81bba800ef593755e9e2974ea877a098b93de91648cd82f246673f7331c8c494

Sharing

Copy URL Twitter E-mail

General

Target

81bba800ef593755e9e2974ea877a098b93de91648cd82f246673f7331c8c494
Size

708KB
MD5

6f41a8dd610c9783abfb4bc20f257ced
SHA1

d67624e4cdce951db6bc02270a6df1a13b592c9f
SHA256

81bba800ef593755e9e2974ea877a098b93de91648cd82f246673f7331c8c494
SHA512

3e3d3ec7242fb23fab07fd15c432d011dc904ccdca9868a168859425041f3200abaf2c7e1f6ce94bdec6ed33d11500217904c6226a63cc355953c89e95f6f5e8
SSDEEP

12288:2Aez958Jonniq2fjVwo2SbGT9KuiK9EwjlREQh3svk9g26JDol:pJonV2hwT0GToqpeQNs8d6JM

Score

N/A

Malware Config

Signatures

Files

81bba800ef593755e9e2974ea877a098b93de91648cd82f246673f7331c8c494
.exe windows x86

0e595703695be66b2d61200af0cf4178

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiOutOpen
waveOutOpen
midiOutClose
waveOutGetDevCapsA
mciSendStringA

oleaut32

LoadTypeLi

shell32

SHGetFileInfoA
DragFinish
SHFileOperationA
SHGetMalloc

gdi32

SetMapMode
GetPolyFillMode
CreateRectRgn
StretchBlt
TextOutA
PaintRgn
Polyline
Polygon
CreatePen
PtVisible
CloseEnhMetaFile
SetPixelV
GetCurrentObject
SetWindowOrgEx
GetRgnBox
CreateEnhMetaFileA
SetTextColor
GetObjectA
Escape
PtInRegion
FillRgn
GetWindowOrgEx
CombineRgn
SelectClipRgn
CreateCompatibleBitmap
SetBitmapBits
CreateHatchBrush
GetPixel
GetStretchBltMode
GetFontData
CreatePatternBrush
CreateRoundRectRgn
SelectObject
LPtoDP
GetClipBox
ExtFloodFill

user32

LoadBitmapW
LoadMenuW
GetDlgItem
LoadCursorW
InflateRect
LoadImageW
CopyRect
EnableMenuItem
GetClientRect
GetLastActivePopup
EnableWindow
FrameRect
CreateDialogParamW
GetMenu
CheckMenuItem
DefWindowProcW
GetFocus
ShowWindow
WaitMessage
ClientToScreen
PtInRect
SetWindowLongW
DestroyWindow
SetCapture
UpdateWindow
InvalidateRect
RegisterClassW
CharNextW
GetSysColor
DestroyIcon
RegisterClassExW
UnregisterClassA
MessageBoxW
ScreenToClient
CreateWindowExW
IsWindowEnabled
LoadStringW
PostMessageW
GetCapture

advapi32

RegOpenKeyA
GetTokenInformation
RegDeleteKeyA
SetSecurityDescriptorDacl
RegSetValueExA
RegCreateKeyExA
RegCloseKey

kernel32

GetModuleFileNameW
CreateFileW
SetStdHandle
LocalReAlloc
GetTimeZoneInformation
SetEnvironmentVariableA
GetLocalTime
DeleteCriticalSection
FreeLibrary
GlobalUnlock
EnterCriticalSection
DeleteFileW
QueryPerformanceCounter
SetFilePointer
TerminateThread
GetCommandLineA
CreateMutexW
VirtualAlloc
GetCurrentThread
ExitProcess
lstrcmpW
GetSystemDirectoryW
HeapFree
MultiByteToWideChar
SetUnhandledExceptionFilter
WriteFile
HeapCreate
Sleep
LCMapStringW
GlobalFlags
GetCommandLineW
CloseHandle
VirtualQuery
GlobalDeleteAtom
GetEnvironmentStringsW
FindClose
FlushFileBuffers
MoveFileW
GetCPInfo
FindFirstFileW
FindResourceW
GetTimeFormatA
GetStartupInfoA
UnmapViewOfFile
SetFileTime
TlsSetValue
LCMapStringA
CompareStringA
GetStringTypeA
LoadLibraryA
GetVersion
HeapSize
GetVersionExW
GetFileTime
CompareStringW
GetProcessHeap
HeapDestroy
GetACP
GetCurrentProcess
FileTimeToSystemTime
InterlockedExchange
WriteConsoleA
InterlockedIncrement
IsBadCodePtr
GetLastError
FindNextFileW
TerminateProcess
GetProcAddress
RaiseException
VirtualFree
UnhandledExceptionFilter
TlsAlloc
LoadLibraryW
GlobalLock
ReadFile
GetCurrentThreadId
FreeEnvironmentStringsW
WritePrivateProfileStringW
GlobalAlloc
GetStartupInfoW
WideCharToMultiByte
RtlUnwind
GetCurrentProcessId
GetModuleHandleW
GetCurrentDirectoryA
GetSystemTimeAsFileTime
GetTempFileNameW
GetTickCount
GetFileAttributesW
GetCurrentDirectoryW
CopyFileW
HeapReAlloc
lstrlenA
GetStdHandle
HeapAlloc
GetDateFormatA
GetFileType
ResumeThread
SetLastError
CreateFileMappingW
FreeEnvironmentStringsA
SetHandleCount
FormatMessageW
IsBadWritePtr
GetVersionExA
LoadResource
InitializeCriticalSection
TlsFree
lstrcpyW
DuplicateHandle
GetStringTypeW
GetModuleFileNameA
GetModuleHandleA
LeaveCriticalSection
GetSystemInfo
SystemTimeToFileTime
TlsGetValue
GetOEMCP
GetLocaleInfoA
GetEnvironmentStrings
VirtualProtect

wininet

InternetGetConnectedState
InternetReadFile
InternetOpenA
InternetConnectA
InternetWriteFile
HttpOpenRequestA
HttpEndRequestA
HttpQueryInfoA
InternetGetCookieA
InternetErrorDlg
InternetSetOptionA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetSetCookieA
HttpAddRequestHeadersA
InternetAttemptConnect
HttpSendRequestExA
InternetCanonicalizeUrlA
InternetCrackUrlA

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 476KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e595703695be66b2d61200af0cf4178

Headers

File Characteristics

Imports

winmm

oleaut32

shell32

gdi32

user32

advapi32

kernel32

wininet

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 476KB - Virtual size: 472KB

.data Size: 112KB - Virtual size: 110KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 476KB - Virtual size: 472KB

.data
Size: 112KB - Virtual size: 110KB

.rsrc
Size: 24KB - Virtual size: 20KB