bd9acb61057b16f0123346f597ad709b90c432561fa650de7308564be16719f2

Sharing

Copy URL Twitter E-mail

General

Target

bd9acb61057b16f0123346f597ad709b90c432561fa650de7308564be16719f2
Size

324KB
MD5

3611ac47ae4283220a2a7616d35d7a40
SHA1

df9c83230016d13d1584577291fdb186a7e8a601
SHA256

bd9acb61057b16f0123346f597ad709b90c432561fa650de7308564be16719f2
SHA512

65d20e2b48c33c8952567a2314a3e2835649a974cd6023cf0f7d33f4dce22b50128a82c40c0aacbc97b0059fe7bb55137ee1f37eb85713a751de8dce3982359e
SSDEEP

6144:qistjABUolSO/EBnY9FciW4HIsQybIUSrHDu/kddmUU:mjyUolShMiUJKASB

Score

N/A

Malware Config

Signatures

Files

bd9acb61057b16f0123346f597ad709b90c432561fa650de7308564be16719f2
.exe windows x86

f3337a1f21ef22c113cd536c7ec976a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GlobalAddAtomW
GetComputerNameW
lstrcmpA
VirtualUnlock
IsBadReadPtr
GetSystemDefaultLangID
GlobalHandle
IsProcessorFeaturePresent
EndUpdateResourceA
GetLongPathNameW
SetFileApisToOEM
CreateFileMappingW
ExitThread
FlushConsoleInputBuffer
EnumResourceNamesW
InterlockedDecrement
SetLocalTime
GetCompressedFileSizeW
lstrcpyW
ReleaseMutex
EnumResourceLanguagesA
SetThreadLocale
_lread
SetProcessShutdownParameters
WideCharToMultiByte
EnumSystemLocalesA
EnumResourceNamesA
SetNamedPipeHandleState
AddAtomW
MoveFileW
Sleep
OpenMutexW
Beep
EnumSystemCodePagesA
AllocConsole
OutputDebugStringA
GetSystemTime
lstrcpyA
UnhandledExceptionFilter
GetConsoleOutputCP
GetAtomNameA
GetTempFileNameW
EnumResourceLanguagesW
GetModuleHandleW
GetEnvironmentVariableA
GetLastError
GlobalGetAtomNameW
HeapAlloc
SetVolumeLabelW
EraseTape
GetProcessVersion
GetLongPathNameA
GlobalFindAtomA
QueryDosDeviceW
GetModuleHandleA
CompareStringW
GetCompressedFileSizeA
CreateMailslotA
GetTapeStatus
CreateProcessW
GlobalAlloc
MoveFileA
FreeConsole
CreateProcessA
FindResourceExW
SetWaitableTimer
CreateSemaphoreW
GetCommProperties
LocalFileTimeToFileTime
GetFileAttributesExW
BackupSeek
IsDBCSLeadByteEx
GetProcAddress
WaitNamedPipeW
GetTempPathW
CreateEventA
GetWindowsDirectoryA
lstrlenW
SetFileTime
_lclose
SetConsoleScreenBufferSize
GetStringTypeW
GetCommModemStatus
GetPrivateProfileIntW
GetPrivateProfileStringW
TransactNamedPipe
LoadLibraryExW
PostQueuedCompletionStatus
AreFileApisANSI
GetEnvironmentVariableW
HeapFree
ReadConsoleOutputW
ReadFileScatter
SetConsoleWindowInfo
IsDebuggerPresent
GetStringTypeExW
WaitForSingleObjectEx
DeleteAtom
WaitCommEvent
SetFileAttributesA
_lcreat
CreateDirectoryExA
GetUserDefaultLCID
GetVolumeInformationW
GlobalFree
IsValidCodePage
IsValidLocale
GetDriveTypeW
FindResourceA
SetTapeParameters
ReadConsoleA
FreeLibrary
GetVersionExA
VirtualProtect
CreatePipe
ExitProcess

user32

CreateIcon
GetWindowPlacement
CharNextExA
wsprintfW
UnregisterClassA
TrackMouseEvent
ClipCursor
GetPropW
DrawEdge
UnregisterHotKey
WinHelpA
SystemParametersInfoA
GetDialogBaseUnits
CharPrevA
SetClassLongA
ActivateKeyboardLayout
OpenIcon
CreatePopupMenu
MessageBoxIndirectW

gdi32

GetStockObject
PaintRgn
SetBkColor
CreateFontIndirectA
CreatePolyPolygonRgn
GetBkColor
GdiComment
CombineRgn
GetObjectW
CreateFontIndirectW
GetCharacterPlacementW

comdlg32

ChooseFontA
GetFileTitleW
GetSaveFileNameA

advapi32

RegUnLoadKeyW
LookupAccountSidW
GetServiceDisplayNameA
RegCreateKeyExW
CryptAcquireContextW
AddAce
RegOpenKeyExA
CreateProcessAsUserW
ObjectCloseAuditAlarmA
RegLoadKeyW
RegSaveKeyA
RegQueryValueW
ReportEventA
RegEnumKeyW
GetUserNameW
RegConnectRegistryA
RegRestoreKeyW
GetFileSecurityA
CryptAcquireContextA
QueryServiceObjectSecurity
RegSetValueExA
RegDeleteKeyW
CreateServiceW
GetSecurityDescriptorGroup
CryptSetHashParam
RegQueryValueExW
OpenSCManagerA
OpenServiceA
DeleteService
IsValidSecurityDescriptor
GetLengthSid
SetNamedSecurityInfoA
DeleteAce
CryptDestroyHash
CryptImportKey
GetTokenInformation
RegDeleteKeyA

shell32

SHGetSettings
SHGetPathFromIDListA
ShellExecuteA

ole32

CLSIDFromString
BindMoniker
OleLoad
CreateFileMoniker
StringFromIID
OleCreateFromData
ReadFmtUserTypeStg
OleCreateLinkToFile
CoRevokeClassObject

oleaut32

SafeArrayUnaccessData
QueryPathOfRegTypeLi
SysAllocString
GetErrorInfo
SafeArrayGetLBound
VariantClear
SafeArrayGetElement
GetActiveObject
VariantChangeType

comctl32

ImageList_GetImageCount
ord17
ImageList_GetIcon
ImageList_SetImageCount

shlwapi

PathRemoveBackslashW

setupapi

SetupFindFirstLineA
SetupOpenLog
SetupDiGetDeviceInfoListDetailA
SetupIterateCabinetW

Sections

.text
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f3337a1f21ef22c113cd536c7ec976a6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 296KB - Virtual size: 294KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 15KB

.text
Size: 296KB - Virtual size: 294KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 15KB