08bd40ebe17325ff320c0fdd79b3633fa9c62905950b9c27f74a1c186e9e4792

Sharing

Copy URL Twitter E-mail

General

Target

08bd40ebe17325ff320c0fdd79b3633fa9c62905950b9c27f74a1c186e9e4792
Size

149KB
MD5

d599c378a5fe96a2ddc8b03ed77824ee
SHA1

45cfef9335b5f42291063c96b7529bcfea504f32
SHA256

08bd40ebe17325ff320c0fdd79b3633fa9c62905950b9c27f74a1c186e9e4792
SHA512

054ef19524d6be1ebeed2c4ee0f6d3f63fa96f4a5800fe2bd0be60515a5bcc6b253b9b9be90746f545eb6cd93bb1b9983376ceb1a7c09e3d5d5cc54189b75f2a
SSDEEP

3072:j3PtYJygjcUjEvX4Nitjb2i4m0i3RDJO8gIboA/bXqpHlAQGSy1seHmdG:jlYJyWcJECjb2i4mH3NJBgy/T+AQGSyn

Score

N/A

Malware Config

Signatures

Files

08bd40ebe17325ff320c0fdd79b3633fa9c62905950b9c27f74a1c186e9e4792
.exe windows x86

b56c635c0d9718c650d64ad13d515c8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareFileTime
CompareStringA
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileW
CreateMutexA
CreateProcessA
DeleteFileW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindNextFileA
FindResourceW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetCommandLineW
GetConsoleOutputCP
GetCurrentThreadId
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetExitCodeProcess
GetExitCodeThread
GetFileSize
GetFileTime
GetFileType
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDefaultLCID
GetSystemDirectoryW
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathW
GetVersion
GlobalFree
HeapCreate
HeapSize
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
IsBadWritePtr
IsDebuggerPresent
IsValidCodePage
LoadLibraryExW
MapViewOfFile
MultiByteToWideChar
OpenProcess
OutputDebugStringA
ReleaseMutex
RemoveDirectoryA
RtlUnwind
SetCurrentDirectoryA
SetErrorMode
SetFileTime
SetHandleCount
SetStdHandle
SystemTimeToFileTime
TlsAlloc
TlsFree
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WriteConsoleA
lstrcatA
lstrcmpA
lstrcpyA
lstrlenW

user32

AdjustWindowRectEx
BeginPaint
CallNextHookEx
CheckMenuItem
CreateMenu
CreatePopupMenu
DeleteMenu
DestroyWindow
DrawIcon
DrawMenuBar
EnableWindow
EnumThreadWindows
EnumWindows
EqualRect
FindWindowA
GetActiveWindow
GetCapture
GetClassInfoA
GetDC
GetDCEx
GetDesktopWindow
GetKeyboardType
GetLastActivePopup
GetMenu
GetMenuItemCount
GetMenuItemID
GetMessageA
GetPropA
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSystemMenu
GetWindowThreadProcessId
IsDialogMessageA
IsIconic
IsWindow
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
OffsetRect
OpenClipboard
PostQuitMessage
PtInRect
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SetActiveWindow
SetClipboardData
SetCursor
SetMenu
SetPropA
SetScrollInfo
SetScrollPos
SetWindowsHookExA
ShowOwnedPopups
ShowWindow
UnhookWindowsHookEx
WaitMessage
WinHelpA

gdi32

ArcTo
BitBlt
CloseMetaFile
CombineRgn
CreateBitmap
CreateBrushIndirect
CreateDCA
CreateDIBSection
CreateFontA
CreateFontW
CreatePalette
CreatePatternBrush
CreatePen
CreateRectRgn
DeleteEnhMetaFile
EndDoc
EnumFontFamiliesExA
GdiFlush
GetBkMode
GetCharWidthW
GetClipRgn
GetCurrentObject
GetEnhMetaFileBits
GetEnhMetaFileDescriptionA
GetMapMode
GetObjectType
GetPaletteEntries
GetTextCharsetInfo
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextExtentPointA
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineDDA
LineTo
PolyDraw
Polygon
RealizePalette
RectVisible
RemoveFontResourceA
RestoreDC
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetColorAdjustment
SetGraphicsMode
SetMapMode
SetMapperFlags
SetRectRgn
SetTextJustification
SetWinMetaFileBits
SetWorldTransform
StartPage

shell32

DoEnvironmentSubstW
DragQueryFile
DragQueryFileW
ExtractIconA
ExtractIconExA
ExtractIconW
SHAppBarMessage
SHBindToParent
SHBrowseForFolderA
SHBrowseForFolderW
SHFileOperationA
SHGetFileInfo
SHGetFileInfoA
SHGetFolderLocation
SHGetFolderPathA
SHGetMalloc
SHGetPathFromIDList
SHGetSpecialFolderPathA
ShellExecuteA
ShellExecuteEx
ShellExecuteExA
ShellExecuteW
Shell_NotifyIconW

comctl32

CreatePropertySheetPageW
CreateToolbarEx
DestroyPropertySheetPage
ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_Remove
ImageList_Replace
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
InitCommonControls
InitCommonControlsEx
InitializeFlatSB
PropertySheetA
PropertySheetW

advapi32

AddAccessAllowedAce
AdjustTokenPrivileges
AllocateAndInitializeSid
CheckTokenMembership
CloseServiceHandle
ControlService
ConvertStringSecurityDescriptorToSecurityDescriptorW
CopySid
CryptCreateHash
CryptDestroyHash
CryptGenRandom
CryptHashData
CryptReleaseContext
DeleteService
DeregisterEventSource
EqualSid
FreeSid
GetLengthSid
GetTokenInformation
GetUserNameA
InitializeAcl
InitializeSecurityDescriptor
InitiateSystemShutdownA
IsValidSid
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
OpenSCManagerW
OpenThreadToken
QueryServiceStatus
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegCreateKeyExW
RegDeleteValueA
RegDeleteValueW
RegEnumKeyA
RegEnumKeyExA
RegEnumKeyExW
RegEnumKeyW
RegEnumValueA
RegEnumValueW
RegFlushKey
RegOpenKeyA
RegOpenKeyExA
RegOpenKeyW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegQueryValueA
RegSetValueExA
RegSetValueExW
RevertToSelf
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner

msvcrt

_CIasin
_CIlog10
_HUGE
_c_exit
_filbuf
_ismbcprint
_ismbcspace
_lseek
_mbctolower
_mbschr
_mbstok
_strtime
_timezone
_unlock
_vscwprintf
_vsnwprintf
_wcsicmp
_wfopen
_winmajor
calloc
ceil
floor
fwrite
mblen
towupper
wcsspn

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b56c635c0d9718c650d64ad13d515c8d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

msvcrt

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 85KB - Virtual size: 84KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 85KB - Virtual size: 84KB

.rsrc
Size: 16KB - Virtual size: 16KB