d45765cb12944a17962642bae3daca52a97b6820f76743c7fe4087e8bf939a06

Sharing

Copy URL Twitter E-mail

General

Target

d45765cb12944a17962642bae3daca52a97b6820f76743c7fe4087e8bf939a06
Size

992KB
MD5

c26ca0ff739fe781da933e1e79930197
SHA1

8e81cc08e2a1963af10439910cbf4ca0ff67ac2b
SHA256

d45765cb12944a17962642bae3daca52a97b6820f76743c7fe4087e8bf939a06
SHA512

7684ca940c9d988ea9534cd111fd5c3f50648f1d71f0c892087caae16fd9e7cddc9622e789e8fe9ae540b45e4065579e6aefc58b605766b54ea2ac6077696af7
SSDEEP

24576:rir4BfIk0vRnEQcibKcDODtDkUz7MD+X8uGmfyU:uIQk0lHnDLUz7EXMff

Score

N/A

Malware Config

Signatures

Files

d45765cb12944a17962642bae3daca52a97b6820f76743c7fe4087e8bf939a06
.exe windows x86

f01f6b6f4df352ab3228b966cdfac3c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCanonicalizeUrlW
HttpAddRequestHeadersW
HttpQueryInfoW
InternetOpenW
InternetReadFile
InternetSetFilePointer
HttpOpenRequestW
HttpSendRequestW
InternetConnectW

ole32

CoInitialize
CoUninitialize

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

kernel32

CreateEventW
SetEvent
OutputDebugStringA
OutputDebugStringW
LoadLibraryExW
FreeLibrary
CopyFileW
WritePrivateProfileStringW
GetSystemTime
LoadLibraryW
GetProcAddress
GetPrivateProfileIntW
SetFileAttributesW
lstrlenW
WideCharToMultiByte
CreateFileW
GetFileSize
WaitForSingleObject
DeleteFileW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
LocalFree
lstrcpynW
FormatMessageW
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcpyW
SizeofResource
LockResource
LoadResource
GetThreadLocale
GlobalFree
SetLastError
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
GetVersion
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
lstrcmpW
GlobalFlags
GetCurrentThreadId
lstrcatW
GetVersionExA
LoadLibraryA
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
ExitProcess
HeapFree
RtlUnwind
ExitThread
CreateThread
CreateDirectoryW
GetSystemTimeAsFileTime
GetModuleFileNameA
GetStartupInfoW
HeapAlloc
HeapReAlloc
SetStdHandle
GetFileType
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
TerminateProcess
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetACP
InterlockedExchange
CloseHandle
GetModuleHandleW
GetModuleFileNameW
GetPrivateProfileStringW
CreateMutexW
GetLastError
FindResourceW

user32

CallWindowProcW
RegisterClassW
GetClassInfoW
AdjustWindowRectEx
PostMessageW
GetMenu
GetClientRect
SetForegroundWindow
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
GetForegroundWindow
RemovePropW
GetPropW
SetPropW
GetClassLongW
GetClassInfoExW
GetCapture
WinHelpW
RegisterWindowMessageW
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
SetWindowLongW
DestroyMenu
GetSysColor
GetSysColorBrush
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetMenuItemBitmaps
ModifyMenuW
EnableMenuItem
GetDlgItem
CheckMenuItem
SetWindowsHookExW
GetMenuCheckMarkDimensions
LoadBitmapW
SetWindowPos
wsprintfW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
UnregisterClassW
FindWindowW
SendMessageW
LoadIconW
LoadCursorW
RegisterClassExW
BeginPaint
EndPaint
PostQuitMessage
DefWindowProcW
DestroyWindow
CreateWindowExW
ShowWindow
UpdateWindow
CallNextHookEx
GetKeyState
PeekMessageW
ValidateRect
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
SetWindowTextW
GetClassNameW
GetWindowTextW
MessageBoxW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
GetSystemMetrics
GetDC
ReleaseDC

gdi32

GetStockObject
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
GetDeviceCaps
SaveDC
RestoreDC
SetMapMode
DeleteObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible

sensapi

IsNetworkAlive

oleacc

CreateStdAccessibleObject
LresultFromObject

shell32

ILGetSize

shlwapi

PathFileExistsW
StrToIntW

Sections

.text
Size: 640KB - Virtual size: 640KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f01f6b6f4df352ab3228b966cdfac3c9

Headers

File Characteristics

Imports

wininet

ole32

advapi32

kernel32

user32

gdi32

sensapi

oleacc

shell32

shlwapi

Sections

.text Size: 640KB - Virtual size: 640KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 312KB - Virtual size: 3.6MB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 640KB - Virtual size: 640KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 312KB - Virtual size: 3.6MB

.rsrc
Size: 32KB - Virtual size: 31KB