a300f75d072626d7facbd9d843fcceedb741cca5f470e86eac18f95233ab5f8c

Sharing

Copy URL

Twitter E-mail

General

Target

a300f75d072626d7facbd9d843fcceedb741cca5f470e86eac18f95233ab5f8c
Size

296KB
MD5

20f4fdec597d271f018b069fc906fec3
SHA1

fe68b3990655220700339d80e67a19f20cfe15f1
SHA256

a300f75d072626d7facbd9d843fcceedb741cca5f470e86eac18f95233ab5f8c
SHA512

5501b251bd68d3bb7a80d37f9cfea565e8eefdeea2c22895614d43cc2d6955390cd8a13840f76423d2fe9dc8973f42b562157ea46c170b39647da78731599ab1
SSDEEP

3072:f5fVg3MXG4nOugQP9nElxT+xPNHLtaSOrBjXHur/XzQoHWnoo33IEOMNeyLB:fl7dnXgSU+xJtafVinJE57

Score

N/A

Malware Config

Signatures

Files

a300f75d072626d7facbd9d843fcceedb741cca5f470e86eac18f95233ab5f8c
.exe windows x86

e394d8ed5182f8156dd989e2506cc1c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GlobalFree
GlobalHandle
GlobalReAlloc
GlobalAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
RtlUnwind
ExitProcess
RaiseException
CreateDirectoryA
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
GetVersion
GetLocalTime
GetACP
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalLock
GlobalUnlock
lstrcmpA
GetFileTime
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageA
lstrcmpiA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
FindNextFileA
FindFirstFileA
SetLastError
FindClose
InterlockedDecrement
InterlockedIncrement
WriteFile
LocalAlloc
LocalFree
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrcpyA
ReleaseMutex
UnmapViewOfFile
FlushViewOfFile
OpenFileMappingA
MapViewOfFile
CreateFileMappingA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
GetFileAttributesA
SetFileAttributesA
GetProcessVersion
GetEnvironmentStrings
FreeEnvironmentStringsA
DeviceIoControl
CreateFileA
GetModuleHandleA
GetSystemInfo
GetTimeZoneInformation
GetCurrentProcess
SetTimeZoneInformation
GetTempPathA
lstrcatA
GetExitCodeThread
TerminateThread
GetPrivateProfileStringA
GetVersionExA
GlobalMemoryStatus
GetWindowsDirectoryA
GetDiskFreeSpaceExA
SetLocalTime
CreateMutexA
GetLastError
SetUnhandledExceptionFilter
GetCurrentProcessId
CreateEventA
CreateThread
WaitForSingleObject
MultiByteToWideChar
WideCharToMultiByte
GetTickCount
LoadLibraryA
GetProcAddress
FreeLibrary
CreateToolhelp32Snapshot
Process32First
OpenProcess
TerminateProcess
Process32Next
CloseHandle
DeleteFileA
GetSystemDirectoryA
CopyFileA
Sleep
GetSystemTime
GetModuleFileNameA

user32

DestroyMenu
GetSysColorBrush
LoadCursorA
PostQuitMessage
PtInRect
GetClassNameA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
SetWindowTextA
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
ClientToScreen
LoadIconA
MapWindowPoints
GetSysColor
GetForegroundWindow
GetDesktopWindow
SetTimer
SetWindowPos
GetCursorPos
GetFocus
SetFocus
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
MessageBoxA
GetParent
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
ShowWindow
DialogBoxParamA
CreateDialogParamA
GetWindowLongA
CharUpperA
GetSystemMetrics
PostMessageA
DispatchMessageA
PeekMessageA
EnableWindow
GetWindowTextA
LoadStringA
UnhookWindowsHookEx
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetWindowLongA
GetWindow
SendMessageA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
SetForegroundWindow

gdi32

CreateBitmap
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
SetMapMode
DeleteObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetClipBox
SetTextColor
SetBkColor
GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

OpenProcessToken
RegDeleteKeyA
EnumServicesStatusA
QueryServiceConfig2A
QueryServiceConfigA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyA
ChangeServiceConfigA
ChangeServiceConfig2A
InitializeSecurityDescriptor
CloseServiceHandle
OpenServiceA
CreateServiceA
OpenSCManagerA
DeleteService
QueryServiceStatus
ControlService
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegSetValueExA
StartServiceA
RegCreateKeyExA
SetSecurityDescriptorDacl

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteA

comctl32

ord17

wsock32

gethostbyname
WSAGetLastError
send
gethostname
ioctlsocket
closesocket
setsockopt
__WSAFDIsSet
select
connect
inet_ntoa
htons
WSAStartup
WSACleanup
recv
getsockname
socket

iphlpapi

SendARP

ppdata

ord38
ord45
ord52
ord39
ord5
ord8
ord9
ord26
ord17
ord18
ord6
ord2
ord47
ord40

wininet

InternetGetLastResponseInfoA
InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetSetOptionExA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA

shlwapi

PathFileExistsA

Sections

.text
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e394d8ed5182f8156dd989e2506cc1c3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

iphlpapi

ppdata

wininet

shlwapi

Sections

.text Size: 204KB - Virtual size: 200KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 28KB - Virtual size: 39KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 204KB - Virtual size: 200KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 28KB - Virtual size: 39KB

.rsrc
Size: 28KB - Virtual size: 26KB