4c060e466856efcfea00bb2f6622bda106d507a3ef6f46acf316e768495dca31

Sharing

Copy URL

Twitter E-mail

General

Target

4c060e466856efcfea00bb2f6622bda106d507a3ef6f46acf316e768495dca31
Size

726KB
MD5

09e04ba6dc77759a79d598e9c1371ae0
SHA1

e09853c12ab05c80249f8dad14e81f529973f665
SHA256

4c060e466856efcfea00bb2f6622bda106d507a3ef6f46acf316e768495dca31
SHA512

1ef941ea28284bf7649d3858bfd9fa92ed3436e74875fd09b870919168b41eff57df98467420e204be3860c37f5a3fa3be463bed51481d0546cea757d9fb1830
SSDEEP

12288:GSrE/5xiX9LPnP5xeplW8c+foWxbGkkO0+3B/0Xx3UT9MUki8PEKyY1HaaRKw:h4/EbkkO1/LMUypyY1rRKw

Score

N/A

Malware Config

Signatures

Files

4c060e466856efcfea00bb2f6622bda106d507a3ef6f46acf316e768495dca31
.exe windows x86

ffa0667aa1a6674f27a80ec2da98e675

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
lstrlenA
GetLastError
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrlenW
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
SetThreadAffinityMask
FileTimeToSystemTime
SetEvent
WaitForMultipleObjectsEx
ResetEvent
CreateEventW
SetFilePointer
SetEndOfFile
FreeLibrary
SystemTimeToTzSpecificLocalTime
GetCurrentProcess
CreateDirectoryW
WriteFile
LoadLibraryW
CopyFileW
FlushFileBuffers
GetProcAddress
MoveFileW
GetFileAttributesExW
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
FormatMessageA
GetCommandLineA
GetSystemDirectoryW
GetVolumeInformationA
GetSystemDirectoryA
GetModuleFileNameA
OutputDebugStringA
LocalFree
RaiseException
GetExitCodeThread
GetLocalTime
FindNextFileW
WideCharToMultiByte
CancelIo
GetUserDefaultLCID
VirtualFree
VirtualAlloc
GetOEMCP
GlobalAlloc
GlobalFree
DeviceIoControl
GetPrivateProfileStringW
FlushViewOfFile
GetOverlappedResult
lstrcmpA
LocalAlloc
FileTimeToLocalFileTime
lstrcpyW
CreateMutexW
OpenMutexW
GetVersionExW
GetTempPathW
GetPrivateProfileIntW
SetCurrentDirectoryW
GetCurrentThread
GetSystemTimeAsFileTime
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
HeapSize
HeapReAlloc
HeapDestroy
InterlockedExchange
IsDebuggerPresent
ExitThread
Process32NextW
Process32FirstW
UnhandledExceptionFilter
FindClose
CreateFileW
ReadFile
TerminateProcess
MulDiv
GetFileAttributesW
OpenProcess
CreateThread
GetTimeFormatA
GetDateFormatA
GetStartupInfoW
RtlUnwind
GetModuleHandleA
ExitProcess
ReadFileEx
DeleteFileW
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetTickCount
FindFirstFileW
GetFileSize
ResumeThread
SuspendThread
GetCurrentProcessId
CloseHandle
GetCurrentThreadId
CreateToolhelp32Snapshot
LockResource
CreateFileMappingW
OpenThread
GetModuleFileNameW
Thread32Next
IsBadWritePtr
SizeofResource
Thread32First
GetProcessHeap
WaitForSingleObject
HeapFree
SetUnhandledExceptionFilter
HeapAlloc
CreateProcessW
LoadResource
FindResourceW
FindResourceExW
VirtualQuery
UnmapViewOfFile
MapViewOfFile
GetCommandLineW
GetModuleHandleW
SetEnvironmentVariableA
CreateFileA
SetLastError
GetStdHandle
HeapCreate
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
SetHandleCount
GetFileType
CompareStringW
CompareStringA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
LoadLibraryA
IsValidLocale
EnumSystemLocalesA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetStartupInfoA

user32

KillTimer
PostThreadMessageW
UnregisterClassA
DestroyWindow
EndPaint
SetCursor
SetTimer
PostQuitMessage
FillRect
PostMessageW
SetForegroundWindow
AttachThreadInput
LoadCursorW
GetClientRect
BeginPaint
GetForegroundWindow
RegisterClassExW
LoadIconW
InvalidateRect
BringWindowToTop
GetWindowLongW
SetWindowLongW
LoadBitmapW
CreateWindowExW
GetSystemMetrics
SendMessageW
UpdateWindow
EnableWindow
SetWindowTextW
DefWindowProcW
GetWindowThreadProcessId
MoveWindow
GetMessageW
TranslateMessage
DispatchMessageW
ShowWindow

gdi32

SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPointW
CreateFontW
CreatePen
TextOutW
GetTextColor
DeleteObject
SetBkMode
GetDeviceCaps
SetTextColor
LineTo
BitBlt
MoveToEx
DeleteDC
CreateSolidBrush

advapi32

BuildExplicitAccessWithNameW
SetEntriesInAclW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW

shell32

SHCreateDirectoryExW
ShellExecuteW
SHGetSpecialFolderPathW

oleaut32

OleLoadPicturePath

shlwapi

PathIsDirectoryW
PathFileExistsW
PathFileExistsA

ws2_32

WSAAsyncSelect
WSACancelAsyncRequest
WSAAsyncGetHostByName
WSAIoctl
recvfrom
WSAEventSelect
WSAWaitForMultipleEvents
ioctlsocket
connect
select
WSAGetLastError
WSACleanup
bind
__WSAFDIsSet
send
getsockopt
getsockname
htons
setsockopt
sendto
socket
closesocket
ntohs
inet_addr
inet_ntoa
gethostbyname
ntohl
htonl
WSAStartup
recv

msimg32

GradientFill

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

crypt32

CryptMsgGetParam
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetNameStringW
CryptQueryObject
CryptDecodeObject
CryptMsgClose

Sections

.text
Size: 472KB - Virtual size: 468KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 40KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ffa0667aa1a6674f27a80ec2da98e675

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

shlwapi

ws2_32

msimg32

iphlpapi

version

crypt32

Sections

.text Size: 472KB - Virtual size: 468KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 40KB - Virtual size: 93KB

.rsrc Size: 124KB - Virtual size: 124KB

.text
Size: 472KB - Virtual size: 468KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 40KB - Virtual size: 93KB

.rsrc
Size: 124KB - Virtual size: 124KB