53bc28d0f8097c85d76939dfa86b70e3bf43698ce137c7616d7af7de10359f19

Sharing

Copy URL Twitter E-mail

General

Target

53bc28d0f8097c85d76939dfa86b70e3bf43698ce137c7616d7af7de10359f19
Size

268KB
MD5

43c2267722fa3dcad4bd276b551f5f60
SHA1

565b12857c0f71ef665ba0a13a6f35a298bb3a64
SHA256

53bc28d0f8097c85d76939dfa86b70e3bf43698ce137c7616d7af7de10359f19
SHA512

c3634094ac98effe4f36d70d102887a50945439007cbc5adc65c5b8d67c96ee14c6fa52eb84f5bf39220a93488c3426cfd3baa83d8206c8b78d1ebf22d01990f
SSDEEP

6144:or9U8HGwzP96Xb5wdSxCA3i3383CnYgjtu:xEZj+Xy3eChjtu

Score

N/A

Malware Config

Signatures

Files

53bc28d0f8097c85d76939dfa86b70e3bf43698ce137c7616d7af7de10359f19
.exe windows x86

58e80e282b31fa53e5ed6c36c0d04c6d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileA
FindNextFileW
LoadResource
FindResourceA
LocalFree
LocalAlloc
CreateDirectoryA
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
FindFirstFileA
FindFirstFileW
LocalReAlloc
GetFileAttributesA
GetFileAttributesW
GetModuleFileNameA
GetModuleFileNameW
DeleteCriticalSection
GetModuleHandleA
GetModuleHandleW
SetFileAttributesA
SetFileAttributesW
GetPrivateProfileIntA
GetPrivateProfileIntW
MoveFileA
MoveFileW
RemoveDirectoryA
RemoveDirectoryW
CreateMutexA
CreateMutexW
WritePrivateProfileStringA
WritePrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileStringW
CreateProcessA
CreateProcessW
GetACP
GetVersionExW
GlobalAlloc
GlobalFree
FreeLibrary
WriteFile
ReadFile
QueryPerformanceCounter
QueryPerformanceFrequency
SetEvent
CompareFileTime
SystemTimeToFileTime
GetSystemTime
InterlockedIncrement
InterlockedDecrement
GetFileSize
ResetEvent
IsDBCSLeadByte
CreateFileMappingA
CreateFileMappingW
IsBadWritePtr
GetSystemTimeAsFileTime
GetProcessTimes
GetLocalTime
FlushFileBuffers
GetAtomNameA
lstrcmpA
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
MapViewOfFile
UnmapViewOfFile
GetCurrentThreadId
IsBadReadPtr
lstrcpynA
SetUnhandledExceptionFilter
DebugBreak
GetCurrentProcess
TerminateProcess
LoadLibraryA
MultiByteToWideChar
GetProcAddress
GetVersionExA
GetCommandLineA
CreateThread
ReleaseMutex
ExitProcess
lstrcmpiA
FindClose
lstrlenA
lstrlenW
OpenProcess
WaitForSingleObject
CloseHandle
GetTickCount
GetLastError
WideCharToMultiByte
RtlUnwind

user32

LoadIconW
LoadStringW
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
CharNextA
SetWindowLongA
SetWindowLongW
CreateWindowExA
CreateWindowExW
FindWindowExA
FindWindowExW
LoadIconA
LoadCursorW
SendMessageTimeoutA
SendMessageA
SendMessageW
RegisterClassExA
RegisterClassExW
FindWindowW
GetSystemMetrics
PostQuitMessage
LoadCursorA
GetWindowTextLengthA
GetWindowLongW
GetWindowLongA
DispatchMessageW
DispatchMessageA
DefWindowProcW
DefWindowProcA
CreateDialogParamW
CreateDialogParamA
GetWindowThreadProcessId
TranslateMessage
MsgWaitForMultipleObjects
DestroyIcon
GetDlgItem
GetDesktopWindow
GetWindowTextA
IsWindow
DestroyWindow

shlwapi

PathRemoveBackslashW
StrCatBuffW
PathAppendW
PathFileExistsW
StrStrIW
PathFindFileNameW
PathFindFileNameA
PathFindExtensionW
StrCmpIW
SHSetValueW
PathAddExtensionW
SHGetValueW
PathCombineW
StrChrW
PathRemoveFileSpecW
PathAddBackslashW
wvnsprintfA
SHStrDupW
PathRemoveFileSpecA
PathAddBackslashA
StrCatBuffA
SHRegGetUSValueW
StrCmpNW
wnsprintfA
StrToIntW
StrCmpNIW
wnsprintfW
StrCpyNW
StrToIntExW

shfolder

SHGetFolderPathW

oleaut32

SysFreeString
SysAllocString

ole32

StringFromGUID2
CreateBindCtx
CoInitialize
CoUninitialize
CoCreateInstance

advapi32

AllocateAndInitializeSid
FreeSid
RegCloseKey
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA

shell32

SHFileOperationA

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA

urlmon

CreateURLMoniker
RegisterBindStatusCallback

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 192KB - Virtual size: 1.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

58e80e282b31fa53e5ed6c36c0d04c6d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

shfolder

oleaut32

ole32

advapi32

shell32

version

urlmon

Sections

.text Size: 60KB - Virtual size: 57KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 8KB - Virtual size: 7KB

.vmp0 Size: 192KB - Virtual size: 1.3MB

.text
Size: 60KB - Virtual size: 57KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 8KB - Virtual size: 7KB

.vmp0
Size: 192KB - Virtual size: 1.3MB