630d07b4ac989145ad123809ef4ba4271e82b8076e9143f75bd467c232bdfbb6

Sharing

Copy URL

Twitter E-mail

General

Target

630d07b4ac989145ad123809ef4ba4271e82b8076e9143f75bd467c232bdfbb6
Size

388KB
MD5

66d80e9a14fc25dcc2e0973053c41380
SHA1

bb0f2a226a47a042b9cac18d7a85b5133cb9094c
SHA256

630d07b4ac989145ad123809ef4ba4271e82b8076e9143f75bd467c232bdfbb6
SHA512

04e60b3b2576543a9a82cd9b501455e2199bf77f936992c9262aa527278193bda34d3915ab0e619049cbd7ad01c8acbc7a016870b2de275c6361fd976e3ad447
SSDEEP

3072:HQRCawi04RcJQPf+CtfOCQCJH1kaYZDAZ7CzeMQQ2GX4GsC6/vbgV3VqKPIktlAd:HwiwfYZ47Me0TxsCeveQKsN0pLXJVQt

Score

N/A

Malware Config

Signatures

Files

630d07b4ac989145ad123809ef4ba4271e82b8076e9143f75bd467c232bdfbb6
.exe windows x86

e5cc61230ea3d1b6d44e99258668e975

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
WriteFile
CreateFileA
SetFilePointer
CloseHandle
ReadFile
GetProcAddress
LoadLibraryA
IsDBCSLeadByte
FreeLibrary
lstrcmpA
GetVersionExA
lstrcpynW
GetCurrentProcessId
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
GetCurrentThreadId
OutputDebugStringA
lstrlenW
GetLastError
DebugBreak
FindResourceA
LoadResource
LockResource
lstrcmpiA
GetCurrentProcess
FlushInstructionCache
lstrcatA
GetModuleHandleA
GetStartupInfoA
WideCharToMultiByte
lstrcpynA
lstrcpyA
MultiByteToWideChar
lstrlenA
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement

gdi32

SetBkColor
CreateBitmap
ExtTextOutA
CreateDIBSection
BitBlt
SetBrushOrgEx
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPoint32A
MoveToEx
LineTo
SetBkMode
Rectangle
CreatePatternBrush
DeleteDC
PatBlt
CreatePen
GetStockObject
DeleteObject
SetTextColor
CreateFontIndirectA
GetObjectA
GetTextMetricsA
SelectObject

user32

InsertMenuA
DeleteMenu
GetMenuStringA
DialogBoxParamA
GetActiveWindow
EnableMenuItem
LoadImageA
LoadBitmapA
CharNextA
wvsprintfA
SendDlgItemMessageA
GetMessageA
PeekMessageA
MoveWindow
WindowFromPoint
GetMessagePos
GetKeyState
GetWindowThreadProcessId
IsWindowEnabled
DispatchMessageA
UnhookWindowsHookEx
LoadAcceleratorsA
TranslateMessage
PostQuitMessage
IsMenu
GetMenuItemCount
UpdateWindow
CharLowerA
FrameRect
CallNextHookEx
IsChild
InflateRect
DrawEdge
ModifyMenuA
TrackPopupMenuEx
GetClassNameA
CreateDialogParamA
EndPaint
BeginPaint
CopyRect
SetDlgItemInt
MessageBeep
GetSysColor
GetDlgItemInt
TranslateAcceleratorA
GetSubMenu
LoadMenuA
IsWindowVisible
GetMenu
RegisterWindowMessageA
DrawFocusRect
SetFocus
SetWindowLongA
SetMenuDefaultItem
GetMenuItemInfoA
SetMenuItemInfoA
LoadStringA
MessageBoxA
EnableWindow
GetDC
ReleaseDC
CreateWindowExA
FillRect
DestroyMenu
SetRectEmpty
GetSysColorBrush
GetWindowDC
LoadStringW
SetWindowsHookExA
GetFocus
SetWindowTextA
GetDlgItem
SendMessageA
EndDialog
GetParent
GetWindowLongA
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
GetDlgCtrlID
GetCursorPos
ScreenToClient
SetCursor
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
CallWindowProcA
InvalidateRect
GetWindowTextLengthA
GetWindowTextA
DrawFrameControl
ShowWindow
IsWindow
DestroyWindow
PostMessageA
GetSystemMetrics
DrawTextA
SetDlgItemTextA
DefWindowProcA
PtInRect
OffsetRect
TrackPopupMenu
SetMenu

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA

shlwapi

PathFindFileNameA
PathCombineA
PathFileExistsA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA

ole32

CoUninitialize
CoInitialize

oleaut32

SysStringLen
VariantChangeType
SysAllocStringLen
VariantCopy
VariantClear
SysFreeString
SysAllocString

comctl32

ImageList_LoadImageA
ord6
ImageList_AddMasked
ord8
ImageList_Create
ImageList_Destroy
ImageList_GetImageCount
InitCommonControlsEx
ImageList_Draw

msimg32

TransparentBlt

msvcrt

_except_handler3
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
atoi
_ismbcdigit
wcslen
sprintf
_mbsicmp
wcscmp
_purecall
realloc
memmove
free
??3@YAXPAX@Z
__CxxFrameHandler
_controlfp
??2@YAPAXI@Z
__set_app_type

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

mkussnp
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 144KB - Virtual size: 144KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e5cc61230ea3d1b6d44e99258668e975

Headers

File Characteristics

Imports

kernel32

gdi32

user32

comdlg32

shell32

shlwapi

advapi32

ole32

oleaut32

comctl32

msimg32

msvcrt

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 108KB - Virtual size: 104KB

mkussnp Size: 8KB - Virtual size: 4KB

Size: 144KB - Virtual size: 144KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 108KB - Virtual size: 104KB

mkussnp
Size: 8KB - Virtual size: 4KB