84d664816891793ccf5a8954d3ed388b667bc3c52ac636de3aacccbc90c49011

Sharing

Copy URL Twitter E-mail

General

Target

84d664816891793ccf5a8954d3ed388b667bc3c52ac636de3aacccbc90c49011
Size

340KB
MD5

6374aeda141c6fd22514098b71d8da10
SHA1

34c10b153febc1b8f046d30eda78065e0168b578
SHA256

84d664816891793ccf5a8954d3ed388b667bc3c52ac636de3aacccbc90c49011
SHA512

a270adb08ce7d1592d194c2c0cd25cf9faca51d8e4bdde012255041c985aa8f4996d7d29130dcfd14c13fb8d89cba1b7e509533ac8a6e9918b400ad1fe82e63c
SSDEEP

6144:kxbDm32QRajzwiPrrFvN9xcjaazqilYgekixmydou6ZCxt8wisq6V:kxbDmpajzPvN7lDGYLxmydopZTwG6

Score

N/A

Malware Config

Signatures

Files

84d664816891793ccf5a8954d3ed388b667bc3c52ac636de3aacccbc90c49011
.exe windows x86

3ebff57ca8676b88fc10ec13719376bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreW
OutputDebugStringW
CreateFileW
SetFileAttributesW
ConvertThreadToFiber
lstrcmpiA
VirtualQuery
_hread
GetFileAttributesA
OpenFileMappingA
LoadLibraryA
lstrlenA
SetThreadAffinityMask
RemoveDirectoryA
GetComputerNameW
WaitForSingleObject
ReadFileScatter
VirtualProtect
GetEnvironmentStringsW
FreeResource
WaitForMultipleObjects
SetLocalTime
GetBinaryTypeA
GetStartupInfoA
GetCurrentThreadId
SetStdHandle
DefineDosDeviceA
SearchPathA
FindCloseChangeNotification
GetStringTypeExA
SetThreadPriorityBoost
SetEvent
LoadResource
EnumTimeFormatsW
GetPrivateProfileIntW
CancelIo
GetACP
UnhandledExceptionFilter
CreateDirectoryExA
ReadProcessMemory
GetNamedPipeInfo
FormatMessageW
GetConsoleTitleW
GetTapeStatus
GlobalGetAtomNameW
LocalFileTimeToFileTime
GetSystemInfo
GetOverlappedResult
GetSystemTimeAsFileTime
SearchPathW
CreateDirectoryExW
GetProfileStringA
UnlockFile
TerminateProcess
GetDateFormatW
GetSystemDefaultLCID
SetConsoleTitleW
SetTimeZoneInformation
GetSystemTimeAdjustment
_lwrite
WaitCommEvent
SetNamedPipeHandleState
SetCommTimeouts
CreateEventW
SizeofResource
OpenMutexW
ConvertDefaultLocale
SetEndOfFile
SetConsoleCtrlHandler
GetSystemDirectoryA
lstrcmpW
GetConsoleCP
GetEnvironmentVariableW
GetShortPathNameW
ReadConsoleW
GetProfileStringW
OpenProcess
GetCommandLineA
GetVersionExA
lstrlenW
ExitProcess

user32

GetActiveWindow
GetLastActivePopup
ArrangeIconicWindows
TrackPopupMenuEx
GetSystemMetrics
TabbedTextOutW
GetCaretPos
OemToCharBuffA
OpenWindowStationA
GetClipboardOwner
InsertMenuA
SendInput
EnumClipboardFormats
TranslateMessage
ModifyMenuW
CreateDialogIndirectParamW
SetCaretPos
SetWindowsHookW
FillRect
DrawFocusRect
MessageBoxW
SendMessageCallbackW
GetDesktopWindow
DrawMenuBar
SetDlgItemTextW
PostMessageW
OpenIcon
DestroyIcon
SubtractRect
FrameRect
SystemParametersInfoW
wvsprintfW
SetDlgItemTextA
ScrollDC
GetWindowWord
WaitForInputIdle
GetDialogBaseUnits
GetProcessDefaultLayout
VkKeyScanW
DialogBoxIndirectParamW
GetWindowRect
CreateWindowExA
GetCursorPos
ExitWindowsEx

gdi32

GetEnhMetaFileDescriptionA
GetROP2
EnumFontsW
GetRgnBox
ModifyWorldTransform
CreateHalftonePalette
RealizePalette
EndPage
CreateBitmapIndirect
GetDIBits
GetDIBColorTable
CreateEnhMetaFileW
ExtTextOutW
SetTextColor
FillPath
CreatePenIndirect
SetSystemPaletteUse
SetRectRgn

comdlg32

GetSaveFileNameA

advapi32

GetNamedSecurityInfoA
ChangeServiceConfigW
OpenSCManagerW
RegEnumKeyW
RegLoadKeyW
IsValidSecurityDescriptor
RegRestoreKeyW
CryptDestroyHash
AllocateLocallyUniqueId
GetSidSubAuthorityCount
SetNamedSecurityInfoA
CryptGetKeyParam
RegCloseKey
RegisterEventSourceA
SetFileSecurityA
RegCreateKeyW
CreatePrivateObjectSecurity
ControlService
PrivilegeCheck
ReportEventA
InitializeSid
SetServiceObjectSecurity
RegCreateKeyExA
CryptExportKey
RegReplaceKeyW
RegQueryValueA
ObjectCloseAuditAlarmA
InitializeAcl
CryptImportKey
CopySid
SetServiceStatus
RegEnumKeyExW
GetNamedSecurityInfoW
LookupAccountNameA
OpenServiceA
EnumDependentServicesW
RegEnumValueW
GetCurrentHwProfileW
ImpersonateSelf
InitializeSecurityDescriptor
SetPrivateObjectSecurity
RegCreateKeyA

ole32

OleCreateStaticFromData
CoRegisterClassObject
OleQueryLinkFromData
CoLockObjectExternal
RegisterDragDrop

oleaut32

SysFreeString
DispGetIDsOfNames
CreateErrorInfo
QueryPathOfRegTypeLi
SafeArrayGetUBound

shlwapi

PathFindOnPathW
PathIsSameRootW
StrChrIW
PathRemoveBackslashW
SHDeleteKeyW
PathRemoveFileSpecA
PathCombineW
PathRelativePathToW
StrRChrA
PathRenameExtensionW
PathIsUNCA
PathSkipRootW
SHCreateStreamOnFileW
SHRegGetUSValueW
SHGetValueW
PathIsUNCW
UrlCreateFromPathW
AssocQueryStringW

setupapi

SetupGetStringFieldA
SetupDiGetDeviceInstanceIdW

Sections

.text
Size: 292KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3ebff57ca8676b88fc10ec13719376bc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 292KB - Virtual size: 288KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 36KB - Virtual size: 32KB

.text
Size: 292KB - Virtual size: 288KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 36KB - Virtual size: 32KB