f329bf708aaf9ccaf00e9dcdab697a546ae9ce58d7c9aa8bcbb2ab4a03d22596

Sharing

Copy URL Twitter E-mail

General

Target

f329bf708aaf9ccaf00e9dcdab697a546ae9ce58d7c9aa8bcbb2ab4a03d22596
Size

708KB
MD5

6e6e2d57ae748011ea884f062afbdf26
SHA1

bfcd221f82dc227a294b2f95177e431ecf4db051
SHA256

f329bf708aaf9ccaf00e9dcdab697a546ae9ce58d7c9aa8bcbb2ab4a03d22596
SHA512

855f3d036a662fe9a7e1a61f51fb729ba5179e163bf15d78175bcbfed32c1fe73e0219f36daf9e2383050c3e65b9f6a53f6c0868408aaebd4b68189289a0e86a
SSDEEP

12288:o1J9SsP0Fekyk2gW4Cz/kKjTWVBytPbKOD/288wh8:o1J0sP0FetkHW48jTWVBy5bbb8w2

Score

N/A

Malware Config

Signatures

Files

f329bf708aaf9ccaf00e9dcdab697a546ae9ce58d7c9aa8bcbb2ab4a03d22596
.exe windows x86

4a51754e5a712b3517d8450de1d58d55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileSize
GetFileTime
ReadFile
WriteFile
LocalFileTimeToFileTime
DosDateTimeToFileTime
FreeLibrary
GetProcAddress
LoadLibraryExA
WaitForSingleObject
CreateProcessA
LoadLibraryA
GetTempPathA
GetWindowsDirectoryA
GetTickCount
SetEvent
OpenEventA
GetPrivateProfileStringA
GetCurrentProcess
GetVersionExA
GetShortPathNameA
GetSystemDirectoryA
WinExec
SetFileTime
SetFileAttributesA
GetPrivateProfileSectionA
MoveFileExA
IsBadWritePtr
IsBadReadPtr
GetPrivateProfileSectionNamesA
WritePrivateProfileSectionA
WritePrivateProfileStringA
RemoveDirectoryA
GlobalFree
GlobalUnlock
GlobalAlloc
SystemTimeToFileTime
GetModuleHandleA
GetVersion
CreateThread
lstrcpynA
Sleep
lstrcmpiA
GetCurrentThreadId
QueryPerformanceFrequency
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcatA
GetCurrentProcessId
CreateFileW
GetLocaleInfoA
LockResource
LoadResource
FindResourceA
CreateFileA
FindFirstFileA
FindClose
GetDiskFreeSpaceA
lstrlenW
EnterCriticalSection
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
SetFilePointer
lstrcmpA
FindNextFileA
CloseHandle
GlobalLock
CreateEventA
LeaveCriticalSection
InterlockedDecrement
LocalFree
InterlockedIncrement
FormatMessageA
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
SetLastError
GetLastError
GetFileAttributesA
MoveFileA
CopyFileA
DeleteFileA
CreateDirectoryA
lstrcpyA
IsBadCodePtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
UnhandledExceptionFilter
HeapSize
HeapReAlloc
TerminateProcess
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
SetUnhandledExceptionFilter
TlsGetValue
TlsAlloc
ExitProcess
GetStartupInfoA
InterlockedExchange
VirtualQuery
VirtualProtect
SearchPathA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
ResetEvent
QueryPerformanceCounter
GetCurrentThread
RtlUnwind
RaiseException
TlsSetValue
ExitThread
HeapAlloc
HeapFree
GetModuleFileNameA

user32

CreateDialogIndirectParamA
SendMessageA
DestroyWindow
GetDlgItem
PeekMessageA
IsDialogMessageA
SetDlgItemTextA
MsgWaitForMultipleObjects
MessageBoxA
WaitForInputIdle
CharNextA
LoadStringA
CharUpperA
ExitWindowsEx
CharLowerBuffA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
PostThreadMessageA
GetDesktopWindow

gdi32

TranslateCharsetInfo
CreateFontIndirectA
DeleteObject
GetObjectA

advapi32

RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegConnectRegistryA
RegDeleteValueA
RegQueryInfoKeyA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenThreadToken
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegQueryValueA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

ole32

StgCreateDocfile
StgOpenStorage
CoUninitialize
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoInitialize
CoGetInterfaceAndReleaseStream
CoTaskMemFree
ProgIDFromCLSID
WriteClassStm
OleSaveToStream
OleLoadFromStream
CreateStreamOnHGlobal
GetRunningObjectTable
CreateItemMoniker
StringFromCLSID
CoRegisterClassObject
CoCreateGuid
CLSIDFromString
CreateFileMoniker
CoReleaseMarshalData
CoMarshalInterface
CoUnmarshalInterface
CoRevokeClassObject

oleaut32

SysStringByteLen
SysAllocStringByteLen
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopyInd
SetErrorInfo
CreateErrorInfo
LoadTypeLi
RegisterTypeLi
SafeArrayCreate
SafeArrayGetElement
SafeArrayDestroy
SafeArrayPutElement
VariantCopy
VariantChangeType
VariantInit
LoadRegTypeLi
SysAllocStringLen
SysStringLen
SysReAllocStringLen
VariantClear
SysAllocString
SysFreeString
SafeArrayCopy

msi

ord31
ord159
ord8
ord160
ord117
ord93
ord112
ord49
ord103
ord124
ord17
ord120
ord73
ord79
ord116
ord75
ord95
ord91
ord87
ord189
ord18
ord46
ord33
ord136
ord144
ord141
ord168
ord7
ord67
ord146

rpcrt4

RpcServerListen
NdrPointerBufferSize
NdrPointerMarshall
NdrPointerFree
NdrServerInitializeNew
NdrConvert
NdrConformantStringUnmarshall
RpcRaiseException
I_RpcGetBuffer
RpcMgmtStopServerListening
RpcServerUnregisterIf
RpcServerUseProtseqEpA
RpcServerRegisterIf

comctl32

ord17

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 436KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4a51754e5a712b3517d8450de1d58d55

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msi

rpcrt4

comctl32

version

Sections

.text Size: 436KB - Virtual size: 432KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 36KB - Virtual size: 122KB

.rsrc Size: 76KB - Virtual size: 73KB

.rrdata Size: 76KB - Virtual size: 76KB

.text
Size: 436KB - Virtual size: 432KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 36KB - Virtual size: 122KB

.rsrc
Size: 76KB - Virtual size: 73KB

.rrdata
Size: 76KB - Virtual size: 76KB