0855d552e6cea68e5982002744920628bb5e4e8291b485b49ea7b08845236370

Sharing

Copy URL

Twitter E-mail

General

Target

0855d552e6cea68e5982002744920628bb5e4e8291b485b49ea7b08845236370
Size

261KB
MD5

64e4cd98353abc32787466a2cfe0f61d
SHA1

2c1bbef2faef72ee74abdb2a75a1a4c94a2d163f
SHA256

0855d552e6cea68e5982002744920628bb5e4e8291b485b49ea7b08845236370
SHA512

ae1e4a526ab71467ccd6c305e68b96929fb0f6af05516e12f3861a08ce8a0330aa97be42f4042698e9639c30621ae18d4bd583b5b3cbdf18b8d0abce51f21bcf
SSDEEP

6144:nzPDQ2dqvl8AAubZQa3aKShSrjScRtAEEFT9ppuIzDSmk+hDNi:nzDqvl8AAulxq3WVfARD93d9Q

Score

N/A

Malware Config

Signatures

Files

0855d552e6cea68e5982002744920628bb5e4e8291b485b49ea7b08845236370
.exe windows x86

a717b61808e6dd5cadca4157a01a1280

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlAppendUnicodeToString
RtlDosPathNameToNtPathName_U
RtlUnwind
RtlFreeUnicodeString
RtlFreeHeap

ole32

OleRegGetMiscStatus
CreateOleAdviseHolder
CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance
OleRegEnumVerbs
OleRegGetUserType

urlmon

CreateURLMoniker

gdi32

GetObjectW
CreateSolidBrush
SetBkColor
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
GetStockObject
CreateRectRgnIndirect
Rectangle
SetTextColor
SetBkMode
GetDeviceCaps
CreateFontIndirectW
SelectObject
GetTextMetricsW
GetTextExtentPointW
DeleteObject

user32

DestroyAcceleratorTable
GetKeyState
InvalidateRect
EnableWindow
IsWindow
BeginDeferWindowPos
GetSystemMetrics
GetWindowRect
DeferWindowPos
EndDeferWindowPos
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
UnionRect
PtInRect
EnumChildWindows
GetDlgItem
SendDlgItemMessageW
GetFocus
IsChild
SetWindowLongW
GetSysColor
DrawTextW
DestroyWindow
GetDC
GetDialogBaseUnits
ReleaseDC
GetWindowLongW
SendMessageW
SetDlgItemTextW
GetNextDlgTabItem
SetFocus
GetParent
CreateAcceleratorTableW
ScreenToClient
PostMessageW
IsDialogMessageW
GetWindow
DestroyIcon
DestroyMenu
TrackPopupMenu
ClientToScreen
GetMenuItemInfoW
GetMenuItemCount
DeleteMenu
CreatePopupMenu
GetMessagePos
LoadImageW
LoadStringW
GetClientRect
GetWindowTextW
GetWindowTextLengthW
GetActiveWindow
ShowWindow

kernel32

GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
VirtualQuery
GetSystemInfo
VirtualProtect
GetLocaleInfoA
HeapSize
IsBadWritePtr
VirtualAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetACP
GetOEMCP
LoadLibraryA
InterlockedExchange
IsBadReadPtr
SetFilePointer
SetStdHandle
GetLocaleInfoW
FlushFileBuffers
GetProcessHeap
GetWindowsDirectoryW
lstrcpynW
IsBadCodePtr
FindFirstFileW
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualFree
HeapCreate
HeapDestroy
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCPInfo
GetModuleHandleA
ExitProcess
LCMapStringW
LCMapStringA
RaiseException
HeapAlloc
HeapReAlloc
HeapFree
GetVersionExA
GetCommandLineA
WideCharToMultiByte
MultiByteToWideChar
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetDriveTypeW
TerminateProcess
GetExitCodeProcess
CreateFileW
WriteFile
DeleteFileW
GetModuleHandleW
GetModuleFileNameW
GetTempPathW
GetTempFileNameW
SetEnvironmentVariableW
CreateProcessW
GetLastError
GetBinaryTypeW
SearchPathW
LoadLibraryW
GetProcAddress
GetSystemWindowsDirectoryW
FreeLibrary
SetErrorMode
GetFileAttributesW
GetCurrentThreadId
ExpandEnvironmentStringsW
ResetEvent
CreateThread
FindNextFileW
FindClose
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
DisableThreadLibraryCalls
lstrcpyW
MulDiv
LockResource
LoadResource
FindResourceW
LeaveCriticalSection
EnterCriticalSection
lstrlenW
FlushInstructionCache
GetCurrentProcess
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
InterlockedCompareExchange

advapi32

CheckTokenMembership
AllocateAndInitializeSid
FreeSid

shell32

SHGetPathFromIDListW
SHGetDesktopFolder
SHBindToParent
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
SHGetFolderLocation

sfc

SfcIsFileProtected

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a717b61808e6dd5cadca4157a01a1280

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

ole32

urlmon

gdi32

user32

kernel32

advapi32

shell32

sfc

Sections

.text Size: 64KB - Virtual size: 61KB

.data Size: 197KB - Virtual size: 303KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 64KB - Virtual size: 61KB

.data
Size: 197KB - Virtual size: 303KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 11KB - Virtual size: 11KB