5ba95c4497f334d07c65ba7c89cf7225a1afa992c91d0af0cfd01c5c6c4b62b5

Sharing

Copy URL

Twitter E-mail

General

Target

5ba95c4497f334d07c65ba7c89cf7225a1afa992c91d0af0cfd01c5c6c4b62b5
Size

194KB
MD5

09dda7206b9c611ab7a1c1a2aaf45200
SHA1

2af4b66abc34fcb09b832bd7637027fe64d72cad
SHA256

5ba95c4497f334d07c65ba7c89cf7225a1afa992c91d0af0cfd01c5c6c4b62b5
SHA512

d9235ddf9efc0c8b1a63f91f57847b43bd4a758db5643cbe68fbbc3d85f1a247cda31720fe5c7ea0bf632541390ce06f60733ca9f3470cdda31bb2099f5a07f9
SSDEEP

6144:WIshliX0jWVojHL/F9B0KY5nuQNrYMkLqjzFE:7shlinoTL/Ff0KY5nkMkL8

Score

N/A

Malware Config

Signatures

Files

5ba95c4497f334d07c65ba7c89cf7225a1afa992c91d0af0cfd01c5c6c4b62b5
.exe windows x86

5b65d9b6502e04a592c4c5e5c12483e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
GetTickCount
ExitProcess
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
CreateMutexW
CreateEventW
OpenEventW
RegisterWaitForSingleObject
SetEvent
WaitForSingleObject
ReleaseMutex
UnregisterWaitEx
FreeLibrary
FormatMessageW
WriteFile
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
SetFilePointer
SetEndOfFile
HeapReAlloc
DeleteCriticalSection
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleHandleA
GetCurrentProcess
TerminateProcess
GetTimeFormatW
CompareStringW
Sleep
TryEnterCriticalSection
lstrlenW
CreateThread
WaitForMultipleObjects
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryW
CreateProcessW
GetProcAddress
GetDateFormatW
MoveFileW
FileTimeToSystemTime
WideCharToMultiByte
GetProcessHeap
HeapAlloc
HeapFree
LoadLibraryExW
GetVersionExW
GetModuleHandleW
InitializeCriticalSection
CreateFileW
GetFileSize
ReadFile
lstrlenA
MultiByteToWideChar
GetSystemTime
SetLastError
FindFirstFileW
FindNextFileW
RemoveDirectoryW
FindClose
DeleteFileW
CreateDirectoryW
SetFileAttributesW
lstrcmpiW
GetFileAttributesW
VerSetConditionMask
VerifyVersionInfoW
GetCommandLineW
LoadLibraryA
GetStartupInfoA
LocalFree
GetLastError
GetCurrentProcessId
ProcessIdToSessionId
GetSystemDefaultLangID
GetLocalTime
CloseHandle

msvcrt

wcschr
_wtoi
_wsplitpath
_vsnprintf
memmove
wcstoul
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
?terminate@@YAXXZ
_except_handler3
_controlfp
??1type_info@@UAE@XZ
_onexit
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_CxxThrowException
malloc
free
_vsnwprintf

gdi32

TextOutW
CreateSolidBrush
GetTextExtentPoint32W
BitBlt
SetBkColor
SetStretchBltMode
GetCurrentObject
DeleteDC
SetBkMode
SetTextColor
SelectObject
DeleteObject
GetStockObject
CreateFontIndirectW
GetObjectW
StretchBlt
CreateCompatibleDC

user32

SetWindowTextW
IsWindow
GetDesktopWindow
CopyRect
OffsetRect
RemovePropW
EqualRect
DrawEdge
GetKeyState
UpdateWindow
IsDlgButtonChecked
DrawFocusRect
GetWindowLongW
DrawTextW
GetFocus
GetCapture
CheckRadioButton
GetParent
GetClientRect
FillRect
SetCapture
SetCursor
ScreenToClient
PtInRect
CallWindowProcW
CreateCursor
InvalidateRect
DestroyCursor
SetRectEmpty
DestroyMenu
CreatePopupMenu
AppendMenuW
CreateWindowExW
ShowWindow
SetTimer
PeekMessageW
MsgWaitForMultipleObjectsEx
TranslateMessage
DispatchMessageW
DestroyWindow
PostQuitMessage
SetWindowsHookExW
DefWindowProcW
GetCursorPos
SetForegroundWindow
TrackPopupMenu
SetActiveWindow
SetFocus
DialogBoxParamW
KillTimer
LoadImageW
GetSystemMetrics
LoadStringW
LoadAcceleratorsW
SendMessageW
EndDialog
PostMessageW
LoadCursorW
RegisterClassExW
CheckDlgButton
SetPropW
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
GetPropW
CreateDialogParamW
BeginPaint
EndPaint
SetWindowPos
GetSystemMenu
EnableMenuItem
TranslateAcceleratorW
CallNextHookEx
GetDlgCtrlID
GetSysColor
GetSysColorBrush
MessageBoxW
GetWindowRect
MapWindowPoints
ReleaseDC
GetDC
ReleaseCapture
EnableWindow
GetDlgItem

shell32

ShellExecuteW
Shell_NotifyIconW
SHGetFolderPathW

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

VariantInit
SafeArrayGetElement
VariantClear
SafeArrayUnaccessData
SysAllocString
SafeArrayAccessData
SafeArrayCreate
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysFreeString
SysReAllocString
SafeArrayDestroy
SafeArrayGetUBound

urlmon

CreateURLMoniker

comctl32

InitCommonControlsEx

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

advapi32

RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorOwner
GetSecurityDescriptorDacl
SetNamedSecurityInfoW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
QueryServiceStatus
CloseServiceHandle
OpenServiceW
OpenSCManagerW

shlwapi

StrStrW
PathFindFileNameW
StrChrW
StrRChrW
PathIsRootW
PathIsUNCW
PathStripToRootW
PathIsRelativeW
StrToIntW

advpack

ExtractFiles

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5b65d9b6502e04a592c4c5e5c12483e3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

shell32

ole32

oleaut32

urlmon

comctl32

wtsapi32

advapi32

shlwapi

advpack

Sections

.text Size: 59KB - Virtual size: 59KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 77KB - Virtual size: 76KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 59KB - Virtual size: 59KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 77KB - Virtual size: 76KB

.rmnet
Size: 56KB - Virtual size: 60KB