614e0d72fdddc5baaf7ad3b9094e6d7937c740a1329f28414851dd11a7bf3691

Sharing

Copy URL Twitter E-mail

General

Target

614e0d72fdddc5baaf7ad3b9094e6d7937c740a1329f28414851dd11a7bf3691
Size

928KB
MD5

70f5fabf938ab530956771da75212f90
SHA1

cdd7374f87105523bf9df3ccb273993588f91af8
SHA256

614e0d72fdddc5baaf7ad3b9094e6d7937c740a1329f28414851dd11a7bf3691
SHA512

e8438fd90edf3ff1e0130878272955995035355d6596aa910e7181dbd3f1024fd30281db62131f7772cd6cf6bc85ac443d959a4adc2951eea040dbe9619ca279
SSDEEP

12288:0qAWWbSjHoBKhrhFtqz3tZ1X+WWce7ckCNNQGA7TMpvdgcSup0ZpaBHitAC:0CWm88/qz3tLpewkCbQGeTAoup06BHTC

Score

N/A

Malware Config

Signatures

Files

614e0d72fdddc5baaf7ad3b9094e6d7937c740a1329f28414851dd11a7bf3691
.exe windows x86

53546c693cbbaefcb9dcd351ecf57b36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
LoadResource
GlobalUnlock
CreateMutexW
CloseHandle
OpenMutexW
CreateFileW
WriteFile
FormatMessageW
ReadFile
MulDiv
WritePrivateProfileStringW
GetPrivateProfileIntW
GetTickCount
GetPrivateProfileStringW
GetCurrentDirectoryW
WaitForSingleObject
CompareStringW
CompareStringA
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
IsValidLocale
Sleep
GetUserDefaultLCID
HeapCreate
GlobalLock
IsValidCodePage
GetOEMCP
SetHandleCount
GetConsoleMode
GetConsoleCP
HeapSize
PeekNamedPipe
CreateDirectoryW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileType
SetStdHandle
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoA
GetCommandLineA
CreateThread
ExitThread
VirtualQuery
VirtualProtect
HeapReAlloc
GetModuleHandleA
MoveFileA
GetFileAttributesA
IsDebuggerPresent
SetUnhandledExceptionFilter
GlobalAlloc
InterlockedIncrement
FreeLibrary
LoadLibraryExW
FindResourceW
GetCurrentProcess
lstrlenW
InterlockedDecrement
RaiseException
lstrlenA
FlushInstructionCache
lstrcmpiW
SizeofResource
SetLastError
MultiByteToWideChar
HeapDestroy
lstrcmpW
SetCurrentDirectoryW
GetModuleFileNameW
GetModuleHandleW
EnterCriticalSection
DeleteFileW
GetCurrentThreadId
LeaveCriticalSection
DeleteCriticalSection
EnumSystemLocalesA
InitializeCriticalSection
UnhandledExceptionFilter
MoveFileW
FindNextFileW
FindClose
FindFirstFileW
CreateFileA
GetFileSize
GetFileInformationByHandle
GetModuleFileNameA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetTimeZoneInformation
GetEnvironmentStrings
ExitProcess
TlsSetValue
TlsFree
TlsAlloc
ReleaseMutex
TlsGetValue
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetStdHandle
TerminateProcess
WideCharToMultiByte
GetSystemInfo
FlushFileBuffers
SetEndOfFile
GetCurrentProcessId
SetFilePointer
ReleaseSemaphore

user32

ScreenToClient
InvalidateRect
GetCursorPos
PostQuitMessage
SendMessageW
DefWindowProcW
LoadIconW
SetLayeredWindowAttributes
UnregisterClassA
EndPaint
ReleaseDC
GetDC
BeginPaint
wsprintfW
GetParent
CharNextW
LoadCursorW
GetDlgItem
MessageBoxW
GetWindowTextW
PeekMessageW
GetSystemMetrics
UpdateWindow
AdjustWindowRectEx
DispatchMessageW
SetClassLongW
TranslateMessage
PostMessageW
OffsetRect
GetWindowRect
EnableWindow
DrawTextW
SetRect
CreateDialogParamW
ShowWindow
EndDialog
GetWindowLongW
SetCapture
UnregisterClassW
GetWindowTextLengthW
IsChild
SetWindowLongW
RegisterWindowMessageW
GetDesktopWindow
CreateWindowExW
GetSysColor
GetClientRect
SetWindowPos
GetClassNameW
CreateAcceleratorTableW
GetWindow
IsWindow
DestroyWindow
SetFocus
RegisterClassExW
DestroyAcceleratorTable
ReleaseCapture
CallWindowProcW
RedrawWindow
GetClassInfoExW
FillRect
GetFocus
ClientToScreen
SetWindowTextW
InvalidateRgn
MoveWindow

gdi32

CreateDIBSection
CreateFontW
SetBkMode
DeleteObject
GetStockObject
CreateCompatibleBitmap
SelectObject
BitBlt
CreateCompatibleDC
DeleteDC
CreateSolidBrush
GetObjectW
GetDeviceCaps
SetTextColor
SetBkColor
StretchBlt

advapi32

RegEnumKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW

shell32

ShellExecuteW

ole32

CLSIDFromString
OleLockRunning
CoTaskMemFree
OleInitialize
OleUninitialize
CoTaskMemAlloc
CLSIDFromProgID
CreateStreamOnHGlobal
CoTaskMemRealloc
CoGetClassObject
CoCreateInstance
StringFromGUID2

oleaut32

SysFreeString
VariantInit
VarUI4FromStr
SysAllocStringLen
OleCreateFontIndirect
SysStringLen
LoadTypeLi
DispCallFunc
VariantClear
SysAllocString
LoadRegTypeLi
SysStringByteLen

winmm

timeGetTime

wininet

InternetQueryDataAvailable
InternetReadFile
InternetConnectW
HttpSendRequestW
HttpOpenRequestW
InternetAttemptConnect
InternetCloseHandle
HttpQueryInfoW
InternetOpenW

msimg32

TransparentBlt

Sections

.text
Size: 572KB - Virtual size: 570KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

53546c693cbbaefcb9dcd351ecf57b36

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

winmm

wininet

msimg32

Sections

.text Size: 572KB - Virtual size: 570KB

.rdata Size: 116KB - Virtual size: 114KB

.data Size: 24KB - Virtual size: 45KB

.rsrc Size: 104KB - Virtual size: 102KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 572KB - Virtual size: 570KB

.rdata
Size: 116KB - Virtual size: 114KB

.data
Size: 24KB - Virtual size: 45KB

.rsrc
Size: 104KB - Virtual size: 102KB

.text
Size: 108KB - Virtual size: 108KB