61411a46765a394a1ac20e32a1d2bfa85adbd89aad95b8f0087e6d552286203b

Sharing

Copy URL Twitter E-mail

General

Target

61411a46765a394a1ac20e32a1d2bfa85adbd89aad95b8f0087e6d552286203b
Size

576KB
MD5

5af6a5a734ea7e9bc87f2f48b435b06b
SHA1

ea30a7b3952a1b2c4a2f7dcc7618ad68ad9b6e24
SHA256

61411a46765a394a1ac20e32a1d2bfa85adbd89aad95b8f0087e6d552286203b
SHA512

985328e23147b60d84734a7d8e4e6d1e5d1a5b3d0c3f6b3eac2e416aa57d4a326f84f58f445f30fb88d4a62da01aca8b01305c7360e90a949e28b3719049c6af
SSDEEP

12288:JP+jFoKEpnEenE9Odv/fnCO1hzFFsaIuBT7Z/OizhF6MzMm4erZmTg:9+jFBYEenEKXC4hxCch7IileegT

Score

N/A

Malware Config

Signatures

Files

61411a46765a394a1ac20e32a1d2bfa85adbd89aad95b8f0087e6d552286203b
.exe windows x86

f2d35f81329dcc7dd88bb85ea468f3c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateStatusWindowA
ImageList_LoadImage
DrawStatusTextW
ImageList_LoadImageA
ImageList_Write
CreateStatusWindowW
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetIconSize
_TrackMouseEvent
InitCommonControlsEx
ImageList_DrawIndirect
ImageList_Read
ImageList_AddIcon
ImageList_GetDragImage
InitMUILanguage
ImageList_Merge
ImageList_Draw
ImageList_GetIcon
ImageList_EndDrag
CreateUpDownControl
ImageList_Add
ImageList_Create
DrawInsert

user32

DefWindowProcW
WinHelpW
OemKeyScan
SendNotifyMessageW
DlgDirListW
ValidateRgn
CreateWindowExW
ReplyMessage
RegisterClassA
GetUserObjectSecurity
ToAscii
ShowWindow
GetDoubleClickTime
SetRect
DdeQueryConvInfo
ActivateKeyboardLayout
LoadMenuW
RegisterClassExA
MonitorFromWindow
WINNLSGetIMEHotkey
IsChild
SetMessageQueue
DestroyWindow
MessageBoxA
InsertMenuItemA
BroadcastSystemMessage
GetMenuItemID

advapi32

InitializeSecurityDescriptor
RegSetValueExW
CryptExportKey
CryptEnumProviderTypesW
StartServiceA
RegNotifyChangeKeyValue
CryptGenRandom
CryptEncrypt
RegCreateKeyW
RegReplaceKeyW
CryptAcquireContextW
CryptGetProvParam
CryptImportKey
CryptGetDefaultProviderA
LookupPrivilegeDisplayNameW
RegEnumValueW
RegCreateKeyExA
DuplicateTokenEx
CryptSetProviderExA
CryptSignHashA
LookupAccountSidA
RegQueryMultipleValuesA

gdi32

GetLayout
UpdateColors
GetDeviceCaps
SetPixelFormat
StartDocA
CreateMetaFileW
SetRectRgn
SelectObject
CreateDCW
SetColorSpace
CreateHalftonePalette
LineDDA
GetObjectW
DeleteDC
GetTextExtentPoint32W
CreateRoundRectRgn

kernel32

ExitProcess
GlobalGetAtomNameA
GetLogicalDrives
GetEnvironmentVariableA
SetFilePointer
GetCommandLineW
CloseHandle
GetPriorityClass
IsValidLocale
VirtualFree
TlsAlloc
GetVersionExA
LoadModule
GetNamedPipeHandleStateW
CompareStringW
WriteConsoleW
IsBadWritePtr
GetProfileIntW
SetPriorityClass
ReadFile
CreateMutexA
FlushFileBuffers
VirtualProtect
AddAtomA
ReadFileEx
GetLocalTime
GetLogicalDriveStringsA
GetCalendarInfoA
GetProcessHeaps
InterlockedExchangeAdd
HeapReAlloc
LocalAlloc
SetCurrentDirectoryW
VirtualAlloc
GetVersionExW
GetTimeZoneInformation
InitializeCriticalSection
HeapFree
GetModuleHandleA
GetStartupInfoW
WaitForMultipleObjectsEx
EnumResourceNamesW
FreeEnvironmentStringsW
HeapSize
GlobalFlags
QueryPerformanceCounter
SetConsoleCP
GetModuleFileNameW
WriteProfileSectionW
FileTimeToDosDateTime
GetCurrencyFormatA
lstrcmpA
SetThreadContext
GetLastError
GetSystemTimeAdjustment
GetModuleFileNameA
GetTempFileNameA
WaitNamedPipeA
MoveFileExW
WideCharToMultiByte
GetCurrentThreadId
GetCurrentThread
GetPrivateProfileStructW
HeapDestroy
GetStdHandle
WriteFile
GetConsoleScreenBufferInfo
GetFullPathNameA
RtlUnwind
FreeEnvironmentStringsA
GetPrivateProfileStringW
LCMapStringA
GetStartupInfoA
CreateWaitableTimerW
TlsGetValue
FindResourceExA
SetStdHandle
GetOEMCP
DeleteCriticalSection
lstrcatA
GetTimeFormatW
WritePrivateProfileStructW
GetLongPathNameA
SetEnvironmentVariableA
FoldStringW
GetProfileSectionW
GetCommandLineA
CopyFileA
TlsSetValue
lstrcat
GetCPInfo
HeapAlloc
GetCurrentProcess
CreateNamedPipeW
GetCurrentProcessId
MultiByteToWideChar
GetProcAddress
OpenMutexA
SetHandleCount
LeaveCriticalSection
GetEnvironmentStrings
GetSystemTimeAsFileTime
VirtualUnlock
GetConsoleMode
SetVolumeLabelW
FindFirstFileW
GetFileAttributesA
GetTickCount
CompareStringA
GetTimeFormatA
GetExitCodeProcess
EnterCriticalSection
GetConsoleTitleW
CreateSemaphoreW
lstrcpynW
GlobalLock
GetUserDefaultLCID
FoldStringA
UnhandledExceptionFilter
GetStringTypeW
GetSystemInfo
TlsFree
CreateEventW
GetProcAddress
GetStringTypeA
VirtualQuery
InterlockedCompareExchange
GetEnvironmentVariableW
GetEnvironmentStringsW
GetFileType
LCMapStringW
SetLastError
GetLocaleInfoW
GetDateFormatA
InterlockedIncrement
EnumSystemLocalesA
GetLocaleInfoA
GetACP
FindNextFileA
IsValidCodePage
HeapCreate
EnumDateFormatsA
TerminateProcess
IsDebuggerPresent
RemoveDirectoryW
LoadLibraryA
SetLocalTime
InterlockedExchange
WriteConsoleOutputCharacterA

wininet

DeleteUrlCacheEntryW

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2d35f81329dcc7dd88bb85ea468f3c6

Headers

File Characteristics

Imports

comctl32

user32

advapi32

gdi32

kernel32

wininet

Sections

.text Size: 180KB - Virtual size: 178KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 108KB - Virtual size: 119KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 180KB - Virtual size: 178KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 108KB - Virtual size: 119KB

.rsrc
Size: 24KB - Virtual size: 20KB