e327ba4c7e34345f4bf6b982eb64bb0aff0e4d7687d6a4bb45b7685d0fbcfd25

Sharing

Copy URL

Twitter E-mail

General

Target

e327ba4c7e34345f4bf6b982eb64bb0aff0e4d7687d6a4bb45b7685d0fbcfd25
Size

269KB
MD5

0328f95cacc0c165b06350a9cfd579f0
SHA1

7b3b9fc7abe7cbeeff233388113b5597c1bf0fe3
SHA256

e327ba4c7e34345f4bf6b982eb64bb0aff0e4d7687d6a4bb45b7685d0fbcfd25
SHA512

42954f7e6c22e6c080833ec4cefa985bcdc2f1c7dfa8ea1ea37b9f15bd0b320fa12f4a70d33db1cc7c2dfc6e209f6e2ac440cc29a5f45610a9e94d60c179cdc5
SSDEEP

6144:A6vtUEOEo8tpiXjvk5MCBBZNU2vzmJ1lsUyRm4v:flUEOEoCpFnBlrKGRmq

Score

N/A

Malware Config

Signatures

Files

e327ba4c7e34345f4bf6b982eb64bb0aff0e4d7687d6a4bb45b7685d0fbcfd25
.exe windows x86

91bf6efd6787f266525b079318b56855

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GlobalAlloc
LockResource
WriteFile
CreateDirectoryW
SetFileAttributesW
FindNextFileW
SetFilePointer
GetFileSize
lstrcpyW
GetTickCount
SetEvent
CreateEventW
CreateThread
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
CreateMutexW
GetLastError
WaitForSingleObject
MoveFileExW
CopyFileW
GetExitCodeProcess
GetLongPathNameW
GetModuleHandleW
GetModuleFileNameW
lstrcmpiA
lstrcmpA
CreateFileW
OutputDebugStringW
DebugBreak
lstrlenA
GetVersionExW
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeviceIoControl
InterlockedDecrement
WaitForMultipleObjects
VirtualAlloc
VirtualFree
GetStartupInfoW
ReadFile
SetFileTime
GetDiskFreeSpaceExW
SetEndOfFile
CreateWaitableTimerW
SetWaitableTimer
ResetEvent
CancelWaitableTimer
IsBadReadPtr
IsBadWritePtr
TlsSetValue
LocalAlloc
LocalFree
GetTempFileNameW
GetSystemTime
SystemTimeToFileTime
FindResourceW
LoadResource
SizeofResource
WritePrivateProfileStringW
OpenProcess
TerminateProcess
MoveFileW
RemoveDirectoryW
FindFirstFileW
FindClose
GetPrivateProfileIntW
DeleteFileW
InterlockedIncrement
CompareStringW
GetTempPathW
lstrcmpiW
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
LoadLibraryW
GetProcAddress
Sleep
CreateProcessW
CloseHandle
FreeLibrary

user32

CreateDialogParamW
LoadStringW
GetWindowDC
GetSystemMenu
EnableMenuItem
SetWindowTextW
GetWindow
MapWindowPoints
GetFocus
ReleaseDC
GetClassNameW
GetWindowTextLengthW
GetDlgCtrlID
SystemParametersInfoW
GetMenu
AdjustWindowRectEx
ScreenToClient
ReleaseCapture
GetParent
SetFocus
SetCapture
IsWindow
wsprintfW
LoadCursorW
GetClassInfoExW
GetDesktopWindow
GetCursorPos
ShowCursor
CopyRect
SendDlgItemMessageW
GetDlgItem
RedrawWindow
IsDialogMessageW
GetDC
SetTimer
GetCapture
ClientToScreen
PtInRect
ShowWindow
OffsetRect
IsWindowEnabled
GetSysColor
FillRect
DrawEdge
GetSystemMetrics
SetWindowLongW
wvsprintfW
CharNextW
DefWindowProcW
SetForegroundWindow
PostMessageW
FindWindowW
InflateRect
DrawFocusRect
GetWindowLongW
CallWindowProcW
CreateWindowExW
EndPaint
DrawTextW
GetWindowTextW
GetClientRect
SendMessageW
BeginPaint
SetCursor
InvalidateRect
KillTimer
BringWindowToTop
MessageBoxW
RegisterClassExW
PostQuitMessage
GetWindowRect
SetWindowPos
DestroyWindow
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
SetRectEmpty
UpdateWindow
IsIconic

gdi32

CreateDIBPatternBrushPt
CreateFontW
ExtCreatePen
Rectangle
CreateFontIndirectW
GetStockObject
GetObjectW
CreateDIBSection
GetCurrentObject
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
DeleteDC
SetBkMode
SelectObject
SetTextColor
CreateSolidBrush
GetBitmapBits

advapi32

OpenSCManagerW
OpenServiceW
CloseServiceHandle
ControlService
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegCloseKey

ole32

CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString

comctl32

InitCommonControlsEx
ImageList_Draw
ImageList_GetIconSize
ImageList_Destroy
_TrackMouseEvent
ImageList_Add
ImageList_Create

msimg32

AlphaBlend

gdiplus

GdipCreateBitmapFromStreamICM
GdiplusStartup
GdiplusShutdown
GdipCreateHBITMAPFromBitmap
GdipAlloc
GdipDeleteGraphics
GdipDrawImageRectI
GdipCreateFromHDC
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipFree
GdipDisposeImage
GdipCreateBitmapFromStream
GdipCloneImage

psapi

EnumProcessModules
EnumProcesses
GetModuleFileNameExW

shlwapi

PathMatchSpecW
PathIsRootW
StrStrIW
PathGetDriveNumberW
SHDeleteKeyW
StrCmpIW
PathCombineW
PathFileExistsW
PathAppendW
PathIsDirectoryW
SHGetValueW
SHGetValueA
SHDeleteValueW
SHSetValueW
PathRemoveFileSpecW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shell32

ShellExecuteW
SHGetSpecialFolderPathW
SHGetFolderPathW
ShellExecuteExW
SHChangeNotify

msvcp60

??0runtime_error@std@@QAE@ABV01@@Z
??1runtime_error@std@@UAE@XZ
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_F?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

msvcrt

__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
sprintf
strcat
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
??1type_info@@UAE@XZ
sscanf
??0exception@@QAE@ABV0@@Z
_purecall
_CxxThrowException
wcslen
_wcsicmp
memset
memcpy
strlen
_wtoi
wcschr
fclose
fread
malloc
ftell
fseek
_wfopen
free
??2@YAPAXI@Z
isprint
isspace
tolower
_vsnwprintf
iswdigit
strncpy
__CxxFrameHandler
_EH_prolog
_vsnprintf
_except_handler3
_strlwr
strncat
_snwprintf
wcsncpy
wcsstr
wcscmp
realloc
memmove
_ftol
wcsncat
wcsrchr
strcmp
wcscpy
fwrite
_wcsnicmp
wcscat
_beginthreadex
_wtol
_ui64tow
time
_wtoi64
memcmp
_snprintf
strcpy
?terminate@@YAXXZ

netapi32

Netbios

setupapi

SetupIterateCabinetW

wininet

InternetConnectW
InternetSetOptionA
InternetSetStatusCallbackW
InternetReadFileExA
HttpSendRequestExW
HttpEndRequestW
FtpOpenFileW
InternetWriteFile
InternetGetLastResponseInfoW
FtpCommandW
HttpQueryInfoW
FtpGetFileSize
InternetReadFile
InternetCloseHandle
InternetOpenW
CommitUrlCacheEntryW
CreateUrlCacheEntryW
GetUrlCacheEntryInfoW
InternetCrackUrlW
InternetQueryOptionW
InternetSetOptionW
HttpOpenRequestW

wintrust

WinVerifyTrust
CryptCATAdminAcquireContext
CryptCATAdminEnumCatalogFromHash
CryptCATAdminReleaseCatalogContext
CryptCATAdminReleaseContext
CryptCATAdminCalcHashFromFileHandle

urlmon

ObtainUserAgentString

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

91bf6efd6787f266525b079318b56855

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

msimg32

gdiplus

psapi

shlwapi

version

shell32

msvcp60

msvcrt

netapi32

setupapi

wininet

wintrust

urlmon

Sections

.text Size: 109KB - Virtual size: 108KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 144KB - Virtual size: 144KB

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 144KB - Virtual size: 144KB