caa1fcc9514ced7ba82bf86a573fd9c7d97420b2cb05f5592f07f60256c79958

Sharing

Copy URL Twitter E-mail

General

Target

caa1fcc9514ced7ba82bf86a573fd9c7d97420b2cb05f5592f07f60256c79958
Size

268KB
MD5

201df4cd23176e01ccf38e23415b2b67
SHA1

39a2abf9f88969822498778d226bc6f6a433cb37
SHA256

caa1fcc9514ced7ba82bf86a573fd9c7d97420b2cb05f5592f07f60256c79958
SHA512

72fc155402e2fdf54ef2da4696b18c88bed07a88c2add833a39a9062b6c3675f9dfc7078ce4a45c8b4c4513b084e0b70710cf68377c038d90da019a3015d21ea
SSDEEP

3072:ooIgSSdJhEy97PzAcee54pfwfq84Mo6RpZm7kUAmBSGU371+Z17cUA4/0GFZ6kza:HIbIrTJi2DNCvhU37oPXPrO

Score

N/A

Malware Config

Signatures

Files

caa1fcc9514ced7ba82bf86a573fd9c7d97420b2cb05f5592f07f60256c79958
.exe windows x86

1ab33923f3b65d838a590a0a6cbb0839

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GetModuleHandleA
GetLastError
FindResourceA
lstrcatA
RaiseException
GlobalAddAtomA
GetProcAddress
SizeofResource
HeapAlloc
VirtualFree
DeleteFileA
CreateThread
lstrcpynA
GetFileType
InitializeCriticalSection
WideCharToMultiByte
ReadFile
CloseHandle
ResetEvent
MulDiv
WaitForSingleObject
EnterCriticalSection
FreeLibrary
SetHandleCount
GetLocaleInfoA
GlobalDeleteAtom
GetUserDefaultLCID
CreateEventA
VirtualAllocEx
GetACP
CompareStringA
FreeResource
GlobalAlloc
GetCurrentProcessId
GlobalFindAtomA
LoadResource
GetStringTypeA
GetFileAttributesA
SetErrorMode
GetStdHandle
MoveFileExA
ExitThread
SetThreadLocale
GetEnvironmentStrings
FindClose
lstrcpyA
GetCurrentThread
GetDateFormatA
LockResource
LocalFree
GetFullPathNameA
MoveFileExA
lstrcpyA
GetModuleHandleW
LoadLibraryExA
GetCommandLineW
GlobalAddAtomA
lstrlenW
GetDiskFreeSpaceA
ExitThread
CloseHandle
GetVersion
GetFileAttributesA
WaitForSingleObject
WriteFile
VirtualAllocEx
CreateFileA
lstrlenA
SetFilePointer
SetEvent
GetCPInfo
RaiseException
SizeofResource
IsBadReadPtr
LocalAlloc
FindResourceA
SetThreadLocale
GlobalAlloc
SetHandleCount
GetVersionExA
GetACP
FormatMessageA
GetCurrentProcessId
IsBadHugeReadPtr
GetStdHandle
CompareStringA
GetProcAddress
Sleep
lstrcpynA
lstrcmpA
LoadLibraryA
GetLocalTime
GetModuleFileNameA
GetOEMCP
WideCharToMultiByte
VirtualFree
ExitProcess
GetStringTypeA
GetLastError
CreateEventA
GetModuleHandleA
FreeLibrary
GetCurrentProcess
DeleteFileA
FindFirstFileA

shlwapi

SHQueryInfoKeyA
PathFileExistsA
SHSetValueA
SHStrDupA
PathIsDirectoryA
SHDeleteValueA
SHGetValueA
SHQueryValueExA
SHEnumValueA
SHDeleteValueA
SHDeleteKeyA
SHQueryInfoKeyA
SHGetValueA
PathGetCharTypeA

user32

SetMenuItemInfoA
CharNextW
GetIconInfo
ShowScrollBar
RegisterWindowMessageA
SetScrollRange
BeginPaint
GetMenuItemInfoA
GetDCEx
GetKeyboardLayoutNameA
SendMessageA
RegisterClassA
GetTopWindow
MsgWaitForMultipleObjects
ScreenToClient
CharNextA
GetCursorPos
LoadStringA
GetForegroundWindow
GetScrollInfo
IntersectRect
SetParent
IsIconic
UnregisterClassA
DestroyWindow
SetWindowLongW
EnableWindow
GetSysColorBrush

comdlg32

GetFileTitleA
GetOpenFileNameA
ChooseColorA

msvcrt

calloc
_acmdln
acos
pow
memmove
malloc
wcstol
strncmp
memset
mbstowcs
malloc
sqrt
acos
tolower
wcscspn
rand

oleaut32

RegisterTypeLib

shell32

SHGetFolderPathA
SHGetSpecialFolderLocation
SHFileOperationA
SHGetDiskFreeSpaceA
DragQueryFileA
SHGetDesktopFolder

gdi32

GetCurrentPositionEx
CreateCompatibleDC
GetPaletteEntries
GetRgnBox
GetClipBox
GetBitmapBits

ole32

CoRevokeClassObject
CoGetMalloc
OleRegGetUserType
CoTaskMemFree
ReleaseStgMedium
MkParseDisplayName
CoRevokeClassObject
CreateOleAdviseHolder
CoTaskMemFree
CoUninitialize
CLSIDFromProgID
CoRevokeClassObject
CoGetMalloc
CoReleaseMarshalData
PropVariantClear
CoGetObjectContext

advapi32

RegEnumKeyA
RegQueryValueA
GetLengthSid
GetUserNameA

comctl32

ImageList_Write
ImageList_GetBkColor
ImageList_Destroy
ImageList_Draw
ImageList_Create
ImageList_Add

version

VerFindFileA
VerInstallFileA
GetFileVersionInfoA

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ab33923f3b65d838a590a0a6cbb0839

Headers

File Characteristics

Imports

kernel32

shlwapi

user32

comdlg32

msvcrt

oleaut32

shell32

gdi32

ole32

advapi32

comctl32

version

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 1KB

BSS Size: 8KB - Virtual size: 6KB

.bdata Size: 140KB - Virtual size: 138KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 1KB

BSS
Size: 8KB - Virtual size: 6KB

.bdata
Size: 140KB - Virtual size: 138KB

.rsrc
Size: 8KB - Virtual size: 7KB