991425b01fd9b657d5601173aa8af7b17a23a4ca09fcbdaddc50e6e6f0b207b3

Sharing

Copy URL Twitter E-mail

General

Target

991425b01fd9b657d5601173aa8af7b17a23a4ca09fcbdaddc50e6e6f0b207b3
Size

210KB
MD5

66f1dbe2f1a1661854ee529e6e90fbb0
SHA1

e815f4de1f45079a71dbb99b0658226cd3c37d12
SHA256

991425b01fd9b657d5601173aa8af7b17a23a4ca09fcbdaddc50e6e6f0b207b3
SHA512

464fd1594fa3db54d7dbc455d482a691ad6cb55a883c9ecdd4ccc480018e82609184fb114dc75d32705523e3b8f6de72701d4e28ef93d968eb57996eaf5578e3
SSDEEP

6144:oJw0/YHVK/zGKF8Vo0uebQVC0e9f9Ifjkk11zWj1xsX4Yf:2ToVvK+VopVGf96jWj1CXtf

Score

N/A

Malware Config

Signatures

Files

991425b01fd9b657d5601173aa8af7b17a23a4ca09fcbdaddc50e6e6f0b207b3
.exe windows x86

db641d60e4a405226fdca858a7909702

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wcsnicmp
wcsrchr
memcpy
_wcsicmp
_vsnwprintf
memset
wcsncmp
_amsg_exit
_initterm
free
malloc
_XcptFilter
_CxxThrowException
bsearch
qsort
_errno

kernel32

GetPrivateProfileIntW
LocalFree
lstrcmpW
FindCloseChangeNotification
FindNextChangeNotification
FindFirstChangeNotificationW
lstrlenA
InterlockedExchange
Sleep
InterlockedCompareExchange
OutputDebugStringA
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
UnmapViewOfFile
GetLocaleInfoW
CreateFileMappingW
MapViewOfFile
FindResourceExW
LoadResource
SetLastError
CopyFileW
CreateFileW
GetPrivateProfileStringW
CompareStringW
EnterCriticalSection
LeaveCriticalSection
GetTempPathW
DeleteCriticalSection
GetVersionExW
LocalAlloc
GetWindowsDirectoryW
lstrlenW
DeleteFileW
WritePrivateProfileStringW
CreateMutexW
GetLastError
CloseHandle
InterlockedIncrement
InterlockedDecrement
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
FindResourceW
MultiByteToWideChar
GetPrivateProfileSectionW
GetFileAttributesW
IsDBCSLeadByte
FindNextFileW
FindFirstFileW
CreateDirectoryW
WideCharToMultiByte
ReadFile
GetFileSize
GetPrivateProfileStringA
LocalReAlloc
FreeLibrary
SetFileAttributesW
CreateProcessW
VirtualAlloc
GetVersion

user32

EnumChildWindows
CharNextW
FindWindowExW
GetDC
ReleaseDC
GetSysColor
DestroyWindow
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageW
SystemParametersInfoA
KillTimer
SetTimer
GetWindowRect
MapWindowPoints
GetSystemMetrics
LoadCursorW
SetCursor
CheckRadioButton
GetParent
CheckDlgButton
GetWindowLongW
IsDlgButtonChecked
SetWindowLongW
SetWindowTextW
PostMessageW
SendMessageW
EndDialog
SetFocus
ShowWindow
EnableWindow
IsWindowEnabled
MessageBoxW
GetDlgItemTextW
SetDlgItemTextW
GetFocus
GetWindowThreadProcessId
LoadBitmapW
DestroyIcon
LoadImageW
LoadIconW
SendDlgItemMessageW
RegisterClipboardFormatW
DialogBoxParamW
LoadStringW

gdi32

DeleteObject
GetStockObject
GetObjectW
CreateFontIndirectW
GetDeviceCaps
GetTextMetricsW

advapi32

RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW

shlwapi

StrCmpIW
PathGetDriveNumberW
PathGetCharTypeW
SHDeleteKeyW
StrChrW
PathSkipRootW
PathIsRootW
PathIsUNCServerW
StrPBrkW
StrCSpnW
StrCmpNIW
StrSpnW
PathFindExtensionW
StrRStrIW
SHQueryValueExW
StrCmpW
StrToIntW
StrStrW
StrRChrW
wnsprintfW
PathIsURLW
SHSetValueW
PathIsDirectoryEmptyW
SHGetValueW
StrStrIW
PathCombineW
SHDeleteValueW
PathRemoveFileSpecW
PathFindNextComponentW
PathFindFileNameW
PathAddBackslashW
PathAppendW
PathFileExistsW

shell32

ExtractIconExA
ExtractIconExW
ExtractAssociatedIconW

comctl32

ImageList_GetImageCount
ImageList_Create
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_Destroy
CreatePropertySheetPageW
ImageList_Add
InitCommonControlsEx

comdlg32

GetSaveFileNameW

ole32

CoGetMalloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateGuid
CoTaskMemAlloc
CoCreateInstance
CreateStreamOnHGlobal
StringFromGUID2

imm32

ImmAssociateContext

cryptui

CryptUIWizDigitalSign

ieakeng

ShowInetcpl
BToolbar_Remove
CheckField
ModifyRatings
ProcessFavSelChange
NewFolder
ErrorMessageBox
GetFavoritesMaxNumber
GetFavoritesNumber
MoveDownFavorite
MoveUpFavorite
DisplayADMItem
SelectADMItem
DestroyADMWindow
CreateADMWindow
ModifyZones
ModifyAuthCode

msi

MsiEnumComponentQualifiersW
MsiDeterminePatchSequenceW
MsiGetProductCodeFromPackageCodeA
MsiGetFeatureUsageW
MsiCollectUserInfoA
MsiRecordSetStreamW
MsiSourceListGetInfoW
MsiGetProductCodeFromPackageCodeW
MsiFormatRecordA
MsiProvideAssemblyW
MsiGetUserInfoA
MsiCollectUserInfoW
MsiDeterminePatchSequenceA
MsiProvideComponentA
MsiSetExternalUIW
MsiFormatRecordW
MsiGetProductInfoFromScriptW
MsiInvalidateFeatureCache
MsiRecordSetStreamA
MsiConfigureFeatureFromDescriptorW
MsiDatabaseMergeA
MsiGetPatchInfoExA
MsiCreateTransformSummaryInfoA
MsiSetInternalUI
MsiGetPatchInfoExW
MsiViewGetErrorW
MsiRecordGetStringW
MsiSourceListSetInfoW
MsiEnumPatchesExW
MsiRecordSetInteger
MsiEnumFeaturesW
MsiDetermineApplicablePatchesA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 13KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db641d60e4a405226fdca858a7909702

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

shlwapi

shell32

comctl32

comdlg32

ole32

imm32

cryptui

ieakeng

msi

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 7KB - Virtual size: 6KB

Size: 2KB - Virtual size: 13KB

Size: 3KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 118KB

Size: 512B - Virtual size: 30KB

Size: 2KB - Virtual size: 10KB

.rsrc Size: 147KB - Virtual size: 147KB

.reloc Size: 5KB - Virtual size: 8KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 118KB

.rsrc
Size: 147KB - Virtual size: 147KB

.reloc
Size: 5KB - Virtual size: 8KB