2106045aa539326300e6db5654b55a56ad6f02fcd8d2a41d682cf0c61e037327

Sharing

Copy URL Twitter E-mail

General

Target

2106045aa539326300e6db5654b55a56ad6f02fcd8d2a41d682cf0c61e037327
Size

307KB
MD5

4f87e681dd48b08333ef71c8df40cb90
SHA1

899c4601d38c415d4f3ea1890d378cf77560e5e6
SHA256

2106045aa539326300e6db5654b55a56ad6f02fcd8d2a41d682cf0c61e037327
SHA512

6a7a2767ea9e38864e99e0fe8ca7835b53cb2e58a30c0831ec0397a66abda97cbe2f9f9602afca6bde60f31ad3f7b59ac9794bba2c8fc5e807ec7e5e9e0030da
SSDEEP

6144:AT6WsEtN7CAal/ppbVSFL7fzbaCvM4iP1/k8BL:ATr59al/LsFL7fTKL

Score

N/A

Malware Config

Signatures

Files

2106045aa539326300e6db5654b55a56ad6f02fcd8d2a41d682cf0c61e037327
.exe windows x86

74572b4ca093a8833e2681e3a8da96c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

msvcrt

_mbsrchr
_mbslen
__lconv_init
setlocale
_mbsinc
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_strnicmp
_stricmp
_except_handler3
strtoul
_ftol
strncpy
strchr
strrchr
??2@YAPAXI@Z
_mbschr
_c_exit
??3@YAXPAX@Z
_wcsicmp
isleadbyte
memmove
towlower
atoi
isspace
free
wcsncpy
strncmp

advapi32

RegOpenKeyA
LookupPrivilegeValueA
OpenProcessToken
LookupAccountSidA
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
RegCloseKey
RegQueryValueExA
RegEnumKeyA
RegQueryValueA
RegEnumKeyExA
RegSetValueExA
AdjustTokenPrivileges
RegOpenKeyExA

kernel32

ExitProcess
SetFilePointer
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetErrorMode
SetCurrentDirectoryA
GetModuleFileNameA
CloseHandle
CreateThread
LocalFree
FormatMessageA
LocalAlloc
GetCurrentProcess
GetProcAddress
GetModuleHandleA
GetLastError
CreateMutexA
GetVersionExA
GetVersion
LoadLibraryA
DeleteCriticalSection
WaitForSingleObject
lstrlenA
lstrcmpiA
LeaveCriticalSection
GetFileAttributesA
CreateFileA
GetCurrentDirectoryA
InitializeCriticalSection
lstrcpyA
HeapFree
HeapAlloc
SetLastError
GetDiskFreeSpaceA
CopyFileA
CreateDirectoryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetEnvironmentVariableA
lstrcpynA
DeleteFileA
SetFileAttributesA
lstrcatA
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
GetDriveTypeA
ExpandEnvironmentStringsA
FreeLibrary
LoadLibraryExA
DeviceIoControl
TerminateProcess
OpenProcess
FindClose
FindNextFileA
FindFirstFileA
CreateProcessA
lstrcmpA
SetEvent
CreateEventA
ResetEvent
WriteFile
SetCommState
GetCommState
SetCommTimeouts
ReadFile
ExitThread
WaitForMultipleObjects
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
GetProcessHeap
DebugBreak
IsDBCSLeadByte
UnmapViewOfFile
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
GetTempFileNameA
GetTempPathA
EnterCriticalSection

gdi32

GetDeviceCaps
CreateFontIndirectA
AddFontResourceA

user32

CharLowerA
GetClientRect
CopyRect
IsWindow
InvalidateRect
GetSysColor
SendDlgItemMessageA
SetFocus
LoadIconA
SetWindowLongA
RedrawWindow
LoadImageA
EnumChildWindows
GetWindowLongA
GetWindowRect
ScreenToClient
SetWindowPos
ShowWindow
SystemParametersInfoA
GetDC
ReleaseDC
wsprintfA
GetParent
PostMessageA
DialogBoxParamA
EnableWindow
EndDialog
GetDlgItem
SetTimer
FindWindowA
RegisterClassExA
LoadStringA
MessageBoxA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
SendMessageA
SetForegroundWindow
EnumThreadWindows
PostQuitMessage
DefWindowProcA
ExitWindowsEx

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetDesktopFolder
SHGetFileInfoA
SHBrowseForFolderA
SHGetSpecialFolderLocation

ole32

OleUninitialize
OleInitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CoUninitialize

comdlg32

GetOpenFileNameA

comctl32

PropertySheetA
InitCommonControlsEx
CreatePropertySheetPageA

setupapi

SetupGetLineCountA
SetupGetStringFieldA
SetupFindNextLine
SetupCloseInfFile
SetupOpenInfFileA
SetupOpenAppendInfFileA
SetupFindFirstLineA

log

LogBegin
SuppressAllLogPopups
LogDeleteOnNextInit
LogEnd
LogA
LogReInitA

shlwapi

ord16
StrChrIA
SHGetValueA
PathIsDirectoryA
StrDupA
PathCombineA
StrCmpNIA
PathIsRootA
PathAppendA

cabinet

ord10
ord11
ord14
ord13

migisma

IsmSetRollbackJournalType
IsmDoesRollbackDataExist
IsmPreserveJournal
IsmCanWriteRollbackJournal
IsmTerminate
IsmSetCancel
IsmSave
IsmRollback
IsmLoad
IsmRemoveAllUserSuppliedComponents
IsmSelectMasterGroup
IsmEnumFirstComponent
IsmEnumNextComponent
IsmExecute
IsmRegisterTransport
IsmSelectTransport
IsmSetTransportStorage
IsmSendMessageToApp
IsmAddControlFile
IsmAppendEnvironmentMultiSz
IsmSetEnvironmentValue
IsmRegisterProgressBarCallback
IsmIsComponentSelected
IsmSelectComponent
IsmAddComponentAlias
IsmStartEtmModules
IsmSetEnvironmentString
IsmGetRealPlatform
IsmGetTempFile
TrackedIsmCreateSimpleObjectPattern
TrackedIsmExpandEnvironmentString
IsmGetTempStorage
TrackedIsmGetMemory
TrackedIsmDuplicateString
IsmGetEnvironmentMultiSz
IsmSetEnvironmentMultiSz
IsmGetObjectTypeName
TrackedIsmGetNativeObjectName
IsmGetObjectTypeId
IsmAcquireObjectEx
TrackedIsmCreateObjectStringsFromHandleEx
TrackedIsmCreateObjectHandle
IsmAbortObjectEnum
IsmEnumNextObject
IsmGetControlFile
IsmEnumFirstSourceObjectEx
IsmIsSystemScopeSelected
IsmReleaseObject
IsmDestroyObjectString
IsmReleaseMemory
IsmDestroyObjectHandle
IsmReplacePhysicalObject
IsmSetEnvironmentFlag
IsmSetPlatform
IsmInitialize
IsmStartTransport
IsmGetActiveScopeName

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 221KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

74572b4ca093a8833e2681e3a8da96c6

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

shell32

ole32

comdlg32

comctl32

setupapi

log

shlwapi

cabinet

migisma

Sections

.text Size: 83KB - Virtual size: 83KB

.data Size: 2KB - Virtual size: 17KB

.rsrc Size: 221KB - Virtual size: 224KB

.text
Size: 83KB - Virtual size: 83KB

.data
Size: 2KB - Virtual size: 17KB

.rsrc
Size: 221KB - Virtual size: 224KB