8186a7d33e4dc8445ca1b6c757e42e35f42c1190b300397f73d5ed9a59133032

Sharing

Copy URL Twitter E-mail

General

Target

8186a7d33e4dc8445ca1b6c757e42e35f42c1190b300397f73d5ed9a59133032
Size

95KB
MD5

6df126e5cb24841edfa8d1a252f9f720
SHA1

c832e4b4817eb4b709584547afa71da6a598e298
SHA256

8186a7d33e4dc8445ca1b6c757e42e35f42c1190b300397f73d5ed9a59133032
SHA512

d61a9c4dbae57bcb4832406799d0e7b367221c7f8762b46aaa193d135ce243c2fd3d832dcefc74013d05158ee478e81e92a6230e81eb5fa510e692268d2a5790
SSDEEP

1536:3UJCXCClfXyE8CdUmUPPaICahCMVybF0CMeJseSnltx00e8JMQUsc:3UQJ5YACaICahCMVybF0feaecTe0e8J7

Score

N/A

Malware Config

Signatures

Files

8186a7d33e4dc8445ca1b6c757e42e35f42c1190b300397f73d5ed9a59133032
.exe windows x86

d7685ab131f5dac61e6a109b0d0fb9d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_XcptFilter
_exit
_cexit
wcsstr
_wcsnicmp
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_c_exit
_wcsicmp
wcschr

advapi32

RegQueryValueExW
RegOpenKeyW
RegSetValueExW
RegCreateKeyExW
RegCloseKey

kernel32

GetCurrentProcess
GetStartupInfoA
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
QueryPerformanceCounter
TerminateProcess
GetSystemTimeAsFileTime
lstrcpyW
SetCurrentDirectoryW
lstrlenW
GetFullPathNameW
HeapFree
HeapAlloc
GetProcessHeap
lstrcatW
GetWindowsDirectoryW
GetSystemDirectoryW
GetFileAttributesW
GetCommandLineW
GetSystemInfo
GetVersionExW
GetCurrentDirectoryW
lstrcmpW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExW
GetDateFormatW
CompareStringW
CompareFileTime
SystemTimeToFileTime
DeleteFileW
CloseHandle
CreateFileW
LocalFree
FormatMessageW
WriteFile
GetTimeFormatW
GetFileSize
SetEndOfFile
SetFilePointer
MulDiv
CreateThread
GetLastError
FlushFileBuffers
FindClose
FindNextFileW
GetShortPathNameW
FindFirstFileW
GetCurrentProcessId
GetTickCount
GetCurrentThreadId

gdi32

SetTextAlign
SelectObject
SetTextColor
SetBkColor
GetTextExtentPoint32W
ExtTextOutW

user32

SetFocus
SetForegroundWindow
CreateWindowExW
MoveWindow
GetClientRect
GetWindowRect
wsprintfW
GetDlgItem
EndDialog
DestroyWindow
SetWindowLongW
EndPaint
GetSysColor
GetParent
BeginPaint
GetWindowLongW
DefWindowProcW
RegisterClassW
LoadCursorW
LoadStringW
MessageBoxW
PostMessageW
ShowWindow
WinHelpW
ChildWindowFromPoint
ScreenToClient
DestroyIcon
DialogBoxParamW
LoadIconW
FindWindowW
CharUpperBuffW
CharLowerBuffW
IsDlgButtonChecked
GetDlgItemTextW
CheckRadioButton
InvalidateRect
SetDlgItemTextW
EnableWindow
SendMessageW
SetClassLongW
CheckDlgButton

shell32

SHGetFileInfoW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW

comctl32

PropertySheetW
CreateStatusWindowW
ord17

setupapi

SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoW
SetupDiSetSelectedDriverW
SetupOpenFileQueue
SetupDiCallClassInstaller
SetupFindNextLine
SetupGetLineTextW
SetupFindFirstLineW
SetupGetTargetPathW
SetupCloseInfFile
SetupOpenInfFileW
SetupDiDestroyDeviceInfoList
SetupDiDestroyDriverInfoList
SetupCloseFileQueue
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupScanFileQueueW

winspool.drv

EnumPrinterDriversW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

wintrust

WinVerifyTrust
CryptCATAdminEnumCatalogFromHash
IsCatalogFile
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminReleaseContext
CryptCATAdminAcquireContext
CryptCATAdminReleaseCatalogContext
CryptCATCatalogInfoFromContext

crypt32

CertFreeCertificateContext

sfc_os

SfcGetNextProtectedFile

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

arjpesv
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d7685ab131f5dac61e6a109b0d0fb9d6

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

shell32

comctl32

setupapi

winspool.drv

version

wintrust

crypt32

sfc_os

Sections

.text Size: 29KB - Virtual size: 28KB

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 65KB - Virtual size: 66KB

arjpesv Size: - Virtual size: 4KB

.text
Size: 29KB - Virtual size: 28KB

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 65KB - Virtual size: 66KB

arjpesv
Size: - Virtual size: 4KB