1586a4a8f16b9e7d1308e954514c6c186d021b5bd2e25f3463059a619653c00c

Sharing

Copy URL Twitter E-mail

General

Target

1586a4a8f16b9e7d1308e954514c6c186d021b5bd2e25f3463059a619653c00c
Size

763KB
MD5

6164930d2d3db9ccea8d0486618c6fd0
SHA1

c79cb4d98d93699b5471b3dad29f31013f9fe598
SHA256

1586a4a8f16b9e7d1308e954514c6c186d021b5bd2e25f3463059a619653c00c
SHA512

a650f8179ef4da1cac04822f714eb74019b599841b0343e837cd890aeaf25c63da1739de0a5789f28efe8177e7e55b34d11a90286887cf15ccd61274d605c498
SSDEEP

12288:k3cxzuDZUeeX7eC2q6s5xPtTNBnSm8vYErkVFjEupYTYE5wYIYtRHr:ldCUeOeC2vqpBnSm8QErkV6YYTl5wYIG

Score

N/A

Malware Config

Signatures

Files

1586a4a8f16b9e7d1308e954514c6c186d021b5bd2e25f3463059a619653c00c
.exe windows x86

4e75dcf34bb3a56e4d9938eb22902bd1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmDisableIME

wininet

InternetCloseHandle
InternetOpenUrlW
InternetSetOptionW
InternetOpenW

kernel32

CompareStringW
CompareStringA
WriteConsoleW
GetProcessHeap
CreateFileA
LocalFree
DebugBreak
GetTempPathW
lstrlenW
OutputDebugStringW
InterlockedDecrement
lstrlenA
SetEnvironmentVariableA
GetSystemDefaultLangID
FindNextFileW
FindClose
FindFirstFileW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetDriveTypeA
GetStringTypeW
GetStringTypeA
GetCommandLineW
GetLocaleInfoA
SetEndOfFile
LoadLibraryA
QueryPerformanceCounter
QueryPerformanceFrequency
LCMapStringW
GetQueuedCompletionStatus
WaitForSingleObject
GetLastError
CloseHandle
InterlockedCompareExchange
CreateFileW
InterlockedExchange
CreateProcessW
MoveFileExW
CreateDirectoryW
CopyFileW
GetExitCodeProcess
FileTimeToSystemTime
GetCurrentThreadId
DeleteFileW
SetFileAttributesW
SetFilePointer
GetCurrentProcess
WriteFile
FormatMessageW
GetModuleFileNameW
ExitThread
SetLastError
CreateEventW
WaitForMultipleObjects
DuplicateHandle
CreateThread
WideCharToMultiByte
MultiByteToWideChar
CreateMutexW
OpenMutexW
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetModuleHandleW
LoadLibraryW
GetProcAddress
GetCurrentProcessId
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
LocalAlloc
GetFileSize
Sleep
ReadFile
FlushFileBuffers
OpenEventW
GetSystemDirectoryW
RemoveDirectoryW
FreeLibrary
GetTickCount
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetStartupInfoW
FileTimeToLocalFileTime
GetDriveTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RtlUnwind
RaiseException
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
GetConsoleCP
GetConsoleMode
GetModuleHandleA

user32

GetWindowDC
wvsprintfW
DrawTextW
GetFocus
DialogBoxParamW
GetSystemMetrics
CreateWindowExW
GetParent
TrackMouseEvent
IsWindowEnabled
GetClientRect
BeginPaint
CharNextW
InvalidateRect
GetWindowLongW
GetWindowTextW
ReleaseDC
ScrollWindow
SetWindowLongW
EndDialog
SetWindowPos
CheckDlgButton
IsDlgButtonChecked
MessageBoxW
SendMessageW
CallWindowProcW
DefWindowProcW
EndPaint
GetWindowRect
GetDC

gdi32

Rectangle
SelectObject
DeleteObject
SetBkMode
CreateFontIndirectW
SetTextColor
GetTextExtentPoint32W
CreatePen
GetObjectW
GetStockObject
CreateSolidBrush

advapi32

OpenProcessToken
SetSecurityInfo
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
GetTokenInformation
LookupAccountSidW
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
SetEntriesInAclW
RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetSidLengthRequired
ConvertStringSecurityDescriptorToSecurityDescriptorW

shell32

ShellExecuteExW
SHGetSpecialFolderPathW
CommandLineToArgvW
ShellExecuteW
SHFileOperationW

hwsignature

GenHWID

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

comctl32

InitCommonControlsEx

msimg32

GradientFill

Sections

.text
Size: 472KB - Virtual size: 471KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SogouIn
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4e75dcf34bb3a56e4d9938eb22902bd1

Headers

DLL Characteristics

File Characteristics

Imports

imm32

wininet

kernel32

user32

gdi32

advapi32

shell32

hwsignature

version

comctl32

msimg32

Sections

.text Size: 472KB - Virtual size: 471KB

.rdata Size: 152KB - Virtual size: 151KB

.data Size: 17KB - Virtual size: 44KB

.SogouIn Size: 12KB - Virtual size: 11KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 472KB - Virtual size: 471KB

.rdata
Size: 152KB - Virtual size: 151KB

.data
Size: 17KB - Virtual size: 44KB

.SogouIn
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 104KB - Virtual size: 104KB