cab84f4a102b4dc9a847b6d0539e6c3b231c8a11a15df636a8ebc2a6eab18627

Sharing

Copy URL

Twitter E-mail

General

Target

cab84f4a102b4dc9a847b6d0539e6c3b231c8a11a15df636a8ebc2a6eab18627
Size

228KB
MD5

72bab85f314af2737ed14ce80027a2ee
SHA1

a5b1f8f107b56d73b0e5a2ee24181a04ef3b1bac
SHA256

cab84f4a102b4dc9a847b6d0539e6c3b231c8a11a15df636a8ebc2a6eab18627
SHA512

68aaa6d9eaf44658973c4ddc1b4dba54024d9ae9c9861418c2742f0dc9a44ade53d52ff78a49995b4514f6786afa27c42b5c03daf3ce9829656a39cdbe7a2565
SSDEEP

3072:2Sm5IMCDwYIZeenqa91ffj+dHZhW2zL4qL0BUiYAWnuvVjVcSqRvTlbJ:2Sm5wwYIZe+fHinPzL4qgvYA7RVcSwRJ

Score

N/A

Malware Config

Signatures

Files

cab84f4a102b4dc9a847b6d0539e6c3b231c8a11a15df636a8ebc2a6eab18627
.exe windows x86

4edd50a0dd27eed23803fb339d368dd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

kernel32

InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
GetModuleFileNameA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
WaitForSingleObject
GetLastError
GetProcessHeap
WideCharToMultiByte
HeapFree
lstrlenA
HeapAlloc
DeleteFileA
HeapReAlloc
InterlockedDecrement
SetFileAttributesA
CopyFileA
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
Sleep
CloseHandle
WriteFile
CreateFileA
GetTempPathA
LeaveCriticalSection
WinExec
GetVersion
lstrcmpiA
GetCurrentThreadId
CreateThread
CreateEventA
lstrcpynA
lstrcpyA
lstrcatA
InterlockedIncrement
SetEvent
IsDBCSLeadByte
LoadLibraryExA
GetModuleHandleA
GetCommandLineA
TlsFree
SetLastError
TlsAlloc
GetCPInfo
GetOEMCP
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetCurrentProcess
RemoveDirectoryA
GetSystemTimeAsFileTime
RtlUnwind
EnterCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
TlsSetValue
TlsGetValue
LCMapStringA
LCMapStringW
lstrlenW
ExitProcess
LocalFree
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
ReadFile
SetEndOfFile
FlushFileBuffers
SetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetUnhandledExceptionFilter
SetFilePointer
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
IsBadReadPtr
IsBadCodePtr

user32

PostThreadMessageA
GetMessageA
DispatchMessageA
TranslateMessage
CharNextA
CharUpperA
SetTimer
wsprintfA

comdlg32

GetFileTitleA

advapi32

RegCreateKeyA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumValueA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyExA
RegSetValueExA
RegCloseKey

shell32

SHGetMalloc
ShellExecuteA
SHGetDesktopFolder
SHGetPathFromIDListA

ole32

CoInitialize
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CoRegisterClassObject
CoCreateGuid
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoRevokeClassObject

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocStringLen
VariantClear
VariantInit
VariantCopy
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocString
GetErrorInfo

shlwapi

PathFileExistsA
PathFindExtensionA

ws2_32

WSASocketA
closesocket
WSAStartup
WSACreateEvent
WSASetEvent
WSAEventSelect
WSARecv
WSAResetEvent
WSASend
WSAGetOverlappedResult
WSAConnect
WSAEnumNetworkEvents
WSACloseEvent
WSACleanup
ntohs
getservbyport
gethostbyaddr
htons
getservbyname
htonl
inet_ntoa
gethostbyname
WSAGetLastError
inet_addr

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4edd50a0dd27eed23803fb339d368dd5

Headers

File Characteristics

Imports

wininet

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

ws2_32

Sections

.text Size: 180KB - Virtual size: 178KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 664B

.text
Size: 180KB - Virtual size: 178KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 664B