927051fb778cbfa16758599eef8551f3c4a23a8216d07b03655a7f65f18b34a0

Sharing

Copy URL

Twitter E-mail

General

Target

927051fb778cbfa16758599eef8551f3c4a23a8216d07b03655a7f65f18b34a0
Size

396KB
MD5

4a63143394eee1869ebc36170783749a
SHA1

7061acdefddbbd05d0883ac4f4f1c7bef0a905b5
SHA256

927051fb778cbfa16758599eef8551f3c4a23a8216d07b03655a7f65f18b34a0
SHA512

c98403cc95aeaa0d2da0d434bd05e0e1d3054a878c3bb39840b1a2bff7fe2229513d442cfa4f9e9ca675e41e4b3bf7d049d02a413ea9de136703b548b6972a27
SSDEEP

6144:ZwGZn3Jh0w621+ZxXV6ZzFsUORyk/blxQwhXPv8m9pEUFhuoY8laLSWmH60HwYgm:Zw2jsUO1HPUChkl/lj6Y

Score

N/A

Malware Config

Signatures

Files

927051fb778cbfa16758599eef8551f3c4a23a8216d07b03655a7f65f18b34a0
.exe windows x86

c7647c915b91aa44e9dda3b85227eca4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
HeapAlloc
GetCurrentThreadId
OpenProcess
GetFullPathNameA
GetSystemDefaultLangID
GetUserDefaultUILanguage
GetUserDefaultLangID
GetSystemDefaultUILanguage
CompareStringW
FlushFileBuffers
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
GetTickCount
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
RtlUnwind
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetModuleFileNameA
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
TlsGetValue
TlsSetValue
GetLocalTime
GetSystemTime
GetTimeZoneInformation
InterlockedIncrement
InterlockedDecrement
SleepEx
GetLastError
CreateFileMappingA
CreateThread
GetSystemDirectoryA
OpenFile
Sleep
lstrcpynA
LoadLibraryA
GetProcAddress
FreeLibrary
lstrlenA
LocalFree
SetEnvironmentVariableA
lstrcatA
FindFirstFileA
lstrcmpA
LocalAlloc
CompareStringA
FindNextFileA
FindClose
MultiByteToWideChar
lstrcpyA
GetVersionExA
CreateMutexA
OpenFileMappingA
MapViewOfFile
OpenEventA
WaitForSingleObject
SetEvent
ReleaseMutex
CloseHandle
UnmapViewOfFile
FreeEnvironmentStringsA
SetLastError

user32

PostQuitMessage
RegisterWindowMessageA
GetDC
GetSysColorBrush
DestroyWindow
KillTimer
GetWindow
SetCursorPos
GetMenuBarInfo
GetActiveWindow
GetTopWindow
PostMessageA
SendMessageA
IsWindowVisible
GetWindowThreadProcessId
ShowCursor
SetCursor
SendInput
SetWindowRgn
GetSysColor
FillRect
DrawIconEx
DestroyIcon
SetSystemCursor
CopyIcon
FindWindowExA
GetDesktopWindow
DefWindowProcA
GetSystemMetrics
LoadImageA
LoadCursorA
RegisterClassA
CreateWindowExA
SetTimer
SetDoubleClickTime
GetMessageA
TranslateMessage
DispatchMessageA
GetAncestor
LoadStringA
LoadMenuA
GetSubMenu
InsertMenuA
DeleteMenu
DrawMenuBar
CheckMenuItem
TrackPopupMenu
GetClassNameA
GetWindowTextA
mouse_event
MessageBeep
wsprintfA
GetForegroundWindow
GetParent
IsWindow
GetWindowDC
GetWindowRect
ReleaseDC
GetCursorPos
FindWindowA
ClipCursor
GetWindowLongA
WindowFromPoint
SetRect
SystemParametersInfoA
SetForegroundWindow
TrackPopupMenuEx
CreatePopupMenu
DestroyMenu
InsertMenuItemA
GetMenuItemCount
GetMenuItemInfoA
MessageBoxA
AttachThreadInput

gdi32

SetTextColor
SetTextAlign
TextOutA
SetBkColor
CombineRgn
GetPixel
CreateRectRgn
GetTextExtentPoint32A
SelectObject
GetStockObject
DeleteDC
DeleteObject
BitBlt
PatBlt
CreateCompatibleDC
GetObjectA

advapi32

RegQueryInfoKeyA
RegEnumValueA
ImpersonateLoggedOnUser
RevertToSelf
CreateProcessAsUserA
GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA

shell32

SHGetPathFromIDListA
SHGetFileInfoA
Shell_NotifyIconA
ShellExecuteA
SHGetSpecialFolderLocation
ShellExecuteExA

psapi

EnumProcessModules
EnumProcesses
GetModuleFileNameExA

winmm

PlaySoundA

shlwapi

PathFileExistsA

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��2K�
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c7647c915b91aa44e9dda3b85227eca4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

psapi

winmm

shlwapi

Sections

.text Size: 88KB - Virtual size: 85KB

.sdata Size: 4KB - Virtual size: 308B

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 28KB - Virtual size: 46KB

.rsrc Size: 36KB - Virtual size: 32KB

���2K� Size: 228KB - Virtual size: 228KB

.text
Size: 88KB - Virtual size: 85KB

.sdata
Size: 4KB - Virtual size: 308B

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 28KB - Virtual size: 46KB

.rsrc
Size: 36KB - Virtual size: 32KB

��2K�
Size: 228KB - Virtual size: 228KB