723ab2d5cf8964b137dde9c54e139ad54e39e89e163e006ea8f2a924ca16da8c

Sharing

Copy URL Twitter E-mail

General

Target

723ab2d5cf8964b137dde9c54e139ad54e39e89e163e006ea8f2a924ca16da8c
Size

520KB
MD5

10378ce45e14d4a34bcf3e12aa53041c
SHA1

bfd37778225a2decd4c4019916d1165414241811
SHA256

723ab2d5cf8964b137dde9c54e139ad54e39e89e163e006ea8f2a924ca16da8c
SHA512

a1dfa3c449851a01cc8e5fee8dc64954740d056cf5bd71aec9dafb33d5c3f4d437e8e05eb0a7d37c41266133dcc95f6dd4ce0dd111ca9c988f90c9dc075c2e75
SSDEEP

6144:RJwosaXZOH7Rt+k5Xa1747m/Pc1YZ7InO4CLs8LKeCzdAOgoe18amFsSNR6:PwJaSD+F4BCg8ueCzdfe18Jsyk

Score

N/A

Malware Config

Signatures

Files

723ab2d5cf8964b137dde9c54e139ad54e39e89e163e006ea8f2a924ca16da8c
.exe windows x86

cfab5c1019ae7e0aec9c2279b9ee694d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetFileAttributesW
CreateProcessW
LockResource
GetModuleFileNameW
SizeofResource
GetPrivateProfileStringW
LoadResource
FindResourceW
FreeResource
InterlockedExchange
InterlockedIncrement
CloseHandle
GetShortPathNameW
GetLastError
MultiByteToWideChar
CreateFileW
WriteFile
GetCurrentDirectoryW
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetTickCount
ReadFile
GetFileSize
InterlockedDecrement
MulDiv
GetACP
WideCharToMultiByte
SetFilePointer
GetFileType
DuplicateHandle
GetCurrentProcess
SystemTimeToFileTime
DosDateTimeToFileTime
CreateDirectoryW
SetFileTime
GetLocalTime
HeapFree
HeapAlloc
HeapReAlloc
GetStartupInfoW
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
Sleep
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetModuleHandleA
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers

user32

CallWindowProcW
GetPropW
SetPropW
PostMessageW
RegisterClassW
LoadCursorW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
GetKeyState
GetDC
InvalidateRect
SetTimer
KillTimer
SetCapture
ReleaseCapture
PtInRect
ReleaseDC
DestroyWindow
GetFocus
MapWindowPoints
IsRectEmpty
EndPaint
GetUpdateRect
CharNextW
FillRect
InvalidateRgn
MoveWindow
IntersectRect
CreateAcceleratorTableW
OffsetRect
SetCursor
wvsprintfW
DrawTextW
CharPrevW
SetRect
CreateCaret
HideCaret
ShowCaret
SetCaretPos
ClientToScreen
GetSysColor
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
SetWindowLongW
GetWindowLongW
PostQuitMessage
MessageBoxW
GetDesktopWindow
EnableWindow
GetMessageW
SetFocus
TranslateMessage
DispatchMessageW
ShowWindow
IsWindow
DefWindowProcW
BeginPaint
GetParent
MonitorFromWindow
SetWindowPos
GetMonitorInfoW
GetWindow
RegisterWindowMessageW
GetSubMenu
SetForegroundWindow
LoadIconW
TrackPopupMenuEx
LoadMenuW
GetCursorPos
SendMessageW
DestroyMenu
SetWindowRgn
ScreenToClient
GetWindowRect
IsIconic
GetClientRect

gdi32

Rectangle
RestoreDC
BitBlt
SetWindowOrgEx
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
DeleteDC
CreatePen
GetStockObject
GetObjectW
CreateFontIndirectW
SelectObject
SaveDC
GetObjectA
GetCharABCWidthsW
GetTextExtentPoint32W
TextOutW
SetBkMode
SetTextColor
RoundRect
CreatePenIndirect
MoveToEx
LineTo
GetTextMetricsW
SetBkColor
ExtTextOutW
SetStretchBltMode
CreateDIBSection
StretchBlt
CombineRgn
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SelectClipRgn
CreateRoundRectRgn
DeleteObject
CreateSolidBrush

shell32

ord165
Shell_NotifyIconW
SHGetFileInfoW
SHGetPathFromIDListW
ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
OleLockRunning

wininet

InternetOpenUrlW
InternetReadFile
InternetCloseHandle
InternetOpenW

oleaut32

SysAllocString
VariantInit
VariantClear
SysFreeString

comctl32

_TrackMouseEvent
ord17

gdiplus

GdipDeleteStringFormat
GdipCloneBrush
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawString
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdiplusShutdown
GdipDeleteBrush
GdipFree
GdipAlloc
GdipCreateStringFormat
GdipDeleteGraphics
GdipDeleteFont
GdiplusStartup
GdipCreateLineBrushI
GdipSetStringFormatAlign

Sections

.text
Size: 297KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cfab5c1019ae7e0aec9c2279b9ee694d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

wininet

oleaut32

comctl32

gdiplus

Sections

.text Size: 297KB - Virtual size: 296KB

.rdata Size: 74KB - Virtual size: 74KB

.data Size: 9KB - Virtual size: 17KB

.rsrc Size: 115KB - Virtual size: 114KB

.reloc Size: 23KB - Virtual size: 24KB

.text
Size: 297KB - Virtual size: 296KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 9KB - Virtual size: 17KB

.rsrc
Size: 115KB - Virtual size: 114KB

.reloc
Size: 23KB - Virtual size: 24KB