29591abdd75d190f003e4f2489e45f8fae4f41df3ab70cf82c9844ce3e231056

Sharing

Copy URL Twitter E-mail

General

Target

29591abdd75d190f003e4f2489e45f8fae4f41df3ab70cf82c9844ce3e231056
Size

864KB
MD5

48e64a5d262a906403e0313bb26479f0
SHA1

e1c7066e8b0bb5d6d9a444b358ffeadaf96519cf
SHA256

29591abdd75d190f003e4f2489e45f8fae4f41df3ab70cf82c9844ce3e231056
SHA512

6a485cad1ee58bc6543ee0db7a74dce65fb3a742fd72153c629406d20d51d91b0e4962d6ed94f9ffd40708d9fdbc2f1c0e7d4c24bc2a3691504aeee2be1b26d8
SSDEEP

6144:UX0cvvjxO5xbhEK61POCjPHErpNh8jPBJb:UX0MvUflELOAHEOPBh

Score

N/A

Malware Config

Signatures

Files

29591abdd75d190f003e4f2489e45f8fae4f41df3ab70cf82c9844ce3e231056
.exe windows x86

5a67caac8d2c687f896093044f7688af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
SetEndOfFile
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
InitializeCriticalSection
GetEnvironmentStrings
DeleteCriticalSection
GetConsoleMode
GetConsoleCP
GetOEMCP
GetCPInfo
Sleep
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleA
HeapCreate
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
lstrlenW
GetLastError
InterlockedIncrement
InterlockedDecrement
CreateFileW
GetFileSize
ReadFile
FindResourceExW
LockResource
WideCharToMultiByte
OpenEventW
CreateEventW
CloseHandle
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
FreeEnvironmentStringsA
lstrcmpiW
InterlockedCompareExchange
GetVersionExA
GetModuleFileNameW
GetLocalTime
GetVersionExW
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
MulDiv
FreeEnvironmentStringsW
RaiseException

user32

GetParent
SetWindowPos
MapWindowPoints
UnregisterClassA
GetWindowLongW
LoadImageW
GetClientRect
SystemParametersInfoW
GetWindowRect
GetWindow
CreateWindowExW
GetWindowTextW
ClientToScreen
UpdateWindow
InvalidateRect
SetTimer
KillTimer
IsWindowEnabled
IsWindow
SetWindowLongW
PtInRect
SendMessageW
FillRect
DrawTextW
ScreenToClient
GetCursorPos
GetCapture
GetDC
OffsetRect
GetWindowTextLengthW
TrackMouseEvent
TrackPopupMenu
GetScrollRange
SetScrollInfo
GetScrollInfo
ScrollWindow
SetFocus
IsWindowVisible
SetWindowTextW
MonitorFromPoint
GetMonitorInfoW
DestroyMenu
EnableMenuItem
AppendMenuW
CreatePopupMenu
DrawIconEx
CreateDialogParamW
CharNextW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetSystemMetrics
DefWindowProcW
LoadBitmapW
GetScrollPos
PostQuitMessage
SetCursor
InflateRect
SetRect
MessageBoxW
GetUpdateRect
SetLayeredWindowAttributes
RegisterClassExW
GetKeyState
LoadCursorW
GetClassInfoExW
ShowWindow
MoveWindow
FrameRect
EndPaint
BeginPaint
ReleaseCapture
CallWindowProcW
AdjustWindowRectEx
GetDlgCtrlID
SetCapture
GetMenu
DestroyWindow
ReleaseDC

gdi32

LineTo
MoveToEx
CreateDIBSection
CreateSolidBrush
SetBkColor
ExtTextOutW
GetDeviceCaps
DPtoLP
GetObjectW
CreateFontIndirectW
DeleteDC
SetTextColor
SetBkMode
DeleteObject
CreateCompatibleBitmap
StretchBlt
SelectObject
CreateCompatibleDC
CreatePatternBrush
BitBlt
SetStretchBltMode
CreatePen

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW

shell32

ShellExecuteW

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize
CoTaskMemAlloc

oleaut32

VariantClear
VarUI4FromStr
SysFreeString
VarBstrCmp
SysAllocStringLen
SysAllocString

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_AddMasked
ImageList_Create
ImageList_Draw
ImageList_Destroy
ImageList_GetIconSize

msimg32

AlphaBlend

gdiplus

GdipCreateHBITMAPFromBitmap
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDrawImageRectI
GdipReleaseDC
GdipCreateFromHDC
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImageFlags
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToFile
GdipDisposeImage
GdipDeleteGraphics
GdipFree
GdipAlloc

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 632KB - Virtual size: 631KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5a67caac8d2c687f896093044f7688af

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

msimg32

gdiplus

Sections

.text Size: 132KB - Virtual size: 129KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 632KB - Virtual size: 631KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 132KB - Virtual size: 129KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 632KB - Virtual size: 631KB

.rmnet
Size: 60KB - Virtual size: 60KB