a17fe7947760d307a8d4340aeaa4bc8a8ed980671d8bf2256f029c59029fd111

Sharing

Copy URL Twitter E-mail

General

Target

a17fe7947760d307a8d4340aeaa4bc8a8ed980671d8bf2256f029c59029fd111
Size

218KB
MD5

6e6099109d8287fa364872cdc05ed4e0
SHA1

62da9cab5042ea146e47c89fa2b6f336ef2715e1
SHA256

a17fe7947760d307a8d4340aeaa4bc8a8ed980671d8bf2256f029c59029fd111
SHA512

64079fee5989e9f94d654e0645cdca7923775573cc92ba3b6149fd94b16e567102c4ec49f7412338d6ae4b9f74b0938def4572dafc4932bf0b54bb200ef80a6f
SSDEEP

3072:6gvEuG77HDT0V/HC21O0UuvpXjm9uZIRfrb4Je12all5/DyZx:XE/jTJz0Uuvg9uZIRTb4G2all5ba

Score

N/A

Malware Config

Signatures

Files

a17fe7947760d307a8d4340aeaa4bc8a8ed980671d8bf2256f029c59029fd111
.exe windows x86

c6e38c52394eaf5add91eabf8b425875

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClipboardData
SendMessageA
ScreenToClient
GetCursorPos
SetFocus
CheckRadioButton
IsWindowEnabled
CloseClipboard
IsZoomed
KillTimer
SetWindowLongA
SetWindowPos
GetWindowRect
SetClipboardData
GetAsyncKeyState
wvsprintfA
CallWindowProcA
MessageBeep
wsprintfA
MessageBoxA
CharUpperA
OpenClipboard
EnumClipboardFormats
DestroyMenu
GetKeyboardState
ChildWindowFromPoint
SetWindowsHookA
LockWorkStation
DispatchMessageW
SetSysColors
GetLastInputInfo
ArrangeIconicWindows
CascadeWindows
DefMDIChildProcA
DdeSetQualityOfService
ShowWindow
SetMenuItemInfoA
AppendMenuA
CreatePopupMenu
SetWindowTextA
DestroyIcon
LoadIconA
InvalidateRect
CharLowerA
LoadBitmapA
SetDlgItemTextA
GetDlgItemTextA
GetSysColorBrush
DestroyCursor
SetClassLongA
LoadCursorA
GetParent
EnableWindow
GetWindowTextA
EnableMenuItem
IsIconic
MoveWindow
GetWindowDC
TrackPopupMenu
CheckMenuRadioItem
SetTimer
GetActiveWindow
GetClassInfoA
DialogBoxParamA
FindWindowA
SetForegroundWindow
CheckDlgButton
GetDlgItem
EndDialog
IsDlgButtonChecked
SendDlgItemMessageA
EmptyClipboard

comdlg32

CommDlgExtendedError
ChooseFontA
ChooseColorA

shell32

ShellExecuteA
ExtractIconW
ShellExecuteExA
ShellAboutW
DuplicateIcon
ShellExecuteExW
ShellAboutA

ole32

CoUninitialize
CoDisconnectObject
StringFromCLSID
CoTaskMemAlloc
OleSetMenuDescriptor
OleDraw
IsAccelerator
OleRegEnumVerbs
CreateStreamOnHGlobal
OleUninitialize
CLSIDFromProgID
OleInitialize
CoLockObjectExternal
CoGetClassObject
OleSetContainedObject
ProgIDFromCLSID
CoCreateInstance
RevokeDragDrop
CoGetInterfaceAndReleaseStream
CoTaskMemFree
RegisterDragDrop
ReleaseStgMedium
CoInitialize

advapi32

CopySid
QueryServiceLockStatusA
RegOpenKeyExA
ConvertToAutoInheritPrivateObjectSecurity
OpenBackupEventLogA
EnumServicesStatusA
GetCurrentHwProfileW

shlwapi

PathRemoveFileSpecW

kernel32

HeapReAlloc
HeapAlloc
LCMapStringW
RtlUnwind
GetTickCount
QueryPerformanceCounter
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
MultiByteToWideChar
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetLocaleInfoW
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
HeapFree
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
EncodePointer
DecodePointer
LeaveCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
GetConsoleCP
InterlockedIncrement
InterlockedDecrement
MoveFileA
GetLastError
GetDriveTypeA
VerLanguageNameW
SetTapeParameters
GetDefaultCommConfigA
ReadFileScatter
OutputDebugStringW
lstrcpynA
lstrcatA
lstrlenA
CreateProcessA
GetModuleHandleW
LoadLibraryW
WideCharToMultiByte
lstrlenW
GetVersion
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentProcess
TerminateProcess
VirtualProtectEx
WriteFile
FindClose
FindNextFileA
LoadLibraryA
SetFilePointer
SetThreadPriority
VirtualFree
IsBadReadPtr
lstrcmpiA
ExitProcess
SetFileAttributesA
OutputDebugStringA
lstrcpyA
GetFileAttributesA
ResumeThread
GetCurrentThread
DeleteFileA
GetTempPathA
SetPriorityClass
VirtualQueryEx
lstrcmpA
GetPrivateProfileStructA
WritePrivateProfileStructA
GetConsoleMode
FlushFileBuffers
HeapSize
WriteConsoleW
SetStdHandle
CreateFileW
GetSystemTimeAsFileTime
WriteProcessMemory
GetCurrentDirectoryA
UnmapViewOfFile
CloseHandle
GetCommandLineA
VirtualAlloc
FindFirstFileA
GetPriorityClass
ReadFile
Sleep
GetCurrentProcessId
GetProcAddress
CreateFileA
GetModuleHandleA
ReadProcessMemory
OpenProcess
GetFileSize
SetCurrentDirectoryA
GetModuleFileNameA
VirtualLock
VirtualUnlock
GetPrivateProfileStringA
WritePrivateProfileStringA
SetEndOfFile
CreateFileMappingA
MapViewOfFile
CopyFileA
WaitForSingleObject
CreatePipe
GetStartupInfoA
MulDiv

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 242.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c6e38c52394eaf5add91eabf8b425875

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

shell32

ole32

advapi32

shlwapi

kernel32

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 242.0MB

.code Size: 23KB - Virtual size: 23KB

.rsrc Size: 118KB - Virtual size: 146KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 242.0MB

.code
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 118KB - Virtual size: 146KB