156d6ec3e09933426f7225653863314db96e0d533389092c382b2c404faefdef

Sharing

Copy URL

Twitter E-mail

General

Target

156d6ec3e09933426f7225653863314db96e0d533389092c382b2c404faefdef
Size

315KB
MD5

eb1ec888c33c08bb4d4041e8da9a5fc3
SHA1

ec30f36d163eb0108fc3784817826d0b532391d9
SHA256

156d6ec3e09933426f7225653863314db96e0d533389092c382b2c404faefdef
SHA512

cf3628fa671f5229c9d83575de2d968437607f6814b0df1f9518e8f4579578f99a44ddbe35a7875ada6212f89690e766d742cde0ac279a2164847ddc2e49e735
SSDEEP

6144:B2+X1buVJQz30sGZi8KrSqPkrYkZos2benC8KUv2cFfvvWWBJF3vc:B2C/Z2qPkPnPNVPZE

Score

N/A

Malware Config

Signatures

Files

156d6ec3e09933426f7225653863314db96e0d533389092c382b2c404faefdef
.exe windows x86

3b4db609eb70294f0efc8ef4b1b5a56f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
GlobalAlloc
lstrcpynA
CompareStringA
CompareStringW
lstrcpyA
GetModuleFileNameA
lstrcatA
GetCurrentThreadId
GetTempFileNameA
GetTempPathA
LocalFree
FormatMessageW
IsDBCSLeadByte
SetLastError
InterlockedIncrement
SetEvent
InterlockedDecrement
MulDiv
GlobalUnlock
GlobalLock
lstrcmpA
FreeLibrary
LoadLibraryExA
GetModuleHandleA
GlobalFree
GlobalHandle
WaitForSingleObject
CreateProcessA
CreateThread
GetCommandLineA
GetFileAttributesA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
FindResourceExA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateDirectoryA
DeleteFileA
FlushFileBuffers
RaiseException
SetEnvironmentVariableA
LCMapStringW
CloseHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
GetCPInfo
GetOEMCP
LoadLibraryA
SetUnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetStdHandle
GetStdHandle
SetHandleCount
SetEndOfFile
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
TerminateProcess
GetProcAddress
VirtualFree
HeapCreate
RtlUnwind
GetStartupInfoA
SetFilePointer
ReadFile
GetFileType
ExitProcess
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
lstrlenW
HeapSize
HeapReAlloc
HeapDestroy
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
lstrcmpiA
lstrlenA
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
LCMapStringA
GetLastError
InterlockedExchange

user32

CharUpperA
DestroyWindow
SetWindowLongA
GetWindowLongA
ShowWindow
UnregisterClassA
CharNextA
SendDlgItemMessageA
PostThreadMessageA
GetSysColor
DrawIconEx
LoadImageA
SetWindowRgn
MoveWindow
PostMessageA
DefWindowProcA
wsprintfA
ReleaseCapture
SetCapture
LoadStringW
DrawTextW
MapDialogRect
GetActiveWindow
MessageBoxA
WaitForInputIdle
GetMessageA
TranslateMessage
DispatchMessageA
CreateDialogIndirectParamA
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
RegisterClassExA
GetClassInfoExA
LoadCursorA
SetWindowContextHelpId
CreateWindowExA
CreateAcceleratorTableA
GetParent
GetClassNameA
SetWindowPos
RedrawWindow
GetDlgItem
IsWindow
SendMessageA
DestroyAcceleratorTable
GetFocus
IsChild
GetWindow
SetFocus
BeginPaint
EndPaint
CallWindowProcA
GetDesktopWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
GetClientRect
FillRect

gdi32

CreateFontW
SetBkMode
SetTextColor
CreateSolidBrush
GetStockObject
GetObjectA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
CreateRoundRectRgn

advapi32

RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoInitialize
CoUninitialize
StringFromGUID2
CoCreateInstance
OleLockRunning
CreateStreamOnHGlobal
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
OleUninitialize
OleInitialize

oleaut32

LoadRegTypeLi
SetErrorInfo
CreateErrorInfo
VariantInit
VariantClear
OleCreateFontIndirect
SysStringByteLen
VarUI4FromStr
GetErrorInfo
VarBstrCmp
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen

shlwapi

PathFindExtensionA

gdiplus

GdiplusShutdown

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15.7MB - Virtual size: 15.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b4db609eb70294f0efc8ef4b1b5a56f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

gdiplus

Sections

.text Size: 144KB - Virtual size: 140KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 15.7MB - Virtual size: 15.7MB

.text
Size: 144KB - Virtual size: 140KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 15.7MB - Virtual size: 15.7MB