRequest
WSAAsyncGetHostByName
WSASetBlockingHook
WSAIsBlocking
select
WSADuplicateSocketA
WSARecvFrom
ioctlsocket
shutdown

ole32

CLSIDFromString
IIDFromString
OleCreateFromData
OleSetContainedObject
OleSetMenuDescriptor

advapi32

AddAce
GetSidSubAuthority
CryptSetHashParam
SetTokenInformation
LockServiceDatabase
CryptDestroyHash
InitializeSecurityDescriptor
RegOpenKeyExW
NotifyBootConfigStatus
FreeSid
RegQueryValueA
RegSetValueExA
CryptEncrypt
RegisterServiceCtrlHandlerW
QueryServiceConfigW
RegLoadKeyW
GetServiceDisplayNameA
EnumDependentServicesW
RegNotifyChangeKeyValue
RegQueryInfoKeyW

shell32

SHGetSpecialFolderPathA
SHGetSettings
ExtractIconA
SHFileOperationA
Shell_NotifyIconA
DragAcceptFiles
FindExecutableW
ExtractIconExW
SHGetDesktopFolder

oleaut32

VariantChangeType
SafeArrayRedim
SafeArrayGetLBound
SysFreeString
SafeArrayUnaccessData
QueryPathOfRegTypeLi
SafeArrayGetElement

version

VerQueryValueA

user32

IsRectEmpty
ClipCursor
FlashWindowEx
wvsprintfA
GetScrollBarInfo
CreateWindowExW
InSendMessage
InternalGetWindowText
CreateIconFromResource
IsMenu
RegisterClassExW
IsChild
MoveWindow
GetCursorPos
IsIconic
SendMessageW
DrawTextExW
PeekMessageW
GetClipCursor
SetActiveWindow
GetWindowThreadProcessId
GetKeyboardLayout
DialogBoxIndirectParamA
HiliteMenuItem

msvcrt

_setmode
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
strtok
fwprintf
wctomb
rand
strtod
_wsetlocale
_mbsnbcpy
_wcsnset
_strdup
_mbctoupper
_mbscpy
_mbslwr
_mbslen
clock
strcoll
_exit
wcsncpy
system
calloc
_spawnv
fseek
strrchr
getchar
clearerr
putc
_get_osfhandle
_wstrdate
tolower
_ismbblead
wcsncat
_stricmp
_waccess
wcscat
strpbrk
_makepath

Sections

.text
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9d771163f7f95f15eb92c0115d2fc9c8

Headers

File Characteristics

Imports

kernel32

gdi32

ws2_32

ole32

advapi32

shell32

oleaut32

version

user32

msvcrt

Sections

.text Size: 200KB - Virtual size: 196KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 28KB - Virtual size: 27KB

.text
Size: 200KB - Virtual size: 196KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 28KB - Virtual size: 27KB