75f68b4b8682e0a226c894b1fa22526560d8f3a9d8656a114fdd9e0d51ab7792

Sharing

Copy URL Twitter E-mail

General

Target

75f68b4b8682e0a226c894b1fa22526560d8f3a9d8656a114fdd9e0d51ab7792
Size

1.3MB
MD5

601f1cbf8751c3d2f7a89328297dfa70
SHA1

4109cd1412252c4a6d09f940fd5f315aa6150cdf
SHA256

75f68b4b8682e0a226c894b1fa22526560d8f3a9d8656a114fdd9e0d51ab7792
SHA512

276a19a8d0517159833fc654752aea22d4dec62f8c278a17e43b849fdb4199fb2f44d7d1953dd9eabe45dfa4cec6cb224c35f6b486a7b4118912b3a70fdecf41
SSDEEP

24576:ygnPKqEIJrKKrI7uWVhjuxbeqTjInCObYTiqtWsRupoYld3jNMMwH:xnPKqE0p0uWV4xbljd9TiqtxRNChBMMU

Score

N/A

Malware Config

Signatures

Files

75f68b4b8682e0a226c894b1fa22526560d8f3a9d8656a114fdd9e0d51ab7792
.exe windows x86

470f34ab99b78cc082ec1cecba3c556b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

sensapi

IsNetworkAlive

kernel32

FindClose
Process32FirstW
LocalAlloc
GetSystemInfo
Process32NextW
GetModuleHandleA
FindNextFileW
CreateToolhelp32Snapshot
DeleteFileW
GetCurrentProcessId
LocalFree
ExpandEnvironmentStringsW
GetPrivateProfileStringW
GetPrivateProfileIntW
TerminateThread
CopyFileW
GetFullPathNameW
GetFullPathNameA
CreateFileA
SetFilePointer
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
QueryPerformanceCounter
InterlockedCompareExchange
UnlockFile
LockFile
GetTickCount
UnlockFileEx
GetSystemTimeAsFileTime
FormatMessageA
GetFileAttributesA
GetFileAttributesW
ReadFile
FlushFileBuffers
LockFileEx
GetDiskFreeSpaceW
LoadLibraryA
CreateFileMappingW
GetDiskFreeSpaceA
GetFileAttributesExW
GetTempPathA
GetSystemTime
AreFileApisANSI
DeleteFileA
GetLocalTime
GetCommandLineA
CreateMutexW
OpenMutexW
GlobalAlloc
DeviceIoControl
GetProcAddress
InterlockedExchange
RaiseException
HeapDestroy
HeapReAlloc
HeapSize
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
IsValidCodePage
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
VirtualAlloc
VirtualFree
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetStartupInfoW
SetLastError
VerifyVersionInfoW
GetTempPathW
GetEnvironmentVariableA
TerminateProcess
GetExitCodeProcess
GetVersionExW
FormatMessageW
Sleep
LoadLibraryW
OpenProcess
WriteFile
GetProcessHeap
HeapFree
GetCurrentProcess
InterlockedDecrement
VerSetConditionMask
InterlockedIncrement
HeapAlloc
CreateProcessW
FreeLibrary
FindFirstFileW
CreateFileW
GetFileSize
GetEnvironmentVariableW
DeleteCriticalSection
EnterCriticalSection
GetLastError
LeaveCriticalSection
InitializeCriticalSection
SetDllDirectoryW
SetUnhandledExceptionFilter
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
lstrlenW
GetModuleHandleW
SetEvent
WaitForMultipleObjects
CreateThread
CreateEventW
CloseHandle
WaitForSingleObject
GetCurrentThreadId
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GetLocaleInfoW
SetEnvironmentVariableA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
CompareStringW
CompareStringA
GetStringTypeW
LCMapStringW
LCMapStringA
GetCPInfo
RtlUnwind
ExitProcess
GetStdHandle
GetFileType
WriteConsoleW
UnhandledExceptionFilter
IsDebuggerPresent

user32

DispatchMessageW
TranslateMessage
TranslateAcceleratorW
LoadAcceleratorsW
KillTimer
SetTimer
PostThreadMessageW
GetMessageW
GetSystemMetrics
IsWindow
GetClassNameW
EnumWindows
PostMessageW
wsprintfW
GetCursorPos

advapi32

InitializeSecurityDescriptor
OpenProcessToken
CryptDecrypt
CryptDestroyKey
CryptAcquireContextA
CryptDeriveKey
AddAccessAllowedAce
InitializeAcl
GetNamedSecurityInfoW
SetNamedSecurityInfoW
RegSetKeySecurity
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptReleaseContext
CryptAcquireContextW
CryptGetHashParam
RegLoadKeyW
RegEnumKeyExW
RegEnumValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
AdjustTokenPrivileges
RegFlushKey
GetLengthSid
RegOpenKeyExW
LookupAccountSidW
LookupPrivilegeValueW
ConvertStringSidToSidW
RegQueryValueExW
RegCreateKeyExW
GetTokenInformation
SetSecurityDescriptorDacl

ole32

CoCreateInstance
CoUninitialize
CoInitialize

shell32

ShellExecuteExW
SHGetSpecialFolderPathW

oleaut32

VariantClear
SysAllocString
SysFreeString

shlwapi

PathFileExistsW
UrlUnescapeW
PathRemoveFileSpecW

crypt32

CryptProtectData

wininet

InternetOpenW
InternetReadFile
InternetCloseHandle
HttpOpenRequestW
HttpQueryInfoW
InternetSetOptionW
HttpSendRequestW
InternetConnectW

Sections

.text
Size: 772KB - Virtual size: 771KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 312KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

470f34ab99b78cc082ec1cecba3c556b

Headers

DLL Characteristics

File Characteristics

Imports

version

sensapi

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

crypt32

wininet

Sections

.text Size: 772KB - Virtual size: 771KB

.rdata Size: 199KB - Virtual size: 199KB

.data Size: 11KB - Virtual size: 21KB

.rsrc Size: 1024B - Virtual size: 896B

.reloc Size: 312KB - Virtual size: 472KB

.text
Size: 772KB - Virtual size: 771KB

.rdata
Size: 199KB - Virtual size: 199KB

.data
Size: 11KB - Virtual size: 21KB

.rsrc
Size: 1024B - Virtual size: 896B

.reloc
Size: 312KB - Virtual size: 472KB