1eb58f563f50ebf8a9b4b2574d194be44c58fa552bd1e76bb2bceb2b51d9ebc7

Sharing

Copy URL Twitter E-mail

General

Target

1eb58f563f50ebf8a9b4b2574d194be44c58fa552bd1e76bb2bceb2b51d9ebc7
Size

690KB
MD5

02c73dc3574f4f7e03af9e8109548dc0
SHA1

834eaab4e555fe2229b4d52a9ebb883e05477985
SHA256

1eb58f563f50ebf8a9b4b2574d194be44c58fa552bd1e76bb2bceb2b51d9ebc7
SHA512

a1bb0a5736a73d435cb24026dff8061591ac1b3229163d24186b9684a3268bdff4b8583c25a5a743fb3b96dd39fc58e73a2a62b834db3448285456f730689074
SSDEEP

12288:yU2SzKgSl8E4izmQ6UpebWNZeEjoHILcCZ7uk2hvb:F2SzKgS94bQ6Upeb4IEVQCZ7HSvb

Score

N/A

Malware Config

Signatures

Files

1eb58f563f50ebf8a9b4b2574d194be44c58fa552bd1e76bb2bceb2b51d9ebc7
.exe windows x86

aab1ef5c268cac5e8ff1ee983a966c02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexW
WaitForSingleObject
ReleaseMutex
CloseHandle
FindFirstFileW
FindClose
FindNextFileW
GetLongPathNameW
CreateFileW
MoveFileW
GetTempPathW
GetFullPathNameW
GetWindowsDirectoryW
GetTempFileNameW
MoveFileExW
SetFileAttributesW
SetEndOfFile
WriteFile
GetFileSize
ReadFile
SetFilePointer
GetVersionExW
GetCurrentProcessId
CreateToolhelp32Snapshot
ExpandEnvironmentStringsW
OpenProcess
Process32NextW
TerminateProcess
Process32FirstW
Sleep
GlobalFree
LocalFree
LoadLibraryA
GetTickCount
GetComputerNameW
DeviceIoControl
CreateProcessW
FindResourceW
LoadResource
SizeofResource
lstrcmpiW
LoadLibraryExW
GetFileSizeEx
GetUserDefaultLangID
FormatMessageW
InterlockedExchangeAdd
SetEvent
CreateEventW
MulDiv
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapSize
HeapCreate
HeapDestroy
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
RtlUnwind
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
HeapReAlloc
IsDebuggerPresent
LoadLibraryW
CreateDirectoryW
RemoveDirectoryW
GetProcAddress
GetFileAttributesW
FreeLibrary
DeleteFileW
WideCharToMultiByte
MultiByteToWideChar
GetACP
DeleteCriticalSection
GetLastError
EnterCriticalSection
GlobalLock
RaiseException
InitializeCriticalSection
lstrcmpW
GetModuleHandleW
FlushInstructionCache
GetModuleFileNameW
lstrlenW
GetCurrentProcess
GlobalAlloc
GetCurrentThreadId
InterlockedIncrement
SetLastError
InterlockedDecrement
GlobalUnlock
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
InterlockedExchange
LeaveCriticalSection
lstrlenA

user32

UnregisterClassA
IsChild
DestroyWindow
CharNextW
ReleaseCapture
RemovePropW
GetDesktopWindow
EndPaint
GetParent
SetFocus
SetWindowTextW
GetClassInfoExW
ReleaseDC
GetClassNameW
CreateAcceleratorTableW
GetDlgItem
GetWindowTextW
SendMessageW
MoveWindow
InvalidateRect
RegisterWindowMessageW
GetClientRect
BeginPaint
LoadCursorW
DefWindowProcW
DestroyAcceleratorTable
CallWindowProcW
SetTimer
KillTimer
SetPropW
GetPropW
GetWindowTextLengthW
GetFocus
GetDC
ScreenToClient
PostMessageW
IsWindowVisible
PostQuitMessage
PtInRect
GetMonitorInfoW
SystemParametersInfoW
WindowFromPoint
MonitorFromWindow
GetWindowRect
GetSystemMetrics
SetWindowLongW
ShowWindow
CloseDesktop
CreateDesktopW
IsWindowEnabled
SendDlgItemMessageW
EnumDesktopWindows
EnumWindows
GetWindowThreadProcessId
DispatchMessageW
PeekMessageW
GetMessageW
TranslateMessage
RedrawWindow
GetWindow
RegisterClassExW
SetCapture
GetWindowLongW
IsWindow
GetSysColor
FillRect
ClientToScreen
SetWindowPos
InvalidateRgn
FindWindowExW
CreateWindowExW

gdi32

SelectObject
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
GetObjectW
GetDeviceCaps
DeleteObject
CreateSolidBrush
GetStockObject
DeleteDC

advapi32

RegOpenKeyExW
RegEnumKeyW
RegQueryInfoKeyW
GetUserNameW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
GetTokenInformation
ConvertSidToStringSidW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW

shell32

SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFileInfoW
SHChangeNotify
SHGetPathFromIDListW

ole32

CoGetClassObject
CoCreateInstance
OleInitialize
CLSIDFromString
OleLockRunning
StringFromGUID2
CoInitialize
CoTaskMemRealloc
CoUninitialize
CoInitializeSecurity
CoTaskMemFree
OleUninitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CLSIDFromProgID

oleaut32

SysStringByteLen
VarUI4FromStr
OleCreateFontIndirect
VariantInit
SysAllocString
SysFreeString
SysAllocStringLen
VariantClear
SysStringLen
LoadRegTypeLi
LoadTypeLi

comctl32

InitCommonControlsEx

gdiplus

GdiplusStartup
GdiplusShutdown

wininet

HttpQueryInfoW
InternetOpenW
InternetSetOptionW
HttpSendRequestExW
HttpEndRequestW
InternetConnectW
HttpOpenRequestW
InternetWriteFile
InternetOpenUrlW
InternetReadFile
InternetCloseHandle
InternetCrackUrlW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Sections

.text
Size: 493KB - Virtual size: 493KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aab1ef5c268cac5e8ff1ee983a966c02

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

wininet

version

Sections

.text Size: 493KB - Virtual size: 493KB

.rdata Size: 91KB - Virtual size: 91KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 85KB - Virtual size: 88KB

.text
Size: 493KB - Virtual size: 493KB

.rdata
Size: 91KB - Virtual size: 91KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 85KB - Virtual size: 88KB