6b95b2da8574fa9ef9eeee58051b2776b1bdb75bd17eff2aa611d430b04a425f

Sharing

Copy URL Twitter E-mail

General

Target

6b95b2da8574fa9ef9eeee58051b2776b1bdb75bd17eff2aa611d430b04a425f
Size

515KB
MD5

0be78cef3da11f9b0b99d55c4761101d
SHA1

00e5ab2bb0c1a917956aceace8dc900b4ca57cdd
SHA256

6b95b2da8574fa9ef9eeee58051b2776b1bdb75bd17eff2aa611d430b04a425f
SHA512

9c2a3411cf9e82f4476f4c5c2f866fafbbb0cd422a82173f18671bfe97c327964b67ea247a869c6ac443244f7f83a1e2c8938a0d4341c636af19f492cd82fe93
SSDEEP

6144:0Jjr3H9lb7ktxaIrQPumWKDwUqdEIbwPenD4jQQOdNTBq95llj/XfxCy1:o/3HkchWWwUqJx1QOdNTM95lljJCy1

Score

N/A

Malware Config

Signatures

Files

6b95b2da8574fa9ef9eeee58051b2776b1bdb75bd17eff2aa611d430b04a425f
.exe windows x86

91d0d8864c6a4412aad40ffff09132d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpOpenRequestW
InternetReadFile
InternetCloseHandle
InternetQueryOptionW
InternetOpenUrlW
InternetOpenW
HttpOpenRequestA

urlmon

CoInternetSetFeatureEnabled

kernel32

GetModuleHandleW
GetFileSize
ReadFile
lstrcmpiA
GetCurrentThread
FreeResource
GlobalAlloc
WriteFile
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
MulDiv
lstrcmpW
lstrlenW
FreeLibrary
lstrcmpiW
LoadLibraryExW
TerminateProcess
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrlenA
lstrcpynW
UnmapViewOfFile
LocalFree
MapViewOfFileEx
CreateFileMappingW
lstrcpyW
Sleep
InterlockedCompareExchange
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
VirtualAlloc
VirtualFree
VirtualProtect
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetProcessHeap
HeapFree
HeapAlloc
GetProcAddress
DecodePointer
EncodePointer
GetStringTypeW
HeapReAlloc
HeapSize
IsDebuggerPresent
CreateThread
ExitThread
GetSystemTimeAsFileTime
GetCommandLineW
RtlUnwind
GetCPInfo
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
GetStdHandle
IsValidCodePage
GetACP
GetOEMCP
GetFileType
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
ReadConsoleW
GetModuleFileNameW
VirtualQuery
CreateProcessW
WideCharToMultiByte
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
GetLastError
GlobalUnlock
HeapDestroy
GlobalLock
FlushInstructionCache
SetLastError
RaiseException
LeaveCriticalSection
EnterCriticalSection
SetUnhandledExceptionFilter
GetLocalTime
GetTempPathW
CloseHandle
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
UnhandledExceptionFilter
OutputDebugStringW
LoadLibraryW
SetStdHandle
WriteConsoleW
SetEndOfFile

user32

ReleaseCapture
FillRect
InvalidateRgn
ReleaseDC
GetDesktopWindow
SetCapture
GetWindowThreadProcessId
AttachThreadInput
GetForegroundWindow
SetForegroundWindow
BringWindowToTop
IsIconic
MoveWindow
IsWindowVisible
SetTimer
ScreenToClient
ClientToScreen
CreateAcceleratorTableW
DestroyWindow
RedrawWindow
CharNextW
GetSysColor
GetClassNameW
IsWindow
UnregisterClassW
SendMessageW
GetDlgItem
IsChild
RegisterWindowMessageW
GetKeyState
GetDlgCtrlID
SendNotifyMessageW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
FindWindowW
LoadImageW
GetSystemMetrics
RealGetWindowClassW
EnumChildWindows
DestroyAcceleratorTable
GetWindow
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
MapWindowPoints
SetFocus
SetWindowTextW
PostMessageW
KillTimer
RegisterClipboardFormatW
GetDC
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
GetWindowTextLengthW
GetWindowTextW
SetLayeredWindowAttributes
ShowWindow
WindowFromPoint
SetWindowPos
GetCursorPos
wsprintfW
MessageBoxW
PtInRect
DrawTextW
EndPaint
BeginPaint
SystemParametersInfoW
SetRect
InvalidateRect
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
GetClientRect
GetFocus

gdi32

TextOutW
CreateSolidBrush
GetObjectW
GetDeviceCaps
Rectangle
GetStockObject
CreatePen
SetTextColor
DeleteObject
CreateFontIndirectW
DeleteDC
SetViewportOrgEx
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
SetBkColor
ExtTextOutW
SetBkMode

advapi32

GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSecurityDescriptorLength
GetSecurityDescriptorControl
MakeSelfRelativeSD
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
GetSecurityDescriptorOwner

shell32

SHGetSpecialFolderPathW
ShellExecuteW
SHCreateDirectoryExW
CommandLineToArgvW

ole32

StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
OleUninitialize
RegisterDragDrop
CreateStreamOnHGlobal
ProgIDFromCLSID
CoCreateInstance
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
OleInitialize
CoTaskMemRealloc

oleaut32

VarUI4FromStr
VariantClear
SysFreeString
SysAllocString
OleCreateFontIndirect
SysStringLen
LoadRegTypeLi
LoadTypeLi
VariantInit
SysAllocStringLen
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayCopy
SafeArrayGetVartype
SafeArrayUnaccessData
SafeArrayAccessData

shlwapi

PathFindExtensionW
PathFindFileNameW
StrCmpIW
SHRegGetPathW
StrCmpW
PathFileExistsW
StrStrIW
StrCmpNIW
PathCombineW
PathAppendW

dbghelp

MiniDumpWriteDump

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

gdiplus

GdipFree
GdipImageSelectActiveFrame
GdipCreateFromHWND
GdipDeleteGraphics
GdipDrawImageI
GdipDisposeImage
GdipAlloc
GdipCloneImage
GdipLoadImageFromStreamICM
GdipGetPropertyItem
GdiplusStartup
GdipDrawImageRectI
GdipCreateFromHDC
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize

Sections

.text
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91d0d8864c6a4412aad40ffff09132d6

Headers

DLL Characteristics

File Characteristics

Imports

wininet

urlmon

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

dbghelp

version

gdiplus

Sections

.text Size: 323KB - Virtual size: 323KB

.rdata Size: 89KB - Virtual size: 89KB

.data Size: 21KB - Virtual size: 38KB

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 55KB - Virtual size: 54KB

.text
Size: 323KB - Virtual size: 323KB

.rdata
Size: 89KB - Virtual size: 89KB

.data
Size: 21KB - Virtual size: 38KB

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 55KB - Virtual size: 54KB