ad8fb7dda67c5762d971cce9a6c7874f3742a798e3c2df06b4fdf236dff5566c

Sharing

Copy URL Twitter E-mail

General

Target

ad8fb7dda67c5762d971cce9a6c7874f3742a798e3c2df06b4fdf236dff5566c
Size

467KB
MD5

078935c00387091a71b4fcd34dbadb80
SHA1

bcb6efd66abb3edc848e1fa31da3905071bca0f1
SHA256

ad8fb7dda67c5762d971cce9a6c7874f3742a798e3c2df06b4fdf236dff5566c
SHA512

c56b21ffb796c932fd6909480f80e75f27d7a71c81147e5f5b00e483c2d297e733eb5b7a21a0ecd15635f1a5a674104bd510c0b597a8d42e93c804ac310ed3c7
SSDEEP

12288:Mo6uRgxGQ3fT/vWUbuwKYBkkVq3tW6rAyggRxbF/:R6igVbvnubWrqwyAygyNF/

Score

N/A

Malware Config

Signatures

Files

ad8fb7dda67c5762d971cce9a6c7874f3742a798e3c2df06b4fdf236dff5566c
.exe windows x86

294bf0f1a5fc8d2ae5ea01096115a09e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
FindResourceW
lstrlenW
WaitForSingleObject
CreateThread
SizeofResource
LockResource
LoadResource
FindResourceExW
DeleteCriticalSection
lstrcmpiW
InitializeCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
RaiseException
GetCurrentThreadId
LoadLibraryExW
MoveFileW
Sleep
CreateFileW
ReadFile
CloseHandle
WideCharToMultiByte
GetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
CreateFileMappingW
GetFileSize
SetFilePointer
GetFileInformationByHandle
MapViewOfFile
UnmapViewOfFile
SystemTimeToFileTime
GetTickCount
WriteFile
GetLocalTime
lstrcpyW
GetPrivateProfileStringW
LoadLibraryW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalMemoryStatusEx
GetCurrentProcessId
OpenProcess
GetVersionExW
WritePrivateProfileStringW
DeleteFileW
SetEndOfFile
lstrlenA
OutputDebugStringW
GetSystemDirectoryW
GetCommandLineW
GetFileSizeEx
SleepEx
ExpandEnvironmentStringsA
FormatMessageA
GetThreadLocale
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
SetStdHandle
LoadLibraryA
InterlockedExchange
GetModuleFileNameW
MultiByteToWideChar
SetLastError
GetLastError
FileTimeToSystemTime
FileTimeToLocalFileTime
GetWindowsDirectoryA
GetModuleHandleW
GetProcAddress
GetUserDefaultLangID
GetPrivateProfileIntW
TlsGetValue
GetModuleHandleA
IsValidCodePage
GetOEMCP
GetACP
GetLocaleInfoA
GetCPInfo
GetTimeZoneInformation
ExitThread
FindFirstFileA
GetDriveTypeA
GetStartupInfoW
GetProcessHeap
GetVersionExA
GetSystemTimeAsFileTime
HeapReAlloc
HeapFree
GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetConsoleMode
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetConsoleCP
RtlUnwind
GetCurrentDirectoryA
GetFullPathNameA
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
HeapSize
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
TlsFree
TlsSetValue
HeapAlloc
TerminateProcess
TlsAlloc

user32

UnregisterClassA
CharLowerBuffA
wsprintfW
GetDesktopWindow
CharNextW
DestroyWindow
wvsprintfW
CharUpperBuffW

advapi32

RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegCloseKey

shell32

SHGetFolderPathW
CommandLineToArgvW

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VarUI4FromStr

shlwapi

PathAppendA
PathFindExtensionW
PathRemoveFileSpecW
PathRemoveExtensionW
PathAppendW
PathFileExistsW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

psapi

GetProcessMemoryInfo
EnumProcesses
GetModuleFileNameExW

dbghelp

StackWalk64
MiniDumpReadDumpStream

ws2_32

getsockname
send
recv
getpeername
closesocket
ntohs
WSACleanup
setsockopt
connect
socket
bind
htons
WSAStartup
getsockopt
WSASetLastError
freeaddrinfo
getaddrinfo
accept
listen
__WSAFDIsSet
select
ioctlsocket
WSAGetLastError

Sections

.text
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

294bf0f1a5fc8d2ae5ea01096115a09e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

version

psapi

dbghelp

ws2_32

Sections

.text Size: 308KB - Virtual size: 307KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 84KB - Virtual size: 84KB

.text
Size: 308KB - Virtual size: 307KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 84KB - Virtual size: 84KB