94e7f5c16feadf7b57a7b7c0299987b7bdc303f0467427ce81a04c89df0d21c4

Sharing

Copy URL

Twitter E-mail

General

Target

94e7f5c16feadf7b57a7b7c0299987b7bdc303f0467427ce81a04c89df0d21c4
Size

694KB
MD5

302c29402cdd45e8e2ce1218b8bc84a0
SHA1

823814c55a5cb06ef127cdd76a422580d9ba8195
SHA256

94e7f5c16feadf7b57a7b7c0299987b7bdc303f0467427ce81a04c89df0d21c4
SHA512

d038a6d5beacbff8bf373930f5389f40cd5ef10bb20cc9f87de24465a52e46906d86ff70c9a9258e0bb0cce99f0640d695f76e7e93ba4adaf0b0e7fa69afeed6
SSDEEP

12288:3GkHAO3uMPdIC1iHdc7N8MkB+A94qbW6MXPHhLJUY:3DAKDKXHweBB+oHHM/5

Score

N/A

Malware Config

Signatures

Files

94e7f5c16feadf7b57a7b7c0299987b7bdc303f0467427ce81a04c89df0d21c4
.exe windows x86

68b87aafbb84b0352a5e2de8fa28ef96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringW
GetFileAttributesExW
CloseHandle
CreateFileW
ReadFile
GetFileSize
MapViewOfFileEx
CreateFileMappingW
UnmapViewOfFile
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrlenA
WideCharToMultiByte
GetTickCount
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
WriteFile
WritePrivateProfileStringW
VirtualQueryEx
GetProcAddress
LoadLibraryW
CopyFileW
OpenProcess
SetEvent
OpenEventW
VirtualQuery
CompareStringW
CreateProcessW
GetPrivateProfileIntW
GetCommandLineW
LoadLibraryA
GetVersionExW
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
FileTimeToDosDateTime
GetFileTime
SetFilePointer
GetFileInformationByHandle
GetFileAttributesW
GetFileType
MapViewOfFile
DuplicateHandle
SystemTimeToFileTime
GetLocalTime
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetEnvironmentVariableW
LoadLibraryExW
CompareStringA
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetCPInfo
HeapCreate
Sleep
GetModuleFileNameA
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
ExitProcess
GetModuleHandleA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetVersionExA
GetProcessHeap
HeapSize
MultiByteToWideChar
FreeLibrary
SetLastError
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetLastError
lstrlenW
GetCurrentThreadId
GetModuleHandleW
GetCurrentProcess
FlushInstructionCache
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
RaiseException
GetModuleFileNameW
SetEnvironmentVariableA

user32

SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoW
GetWindowRect
GetParent
SetWindowLongW
ShowWindow
DispatchMessageW
TranslateMessage
GetMessageW
GetWindowLongW
CharNextW
DestroyWindow
CreateDialogParamW
PostQuitMessage
DefWindowProcW
SendMessageW
GetDlgItem
IsWindow
DialogBoxParamW
GetActiveWindow
SetWindowTextW
GetWindowTextLengthW
GetDesktopWindow
CreateWindowExW
GetWindowTextW
MoveWindow
CheckDlgButton
IsDlgButtonChecked
SetDlgItemTextW
PeekMessageW
EndDialog
IsDialogMessageW
EndPaint
UnregisterClassA
GetWindow
EnableWindow
LoadIconW
GetSysColor
GetFocus
GetCapture
ReleaseCapture
GetCursorPos
SetCursor
DrawFocusRect
FillRect
PtInRect
CallWindowProcW
GetDlgCtrlID
SetFocus
SetCapture
IsWindowEnabled
InvalidateRect
UpdateWindow
ScreenToClient
GetClassNameW
LoadCursorW
SetRectEmpty
OffsetRect
ReleaseDC
GetDC
DrawTextW
BeginPaint

gdi32

CreateFontIndirectW
SetTextColor
SetBkMode
SelectObject
GetObjectW
GetStockObject
CreateFontW
DeleteObject

advapi32

RegQueryInfoKeyW
RegDeleteValueW
RegCloseKey
RegEnumValueW
RegQueryValueExW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW

shell32

ShellExecuteW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoCreateGuid
CLSIDFromProgID
OleRun
CreateStreamOnHGlobal
CoInitialize

oleaut32

VariantInit
VarUI4FromStr
VariantClear
SysAllocString
SysFreeString
SysStringLen

shlwapi

PathStripPathW
PathAppendW
PathFileExistsW
PathRemoveBackslashW
PathRemoveFileSpecW
PathCanonicalizeW
PathIsRelativeW
PathAddBackslashW
PathFindExtensionW

comctl32

_TrackMouseEvent
InitCommonControlsEx

dbghelp

MiniDumpReadDumpStream
MiniDumpWriteDump
MakeSureDirectoryPathExists

wininet

InternetConnectW
InternetCloseHandle
InternetErrorDlg
HttpSendRequestExW
HttpEndRequestW
InternetOpenW
HttpOpenRequestW
HttpAddRequestHeadersW
InternetCrackUrlW
InternetWriteFile

gdiplus

GdipDeleteGraphics
GdipLoadImageFromStream
GdipDisposeImage
GdiplusStartup
GdipGetImageWidth
GdipGetImageHeight
GdipCreateFromHDC
GdipDrawImageRectI
GdipCloneImage
GdipFree
GdiplusShutdown
GdipAlloc

psapi

GetModuleFileNameExW

Sections

.text
Size: 308KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

68b87aafbb84b0352a5e2de8fa28ef96

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

dbghelp

wininet

gdiplus

psapi

Sections

.text Size: 308KB - Virtual size: 305KB

.rdata Size: 84KB - Virtual size: 82KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 280KB - Virtual size: 280KB

.text
Size: 308KB - Virtual size: 305KB

.rdata
Size: 84KB - Virtual size: 82KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 280KB - Virtual size: 280KB