91e6c59c565c08fe068aa10cb412c2b85a33a54fb8039c64bf97af82b5277dcb

Sharing

Copy URL Twitter E-mail

General

Target

91e6c59c565c08fe068aa10cb412c2b85a33a54fb8039c64bf97af82b5277dcb
Size

264KB
MD5

9f576ba322b55a76d7f621d81172fc52
SHA1

15d4786f1870dfb2048430f51f9ff6db21a1ec5b
SHA256

91e6c59c565c08fe068aa10cb412c2b85a33a54fb8039c64bf97af82b5277dcb
SHA512

a7d2d065d2eaeb816de3eed43c8f4da7a16362925edde85c80ca7e642c695342d272cf3b8289623fe6e6343c2772830df84eac793ef4fbae06cc4488592a5801
SSDEEP

3072:Xf5gErOipfceniGLM9z+u9huV8rkFsn/milrqqsACC:+PipfgKahuqwU/mRqs

Score

N/A

Malware Config

Signatures

Files

91e6c59c565c08fe068aa10cb412c2b85a33a54fb8039c64bf97af82b5277dcb
.exe windows x86

b33798484b8e5d89c1165afe1d684c50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

kernel32

TlsAlloc
DuplicateHandle
GetCurrentThreadId
GetCurrentProcess
GetCurrentThread
TlsSetValue
SetThreadPriority
CreateSemaphoreA
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
OutputDebugStringA
WriteConsoleA
WriteFile
CloseHandle
CreateFileA
SetFilePointer
SetEndOfFile
AllocConsole
GetStdHandle
TlsGetValue
ResumeThread
GetPrivateProfileStringA
Sleep
GetLastError
GetEnvironmentStringsW
GetEnvironmentStrings
GetProcAddress
FreeEnvironmentStringsW
FreeEnvironmentStringsA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
UnhandledExceptionFilter
GetCurrentDirectoryA
HeapSize
GetDriveTypeA
SetHandleCount
IsBadWritePtr
FlushFileBuffers
VirtualAlloc
VirtualFree
HeapReAlloc
HeapDestroy
GetEnvironmentVariableA
HeapCreate
SetLastError
SetUnhandledExceptionFilter
ExitThread
CreateThread
GetCommandLineA
GetStartupInfoA
GetVersion
TerminateProcess
ExitProcess
GetModuleHandleA
GetFileAttributesA
HeapAlloc
GetFullPathNameA
SetStdHandle
HeapFree
GetFileType
RtlUnwind
QueryPerformanceCounter
RaiseException
IsBadReadPtr
IsBadCodePtr
QueryPerformanceFrequency
GetCPInfo
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetOEMCP
LoadLibraryA
GetACP
GetStringTypeA
GetStringTypeW
GetSystemTimeAsFileTime
ReadFile
GetTimeZoneInformation
GlobalUnlock
LocalFree
GetVersionExA
FormatMessageA
Beep
SetEnvironmentVariableA
GlobalLock
GlobalAlloc
WritePrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
CompareStringW

user32

ReleaseDC
GetDlgItemTextA
ShowWindow
SetWindowPos
DialogBoxParamA
SetClipboardViewer
DrawMenuBar
AppendMenuA
GetSystemMenu
GetWindowLongA
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
InvalidateRect
GetDC
MessageBoxA
SetWindowTextA
SetForegroundWindow
AdjustWindowRectEx
SetRect
SystemParametersInfoA
SetDlgItemTextA
GetMessageA
LoadKeyboardLayoutA
EnableWindow
DispatchMessageA
IsDlgButtonChecked
GetDlgItem
GetDlgItemInt
SetDlgItemInt
GetKeyState
GetKeyboardState
ToAscii
CloseDesktop
OpenDesktopA
EnumDesktopWindows
DestroyMenu
FindWindowA
GetClassNameA
SetMenuDefaultItem
GetSubMenu
GetMenuItemID
RegisterClassExA
TrackPopupMenu
LoadStringA
SetCursorPos
LoadMenuA
GetCursorPos
EmptyClipboard
GetSystemMetrics
CheckMenuItem
OpenClipboard
SetClipboardData
GetClipboardOwner
IsIconic
GetClipboardData
CloseClipboard
PostMessageA
GetKeyboardLayoutNameA
SetTimer
GetForegroundWindow
BeginPaint
EndPaint
KillTimer
GetWindow
ChangeClipboardChain
GetWindowRect
GetFocus
SetCursor
DefWindowProcA
ShowScrollBar
PostQuitMessage
ScrollWindowEx
SendMessageA
GetClientRect
DestroyWindow
SetScrollInfo
UpdateWindow
SetWindowLongA
EndDialog
DrawTextA

gdi32

CreateCompatibleDC
SelectPalette
CreatePalette
GetDeviceCaps
GetStockObject
SetTextColor
ExtTextOutA
SetBkColor
RealizePalette
SelectObject
CreateCompatibleBitmap
DeleteObject
DeleteDC
UpdateColors
BitBlt
StretchBlt
SetBrushOrgEx
SetStretchBltMode
SetPixelV
CreateFontIndirectA
GdiFlush
SetBkMode
Rectangle
GetClipBox

comdlg32

CommDlgExtendedError
GetSaveFileNameA

advapi32

RegEnumValueA
RegOpenKeyA
RegSetValueA
RegQueryInfoKeyA
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegCreateKeyA
RegQueryValueExA

shell32

Shell_NotifyIconA

wsock32

accept
WSACleanup
WSAStartup
inet_ntoa
bind
listen
WSAAsyncSelect
recv
shutdown
send
setsockopt
ioctlsocket
gethostbyname
htons
connect
getpeername
closesocket
socket
WSAGetLastError
select

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xwidvhw
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b33798484b8e5d89c1165afe1d684c50

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

wsock32

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 28KB - Virtual size: 33KB

.rsrc Size: 80KB - Virtual size: 80KB

xwidvhw Size: - Virtual size: 4KB

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 28KB - Virtual size: 33KB

.rsrc
Size: 80KB - Virtual size: 80KB

xwidvhw
Size: - Virtual size: 4KB