c370467b39ac4f9ca26bb3c1e18553a634f2608960fb268632f3fe6c962d4555

Sharing

Copy URL Twitter E-mail

General

Target

c370467b39ac4f9ca26bb3c1e18553a634f2608960fb268632f3fe6c962d4555
Size

396KB
MD5

32a71180fa482690c788fbac8bc7cd63
SHA1

40fed5cc06e47bcfe0c2b0186b85ced9d6037f70
SHA256

c370467b39ac4f9ca26bb3c1e18553a634f2608960fb268632f3fe6c962d4555
SHA512

9e6bcacee000dcbf9dcec4fcb29f93f625dd48ff7238cf05d914a4e51ec7cca3ad5f9344b6fdd28f2ea8eb64392ebbe59238efa3719af46a6a37d6df08dde3c6
SSDEEP

6144:WhTkQsoAENqe74Bouq5Zuf0carZxUPmehl4yQYDeK4v0tj6/FnX7pDuvCtP:WJ5rN574BoucQ8ollhewj6/FXFuvUP

Score

N/A

Malware Config

Signatures

Files

c370467b39ac4f9ca26bb3c1e18553a634f2608960fb268632f3fe6c962d4555
.exe windows x86

29e54440c3e52dc4814a7c1ba089f80a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringW
lstrcatW
lstrcpyW
LocalFree
LocalReAlloc
GetCurrentDirectoryW
OutputDebugStringA
LocalAlloc
DeleteFileW
MoveFileW
OutputDebugStringW
_lclose
OpenFile
GetTempFileNameW
_llseek
_lread
_lcreat
_lopen
_lwrite
GetProfileIntW
GlobalUnlock
GlobalLock
lstrcmpW
LocalLock
LocalUnlock
LoadResource
FindResourceW
GetSystemDefaultLangID
CompareStringW
CompareStringA
HeapSize
InitializeCriticalSectionAndSpinCount
HeapReAlloc
HeapAlloc
GetLocaleInfoA
EnterCriticalSection
lstrlenW
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapFree
HeapCreate
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
Sleep
GetTimeZoneInformation
WideCharToMultiByte
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
VirtualQuery
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
VirtualFree
ResumeThread
TerminateProcess
GlobalFree
CreateProcessA
GetThreadContext
SetEnvironmentVariableA
VirtualQueryEx
LoadLibraryA
FreeLibrary
GlobalAlloc
VirtualAlloc
ExitProcess
GetTempPathA
lstrcmpA
GetTempFileNameA
lstrcatA
CreateFileA
WriteFile
CloseHandle
WaitForSingleObject
GetLastError
GetCurrentThreadId
FindAtomA
OpenProcess
lstrcpyA
GetProcAddress
GetModuleHandleA
LeaveCriticalSection
lstrlenA

user32

PeekMessageW
IsDialogMessageW
CreateDialogParamW
GetSystemMenu
GetWindowTextW
SetCaretPos
InvertRect
LoadBitmapW
LoadStringW
LoadCursorW
RegisterClassW
LoadAcceleratorsW
GetSystemMetrics
CreateWindowExW
SetTimer
RegisterWindowMessageW
CharUpperA
SetWindowTextW
GetActiveWindow
IsIconic
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
GetScrollRange
GetUpdateRect
OffsetRect
ScrollWindow
GetScrollPos
DrawTextW
ShowWindow
GetDC
CharPrevA
MessageBeep
CheckRadioButton
CheckDlgButton
SetDlgItemInt
GetDlgItemInt
IsDlgButtonChecked
CharNextA
GetDlgItem
EnableWindow
SetDlgItemTextW
MessageBoxW
GetDlgItemTextW
GetWindowLongW
LoadIconW
GetKeyState
HiliteMenuItem
DialogBoxParamW
ReleaseDC
FlashWindow
SendDlgItemMessageW
EndDialog
SendMessageW
GetSysColor
FillRect
GetMenu
OpenClipboard
EnumClipboardFormats
CloseClipboard
EnableMenuItem
CheckMenuItem
SetFocus
GetClientRect
DestroyWindow
WinHelpW
PostQuitMessage
HideCaret
BeginPaint
EndPaint
ShowCaret
IsWindowEnabled
SetCursor
PostMessageW
UpdateWindow
CreateCaret
DestroyCaret
InvalidateRect
DefWindowProcW
MoveWindow
SetScrollPos
SetScrollRange
EqualRect
GetWindowRect
IsWindowVisible
ClientToScreen
GetCursorPos
InflateRect
OpenInputDesktop
GetThreadDesktop
SetThreadDesktop
GetFocus
FindWindowA
GetWindowThreadProcessId
wsprintfA
CloseDesktop
AnyPopup

shell32

ShellAboutW
ShellExecuteA

shlwapi

SHGetValueA

advapi32

CreateProcessAsUserA

gdi32

GetStockObject
DeleteObject
CreateSolidBrush
DeleteDC
GetDeviceCaps
UnrealizeObject
SelectObject
SetBkColor
SetBkMode
BitBlt
GetObjectW
CreateCompatibleDC
GetTextMetricsW
LineTo
Ellipse
Escape
CreateDCW
TextOutW
PatBlt
SetTextColor
GetBkColor
GetBkMode

comdlg32

GetSaveFileNameW
PrintDlgW
GetOpenFileNameW

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 269KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29e54440c3e52dc4814a7c1ba089f80a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

advapi32

gdi32

comdlg32

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 269KB - Virtual size: 274KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 269KB - Virtual size: 274KB

.rsrc
Size: 17KB - Virtual size: 16KB