1197ace96bc908bba3e0195620501663cf8c1334e7dd795b48d5b1bb72f04347

Sharing

Copy URL Twitter E-mail

General

Target

1197ace96bc908bba3e0195620501663cf8c1334e7dd795b48d5b1bb72f04347
Size

732KB
MD5

540e547ad6eeac93b116451b6ad42c91
SHA1

23c1dc16553b260207a9d7e68c8a6688be033e87
SHA256

1197ace96bc908bba3e0195620501663cf8c1334e7dd795b48d5b1bb72f04347
SHA512

d0b7ba726412ecc57181cb88836f1e95eb60ef75b53af43601dc7c8c00ada78dfe75a73e1ec5462cfa40dc14d835b00b9e32639466125879bb24e623393313d8
SSDEEP

12288:E9UcAqBJWDqjipFFnyOkQ+wxL3qLdu1/KH44fPv+c7YhO9p75g:Et/ffipznyb/kMss4IvAGy

Score

N/A

Malware Config

Signatures

Files

1197ace96bc908bba3e0195620501663cf8c1334e7dd795b48d5b1bb72f04347
.exe windows x86

59296af372eb396d3f54e435e90a1b5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleDuplicateData
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
StringFromCLSID
OleCreateFromData
CoTaskMemAlloc
CreateFileMoniker
OleDestroyMenuDescriptor
ReadFmtUserTypeStg
StgIsStorageFile
OleLoad
CreateOleAdviseHolder
CreateGenericComposite
CLSIDFromProgID
WriteFmtUserTypeStg
ReadClassStg
CoTreatAsClass
DoDragDrop
OleCreateMenuDescriptor
IsAccelerator
SetConvertStg
OleTranslateAccelerator
OleRegGetUserType
CoRevokeClassObject
OleUninitialize

shell32

ShellExecuteA
ExtractIconA
SHBrowseForFolderA
ord155

user32

GetDesktopWindow
TrackPopupMenu
GetKeyState
CallNextHookEx
CloseClipboard
LoadCursorW
BeginDeferWindowPos
RegisterClassW
IsClipboardFormatAvailable
GetCursorPos
SystemParametersInfoW
GetDC
ScreenToClient
EmptyClipboard
RegisterClassExW
ReleaseCapture
InvalidateRect
CreateWindowExW
DestroyIcon
OpenClipboard
SetWindowLongW
WaitMessage
OffsetRect
IsZoomed
TranslateMDISysAccel
LoadIconW
DestroyWindow
SetWindowRgn
SetFocus
wsprintfW
SetTimer
ValidateRect
MessageBoxW
GetMessageW
InflateRect
EnableWindow
ShowWindow
MsgWaitForMultipleObjects
GetWindowThreadProcessId
DefWindowProcW
SetForegroundWindow
EndDeferWindowPos
MoveWindow
GetFocus
IsWindowEnabled
IsIconic
GetSystemMenu
LoadStringW
IsWindow

comdlg32

GetSaveFileNameA
GetOpenFileNameA

comctl32

ImageList_GetIconSize
ord17
ImageList_Add
ImageList_GetImageCount
ImageList_Draw

gdi32

SetBkMode
StretchBlt
EndDoc
OffsetViewportOrgEx
GetStockObject
SetBrushOrgEx
LineTo
GetTextExtentPoint32W
CreateCompatibleDC
SetROP2
GetWindowExtEx
SetWindowOrgEx
GetDIBits
SaveDC
SetBkColor
CreateBrushIndirect
ExtTextOutW
GetDeviceCaps
RestoreDC
SetAbortProc
DeleteDC
Polygon
RoundRect
RectVisible
OffsetRgn
ExcludeClipRect
GetObjectW
CreateCompatibleBitmap
SetViewportExtEx
SetPolyFillMode
IntersectClipRect
RealizePalette
CreatePatternBrush
CreateFontIndirectW
SelectClipRgn
Arc
StretchDIBits
CreateSolidBrush
ScaleViewportExtEx
CreateFontW
GetTextColor
CreateRectRgn
CreatePen
CombineRgn
GetPixel
SetTextColor
GetTextMetricsW
SetWindowExtEx
Escape
SetViewportOrgEx
GetClipBox
GetTextMetricsA
StartPage
TextOutW
EndPage
PatBlt
CreateDCW
SetMapMode
MoveToEx
ExtSelectClipRgn
ScaleWindowExtEx
Polyline
CreateDIBSection
CreateBitmap
Rectangle
DeleteObject
CreatePolygonRgn
BitBlt
SelectObject

advapi32

RegEnumKeyA
RegQueryValueExA
OpenServiceA
RegQueryValueA
RegOpenKeyExA
ControlService
RegSetValueExA
RegCreateKeyA
RegCloseKey

kernel32

lstrcmpiA
GetSystemInfo
GetProcAddress
GetStartupInfoW
LocalAlloc
FindResourceW
InterlockedExchange
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
RtlUnwind
GetCurrentProcessId
LeaveCriticalSection
HeapReAlloc
SystemTimeToFileTime
TlsFree
lstrlenA
GetVersionExA
DeleteFileW
RaiseException
FindClose
SetUnhandledExceptionFilter
GetTempFileNameA
InterlockedDecrement
GetDriveTypeA
InterlockedCompareExchange
TlsGetValue
WaitForSingleObject
lstrcmpW
GetVersion
FreeEnvironmentStringsW
ReleaseSemaphore
FindFirstFileW
GetModuleHandleA
GetTimeZoneInformation
GetCommandLineA
GetTimeFormatA
VirtualProtect
lstrcmpiW
GetLocalTime
CreateFileW
SetFilePointer
GetCurrentProcess
HeapAlloc
GetCPInfo
GetFileAttributesW
TlsAlloc
HeapSize
GlobalLock
OpenProcess
HeapDestroy
LocalFree
GetACP
UnhandledExceptionFilter
GetStringTypeW
SetStdHandle
GetCommandLineW
LockResource
InitializeCriticalSection
WriteConsoleA
GetEnvironmentStringsW
GetModuleHandleW
Sleep
WideCharToMultiByte
ResumeThread
GlobalDeleteAtom
ExitProcess
LCMapStringA
GetFileType
CompareStringW
GetFileTime
lstrcpynW
CompareStringA
GlobalFree
DeleteCriticalSection
VirtualQuery
GetModuleFileNameW
TlsSetValue
SetFileAttributesW
GetCurrentThreadId
GetStdHandle
GetModuleFileNameA
InterlockedIncrement
IsDebuggerPresent
LoadLibraryA
HeapCreate
LCMapStringW
TerminateProcess
UnmapViewOfFile
VirtualAlloc
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
LoadLibraryW
CreateMutexW
MapViewOfFile
SetErrorMode
GlobalSize
ReadFile
IsBadCodePtr
QueryPerformanceCounter
GetTickCount
GetOEMCP
SetLastError
DuplicateHandle
CreateThread
LoadResource
SetEnvironmentVariableA
EnterCriticalSection
GetLocaleInfoW
GetDateFormatA
SetEndOfFile
WriteFile
GetSystemTimeAsFileTime
VirtualFree
GlobalHandle
GetEnvironmentStrings
GetLastError
GetFileSize
GetLocaleInfoA
GetUserDefaultLCID
CloseHandle
IsValidLocale
HeapFree
MulDiv

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 468KB - Virtual size: 467KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59296af372eb396d3f54e435e90a1b5a

Headers

File Characteristics

Imports

ole32

shell32

user32

comdlg32

comctl32

gdi32

advapi32

kernel32

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 468KB - Virtual size: 467KB

.data Size: 116KB - Virtual size: 112KB

.rsrc Size: 52KB - Virtual size: 48KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 468KB - Virtual size: 467KB

.data
Size: 116KB - Virtual size: 112KB

.rsrc
Size: 52KB - Virtual size: 48KB