51a8c297a6a7aa1ee071dfa1a86c42bdad29979498ff4f30d8c1a03f6df1fdac

Sharing

Copy URL Twitter E-mail

General

Target

51a8c297a6a7aa1ee071dfa1a86c42bdad29979498ff4f30d8c1a03f6df1fdac
Size

417KB
MD5

6c0cfc0ff790bdd17865aa95bf86eea0
SHA1

3b10f6ecdb4784f78bca93ace4ffae930cfe374d
SHA256

51a8c297a6a7aa1ee071dfa1a86c42bdad29979498ff4f30d8c1a03f6df1fdac
SHA512

3aea8d4d3843e5dda3910a6e5d6f9318bdf9a8d84c42ec22b82dd3e2a024010864a2897fe7e9b132e429f8060f593b5b258729222a85edd75ae2e90611195f7d
SSDEEP

6144:jybGSEaVcs50Jaz9oY2xY4H+/bLxKqY+oBl80T4QLYonv4rCGK:j6GSN04WC4H+/HxvYniNOGK

Score

N/A

Malware Config

Signatures

Files

51a8c297a6a7aa1ee071dfa1a86c42bdad29979498ff4f30d8c1a03f6df1fdac
.exe windows x86

437a0b9b1d428c6ef18fdcef6c2770b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileW
GetFileSize
FindFirstFileW
FindClose
SetEndOfFile
GetTickCount
OpenMutexW
LocalFree
CreateMutexW
GetFullPathNameW
WideCharToMultiByte
GetCPInfo
IsDBCSLeadByte
GetPrivateProfileIntW
GetPrivateProfileStringW
CreateFileMappingW
MapViewOfFileEx
OpenFileMappingW
UnmapViewOfFile
MapViewOfFile
InitializeCriticalSection
DeleteCriticalSection
CreateDirectoryW
GlobalFree
ProcessIdToSessionId
GetDriveTypeW
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
GetDriveTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
DeviceIoControl
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentDirectoryA
GetStdHandle
GetDateFormatA
GetTimeFormatA
IsValidCodePage
GetOEMCP
ExitProcess
GetTimeZoneInformation
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoW
FileTimeToLocalFileTime
GetThreadSelectorEntry
GetCurrentThread
WritePrivateProfileStringW
SetFilePointer
MultiByteToWideChar
GetCurrentProcessId
DeleteFileW
GetVersionExW
SetUnhandledExceptionFilter
GetModuleFileNameA
WriteFile
CreateFileA
CloseHandle
VirtualQueryEx
CreateFileW
VirtualQuery
ReadProcessMemory
ReadFile
GetSystemTimeAsFileTime
IsDebuggerPresent
SetLastError
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
GetCurrentThreadId
GlobalAlloc
GetLastError
lstrcmpW
GetProcAddress
GlobalUnlock
FlushInstructionCache
GlobalLock
lstrcmpiW
FreeLibrary
GetCurrentProcess
LockResource
LoadLibraryW
SizeofResource
GetModuleHandleW
FindResourceExW
LoadResource
FindResourceW
RaiseException
GetLocalTime
FileTimeToSystemTime
ReleaseMutex
UnhandledExceptionFilter
TerminateProcess
Sleep
InterlockedDecrement
InterlockedIncrement
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
WaitForSingleObject
GetStringTypeW
GetProcessHeap
HeapFree
InterlockedCompareExchange

user32

SendMessageW
EmptyClipboard
CloseClipboard
GetDlgCtrlID
GetWindowLongW
SetClipboardData
GetDlgItem
OpenClipboard
EndDialog
FillRect
ValidateRect
GetDC
ScreenToClient
MessageBoxW
DestroyIcon
KillTimer
CallWindowProcW
GetParent
GetWindowRect
ReleaseDC
GetSysColorBrush
GetPropW
LoadIconW
GetWindowTextLengthW
GetMonitorInfoW
MonitorFromPoint
GetCursorPos
UnregisterClassA
IsWindow
GetWindow
SetPropW
DialogBoxParamW
GetActiveWindow
ShowWindow
SetForegroundWindow
IsWindowVisible
SetWindowTextW
GetSysColor
SetWindowLongW
GetDesktopWindow
SetTimer
LoadImageW
SetCursor
SetDlgItemTextW
LoadCursorW
DefWindowProcW
GetWindowTextW
InvalidateRect

gdi32

Polygon
DeleteDC
CreateFontIndirectW
GetTextExtentPointW
MoveToEx
TextOutW
SetBkMode
SetTextColor
CreateCompatibleBitmap
CreateCompatibleDC
Rectangle
SelectObject
CreateSolidBrush
CreatePen
BitBlt
DeleteObject
LineTo

comdlg32

GetSaveFileNameW

advapi32

RegQueryValueExA
RegSetValueExW
ConvertSidToStringSidW
LookupAccountNameW
LookupAccountSidW
RegCreateKeyExW
GetSecurityInfo
GetTokenInformation
OpenProcessToken
RegOpenKeyExW
IsTextUnicode
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
BuildExplicitAccessWithNameW
RegQueryValueExW
RegOpenKeyExA
RegCloseKey

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW
SHGetFolderPathW

ole32

CoCreateGuid
CoInitialize
CoUninitialize
CoTaskMemFree

oleaut32

VarR8FromStr
VarDecFromStr
VarDecCmp
VarI4FromStr
VarDateFromStr

shlwapi

PathFileExistsW

comctl32

ord17

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

ws2_32

closesocket
socket
gethostbyname
WSAStartup
htons
WSACleanup
sendto

netapi32

NetWkstaTransportEnum
NetApiBufferFree
Netbios

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

437a0b9b1d428c6ef18fdcef6c2770b5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

wtsapi32

version

ws2_32

netapi32

Sections

.text Size: 260KB - Virtual size: 257KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 96KB - Virtual size: 96KB

.text
Size: 260KB - Virtual size: 257KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 96KB - Virtual size: 96KB