bdcf629b93ed4d65f3375c9ae54717b1f3045d4367c6df7cc1ede9d908634350

Sharing

Copy URL

Twitter E-mail

General

Target

bdcf629b93ed4d65f3375c9ae54717b1f3045d4367c6df7cc1ede9d908634350
Size

228KB
MD5

f8995083b10322509f7a338aa39d56fc
SHA1

4ac8cb20f3cce570ed371719009899133b7e79c7
SHA256

bdcf629b93ed4d65f3375c9ae54717b1f3045d4367c6df7cc1ede9d908634350
SHA512

d6bee3ad16443b1fe97c6059462750345de891a060a343b3ef299ce1f0ae54a73a46d279f8b0725fd300eac8ca689006a0319b77c6dcd4f2c1e96f3f5e482fb9
SSDEEP

3072:2Sm5IMCDwYIZeenqa91ffj+dHZhW2zL4qL0BUiYAWnuvVjVcSqRvTlbG:2Sm5wwYIZe+fHinPzL4qgvYA7RVcSwRG

Score

N/A

Malware Config

Signatures

Files

bdcf629b93ed4d65f3375c9ae54717b1f3045d4367c6df7cc1ede9d908634350
.exe windows x86

4edd50a0dd27eed23803fb339d368dd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

kernel32

InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
GetModuleFileNameA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
WaitForSingleObject
GetLastError
GetProcessHeap
WideCharToMultiByte
HeapFree
lstrlenA
HeapAlloc
DeleteFileA
HeapReAlloc
InterlockedDecrement
SetFileAttributesA
CopyFileA
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
Sleep
CloseHandle
WriteFile
CreateFileA
GetTempPathA
LeaveCriticalSection
WinExec
GetVersion
lstrcmpiA
GetCurrentThreadId
CreateThread
CreateEventA
lstrcpynA
lstrcpyA
lstrcatA
InterlockedIncrement
SetEvent
IsDBCSLeadByte
LoadLibraryExA
GetModuleHandleA
GetCommandLineA
TlsFree
SetLastError
TlsAlloc
GetCPInfo
GetOEMCP
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetCurrentProcess
RemoveDirectoryA
GetSystemTimeAsFileTime
RtlUnwind
EnterCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
TlsSetValue
TlsGetValue
LCMapStringA
LCMapStringW
lstrlenW
ExitProcess
LocalFree
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
ReadFile
SetEndOfFile
FlushFileBuffers
SetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetUnhandledExceptionFilter
SetFilePointer
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
IsBadReadPtr
IsBadCodePtr

user32

PostThreadMessageA
GetMessageA
DispatchMessageA
TranslateMessage
CharNextA
CharUpperA
SetTimer
wsprintfA

comdlg32

GetFileTitleA

advapi32

RegCreateKeyA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumValueA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyExA
RegSetValueExA
RegCloseKey

shell32

SHGetMalloc
ShellExecuteA
SHGetDesktopFolder
SHGetPathFromIDListA

ole32

CoInitialize
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CoRegisterClassObject
CoCreateGuid
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoRevokeClassObject

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocStringLen
VariantClear
VariantInit
VariantCopy
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocString
GetErrorInfo

shlwapi

PathFileExistsA
PathFindExtensionA

ws2_32

WSASocketA
closesocket
WSAStartup
WSACreateEvent
WSASetEvent
WSAEventSelect
WSARecv
WSAResetEvent
WSASend
WSAGetOverlappedResult
WSAConnect
WSAEnumNetworkEvents
WSACloseEvent
WSACleanup
ntohs
getservbyport
gethostbyaddr
htons
getservbyname
htonl
inet_ntoa
gethostbyname
WSAGetLastError
inet_addr

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4edd50a0dd27eed23803fb339d368dd5

Headers

File Characteristics

Imports

wininet

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

ws2_32

Sections

.text Size: 180KB - Virtual size: 178KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 664B

.text
Size: 180KB - Virtual size: 178KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 664B