ca027fe858050dc6a873ee13e7832ee67f9e1bf12bb80a644965dbd26105ffaa

Sharing

Copy URL Twitter E-mail

General

Target

ca027fe858050dc6a873ee13e7832ee67f9e1bf12bb80a644965dbd26105ffaa
Size

659KB
MD5

435a2290a53d1022aa23c7ff1752c786
SHA1

a169769ca4d245d162c44f4977ce35d986770541
SHA256

ca027fe858050dc6a873ee13e7832ee67f9e1bf12bb80a644965dbd26105ffaa
SHA512

d3820c496aadf1652603d5e2054ecd83df8f29f8daed02b1c0e2d8539d2a4830b388b8e099a69aec0e6032e194765c25b1ca668c35300ff428e5f76027839178
SSDEEP

12288:e6INZiGCxto2fXzSMK38fIQShm2CgKY0axeByKoZorE1Cn0G8:iZiGCxttfXzSMK38fMggKpaxuIZo41Ok

Score

N/A

Malware Config

Signatures

Files

ca027fe858050dc6a873ee13e7832ee67f9e1bf12bb80a644965dbd26105ffaa
.exe windows x86

5e4e774600d2f44d0a3af64cd7cdd9f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
GlobalAlloc
GlobalUnlock
GlobalLock
lstrcpynA
SetFileAttributesW
LocalAlloc
GlobalFree
GlobalReAlloc
WideCharToMultiByte
GetVersionExW
GetLongPathNameW
lstrlenW
lstrcpyW
GetTickCount
lstrcmpW
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
InitializeCriticalSection
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStdHandle
ExitProcess
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetStartupInfoA
GetProcessHeap
GetVersionExA
GetCommandLineA
HeapSize
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
RaiseException
HeapAlloc
HeapReAlloc
RtlUnwind
SetFilePointer
LoadLibraryExW
EnumResourceNamesW
QueryPerformanceCounter
QueryPerformanceFrequency
CompareFileTime
FileTimeToSystemTime
CloseHandle
GetFileTime
GetFileSize
CreateFileW
MoveFileW
DeleteFileW
GetTempFileNameW
ReleaseMutex
WaitForSingleObject
CreateThread
CreateMutexW
Sleep
MulDiv
GetProcAddress
GetModuleHandleW
IsBadReadPtr
GetCurrentProcess
lstrcpynW
lstrcatW
CreateDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetModuleFileNameW
LoadLibraryW
LockResource
LoadResource
SizeofResource
FindResourceW
GetSystemDirectoryW
GetLastError
ExpandEnvironmentStringsW
GetCurrentThreadId
lstrcpyA
WriteFile
lstrlenA
ReadFile
lstrcmpiA
GetFileAttributesW
MultiByteToWideChar
GetCommandLineW
SetErrorMode
CreateProcessW
InterlockedDecrement
GetCurrentProcessId
FindFirstFileW
FindNextFileW
FindClose
lstrcatA
DeleteFileA
FreeLibrary
CopyFileW
lstrcmpiW

user32

EmptyClipboard
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
GetQueueStatus
PeekMessageW
IsDialogMessageW
GetClassLongW
GetParent
GetKeyState
GetSysColor
SystemParametersInfoW
wsprintfW
GetActiveWindow
MessageBoxA
ReleaseCapture
SetCapture
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
SetRectEmpty
RedrawWindow
RegisterClassExW
CreateIconFromResourceEx
FillRect
SetSysColors
CopyRect
SetWindowPos
SetPropW
RemovePropW
GetPropW
ShowWindow
SetWindowRgn
SetClipboardData
RegisterHotKey
UnregisterHotKey
CreateDialogParamW
GetIconInfo
DrawFocusRect
DrawFrameControl
GetWindowTextW
wvsprintfW
SetDlgItemTextW
ScreenToClient
GetClientRect
BringWindowToTop
LoadImageW
ShowOwnedPopups
FindWindowW
EnumWindows
GetWindow
GetClassNameW
KillTimer
GetCursorPos
SetTimer
SendMessageW
SendDlgItemMessageW
IsDlgButtonChecked
CheckDlgButton
EndPaint
BeginPaint
InvalidateRgn
CheckRadioButton
EnableWindow
InvalidateRect
GetDlgItem
DrawIconEx
DrawTextW
GetMenuDefaultItem
SetMenuDefaultItem
SetWindowLongW
CallWindowProcW
IsMenu
DestroyIcon
EnableMenuItem
DialogBoxParamW
LoadIconW
RegisterClassW
CreateWindowExW
GetSystemMenu
SetMenuItemInfoW
RemoveMenu
InsertMenuItemW
GetMessageW
TranslateMessage
DispatchMessageW
EndDialog
RegisterWindowMessageW
EnumDisplaySettingsW
SetForegroundWindow
GetWindowLongW
IsIconic
IsWindowVisible
DefWindowProcW
InflateRect
OffsetRect
MessageBoxW
SetWindowTextW
DestroyWindow
PostQuitMessage
LoadCursorW
SetCursor
GetSystemMetrics
GetWindowThreadProcessId
AllowSetForegroundWindow
ExitWindowsEx
UnionRect
EnumDisplayMonitors
GetMonitorInfoW
IntersectRect
EqualRect
IsRectEmpty
CreatePopupMenu
AppendMenuW
TrackPopupMenu
DestroyMenu
keybd_event
GetDC
ReleaseDC
GetDesktopWindow
LockWindowUpdate
PostMessageW
GetWindowRect
PtInRect
SetRect

gdi32

GetTextMetricsW
SelectClipRgn
GetCurrentObject
AddFontResourceW
GetCharABCWidthsW
EnumFontFamiliesW
RoundRect
SetPixel
ExtCreateRegion
CreateSolidBrush
CreatePen
Rectangle
GetPixel
CombineRgn
GetDIBits
CreateDIBSection
CreateCompatibleBitmap
BitBlt
CreateBitmap
SetBkColor
SetBkMode
SetTextColor
GetTextExtentPoint32W
CreateFontIndirectA
GetObjectW
RemoveFontResourceW
GetStockObject
GetDeviceCaps
CreateFontIndirectW
CreateRectRgn
CreateCompatibleDC
SelectObject
DeleteDC
DeleteObject

comdlg32

GetOpenFileNameW
ChooseColorW

advapi32

GetTokenInformation
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegDeleteValueW
RegCloseKey

shell32

SHGetDesktopFolder
SHAppBarMessage
Shell_NotifyIconW
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetFolderPathW
SHGetSpecialFolderPathW
ExtractIconExW
SHGetFileInfoW
DragQueryFileW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc

ole32

StringFromCLSID
CoTaskMemFree
CoInitialize
CoUninitialize
OleInitialize
OleUninitialize
CoCreateGuid
StringFromGUID2
RegisterDragDrop
CoCreateInstance
ReleaseStgMedium

winmm

mixerSetControlDetails
mixerGetControlDetailsW
mixerGetLineInfoW
mixerGetLineControlsW
mixerClose
mixerGetNumDevs
mixerOpen
mciSendStringW
PlaySoundW
mixerGetDevCapsW

comctl32

ImageList_Draw
_TrackMouseEvent
ord17

shlwapi

ColorHLSToRGB
PathIsRelativeW
PathFileExistsW
PathIsURLW
StrTrimW
PathIsDirectoryW
PathAppendW
PathRemoveArgsW
StrStrIW
PathGetArgsW
ColorRGBToHLS

wininet

InternetCrackUrlW
InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoW
InternetReadFile
InternetCloseHandle

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocString

Sections

.text
Size: 445KB - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e4e774600d2f44d0a3af64cd7cdd9f9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

winmm

comctl32

shlwapi

wininet

oleaut32

Sections

.text Size: 445KB - Virtual size: 445KB

.rdata Size: 93KB - Virtual size: 92KB

.data Size: 14KB - Virtual size: 118KB

.rsrc Size: 105KB - Virtual size: 108KB

.text
Size: 445KB - Virtual size: 445KB

.rdata
Size: 93KB - Virtual size: 92KB

.data
Size: 14KB - Virtual size: 118KB

.rsrc
Size: 105KB - Virtual size: 108KB