68724727ef4467157dcd8fa2ea09c9600168685065088938ebb248ae06f6f8d1

Sharing

Copy URL Twitter E-mail

General

Target

68724727ef4467157dcd8fa2ea09c9600168685065088938ebb248ae06f6f8d1
Size

812KB
MD5

4d4891ff32c1c85be68a407bbb239f30
SHA1

edb9d2c3b8b09b04f006ad3decae4f2e7cd2955e
SHA256

68724727ef4467157dcd8fa2ea09c9600168685065088938ebb248ae06f6f8d1
SHA512

50da9cb548d788613034e121f22cc393c10a7176a76ed88469a4195130a685db2a3e96ccfe07bb8299078907974ce2e8530f61edb8d64e50fa6da58f1d5d50ec
SSDEEP

24576:7ipj3d+RXmb/HRAEhWnV3eOEUi/39boujpN:epp2deOVitcO

Score

N/A

Malware Config

Signatures

Files

68724727ef4467157dcd8fa2ea09c9600168685065088938ebb248ae06f6f8d1
.exe windows x86

f271f13b34d4fda919418c52d4496b25

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetTempFileNameW
GetTempPathW
Process32NextW
CreateToolhelp32Snapshot
GetPrivateProfileIntW
SetUnhandledExceptionFilter
GetTickCount
ReadFile
SetFilePointer
GetFileType
WritePrivateProfileStringW
WriteFile
Process32FirstW
GetPrivateProfileStringW
GetFileSize
Sleep
MoveFileW
MoveFileExW
CreateThread
WaitForSingleObject
DeviceIoControl
SetEndOfFile
GetFileSizeEx
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
LCMapStringA
GetFullPathNameA
GetCurrentDirectoryA
PeekNamedPipe
WideCharToMultiByte
GetFullPathNameW
EnterCriticalSection
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
FlushInstructionCache
QueryPerformanceCounter
HeapCreate
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
FindFirstFileA
GetDriveTypeA
ExitThread
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitProcess
RtlUnwind
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
lstrcmpiA
lstrcmpA
SleepEx
GetVersionExA
ExpandEnvironmentStringsA
FormatMessageA
GetSystemDirectoryW
GetSystemDirectoryA
GetModuleHandleA
SetEvent
TlsFree
DeleteAtom
FindAtomW
TlsAlloc
AddAtomW
OpenThread
GetAtomNameW
TlsSetValue
TlsGetValue
SetFilePointerEx
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
CreateFileA
GetSystemTime
LocalFree
FormatMessageW
OutputDebugStringW
HeapSize
CreateFileW
GetCommandLineW
GetLocalTime
GetVersionExW
DeleteFileA
GlobalAlloc
GlobalReAlloc
GlobalFree
GetVersion
SetErrorMode
RemoveDirectoryW
GetModuleFileNameW
MultiByteToWideChar
SetLastError
ReleaseMutex
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
lstrlenW
GetCurrentThreadId
FreeResource
GetFileAttributesW
LoadLibraryExW
GetFileInformationByHandle
GetCurrentProcess
RaiseException
InterlockedExchange
GetModuleHandleW
CreateMutexW
FreeLibrary
GetLastError
OpenProcess
TerminateProcess
CloseHandle
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetCPInfo
FindResourceExW
GetCurrentProcessId
LoadLibraryW
GetProcAddress
LCMapStringW

user32

LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
LoadImageW
CharNextW
ReleaseDC
GetDC
GetClassInfoExW
SetWindowLongW
DestroyWindow
RegisterClassExW
MessageBoxW
FindWindowW
IsHungAppWindow
GetWindowThreadProcessId
ShowWindow
SetForegroundWindow
PostMessageW
UnregisterClassA
EnableScrollBar
EnableWindow
IsWindowEnabled
MoveWindow
GetWindowTextLengthW
GetWindowTextW
GetSystemMenu
DeleteMenu
TrackPopupMenu
MonitorFromPoint
AppendMenuW
DestroyMenu
CreatePopupMenu
SendMessageTimeoutW
DestroyIcon
wsprintfW
SetFocus
IsWindowVisible
TrackMouseEvent
GetDlgCtrlID
SetWindowRgn
SetCursor
EndDialog
GetClassLongW
SetTimer
EndPaint
BeginPaint
KillTimer
GetCursorPos
ScreenToClient
OffsetRect
InvalidateRect
UpdateWindow
ReleaseCapture
GetCapture
SetCapture
CallWindowProcW
GetDlgItem
IntersectRect
PtInRect
PostQuitMessage
DialogBoxIndirectParamW
DrawTextW
SetRect
FillRect
FrameRect
DrawIconEx
WindowFromPoint
GetAsyncKeyState
SystemParametersInfoW
GetParent
GetWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
IsWindow
IsChild
RedrawWindow
GetClientRect
SetWindowPos
SetWindowTextW
GetWindowLongW
SendMessageW
DefWindowProcW
LockSetForegroundWindow
CreateWindowExW
GetActiveWindow

gdi32

CreateRoundRectRgn
CombineRgn
CreateRectRgn
IntersectClipRect
SetViewportOrgEx
OffsetViewportOrgEx
ExcludeClipRect
GetClipBox
SetBkMode
GetTextColor
SetTextColor
GetTextExtentPoint32W
GetStockObject
DeleteDC
CreateFontIndirectW
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
BitBlt
SetStretchBltMode
StretchBlt
DeleteObject
GetObjectW
TextOutW

advapi32

RegDeleteKeyW
RegEnumKeyExA
OpenProcessToken
GetTokenInformation
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
ShellExecuteExW
ExtractIconExW
ShellExecuteW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CLSIDFromProgID
CoCreateInstance

oleaut32

SysAllocStringByteLen
SysStringByteLen
VariantClear
VariantInit
SysStringLen
VarUI4FromStr
SysFreeString
SysAllocString

shlwapi

StrStrIW
PathRemoveFileSpecW
SHGetValueW
PathCombineW
PathFindFileNameW
PathIsRelativeW
SHGetValueA
SHSetValueA
wvnsprintfW
PathFileExistsW
PathAppendW

comctl32

ImageList_Destroy
ImageList_Create
InitCommonControlsEx

msimg32

AlphaBlend

psapi

GetModuleFileNameExW
EnumProcessModules

version

VerQueryValueW
GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoW

ws2_32

inet_addr
sendto
closesocket
recvfrom
gethostbyname
connect
ioctlsocket
setsockopt
htonl
htons
bind
WSAStartup
getpeername
freeaddrinfo
getsockopt
ntohs
WSASetLastError
__WSAFDIsSet
select
socket
getaddrinfo
getsockname
send
WSACleanup
WSAGetLastError
recv

netapi32

Netbios

Sections

.text
Size: 526KB - Virtual size: 526KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f271f13b34d4fda919418c52d4496b25

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

psapi

version

ws2_32

netapi32

Sections

.text Size: 526KB - Virtual size: 526KB

.rdata Size: 71KB - Virtual size: 71KB

.data Size: 20KB - Virtual size: 36KB

.rsrc Size: 91KB - Virtual size: 91KB

.reloc Size: 94KB - Virtual size: 96KB

.text
Size: 526KB - Virtual size: 526KB

.rdata
Size: 71KB - Virtual size: 71KB

.data
Size: 20KB - Virtual size: 36KB

.rsrc
Size: 91KB - Virtual size: 91KB

.reloc
Size: 94KB - Virtual size: 96KB