029632c58b3da6363726c4e70609c1255e2187da60de0f20f64eeb4d30b93ad1

Sharing

Copy URL Twitter E-mail

General

Target

029632c58b3da6363726c4e70609c1255e2187da60de0f20f64eeb4d30b93ad1
Size

1.4MB
MD5

3ddd327db0be140c79648adcbf6b3276
SHA1

9d60837f56b4e3de26384cd22366f3f852afe343
SHA256

029632c58b3da6363726c4e70609c1255e2187da60de0f20f64eeb4d30b93ad1
SHA512

407f7e0b6ed30d3019b1f4d97fd590d67fb97f908bdef807447f073d1f0e291a850973f06313f9bd0c8da67044a2f9adc51d49638ede485d29200853a0851f6b
SSDEEP

24576:NJDspKgq+PWi2IOZLHF7Ndp3JsHSnf96NDzJ2lxCPEj0n2CnyvuRVbtbaAG9MCc:TQyaWiXuFJf3/96NFGxsEcQ0VbtbjG6r

Score

N/A

Malware Config

Signatures

Files

029632c58b3da6363726c4e70609c1255e2187da60de0f20f64eeb4d30b93ad1
.exe windows x86

5ce42bf5812460411050900a96d5fdfd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerInstallFileA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueW
VerInstallFileW
GetFileVersionInfoA
VerFindFileW
VerFindFileA
GetFileVersionInfoW

winmm

mixerMessage
mixerGetLineControlsA

comdlg32

PageSetupDlgW
PageSetupDlgA
LoadAlterBitmap
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
CommDlgExtendedError

setupapi

SetupDiOpenDeviceInfoA
SetupDiGetDeviceInfoListDetailW
SetupDiDestroyDeviceInfoList
CM_Locate_DevNode_ExA
CM_Get_DevNode_Registry_PropertyW

kernel32

lstrcmpiW
lstrcmpA
WriteProfileStringW
VerLanguageNameW
VerLanguageNameA
UnregisterWait
SetLastError
SetCommConfig
RequestDeviceWakeup
OpenJobObjectW
HeapAlloc
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetStringTypeW
GetProcAddress
GetPrivateProfileSectionNamesW
GetNamedPipeHandleStateA
GetFileSize
GetDateFormatW
GetComputerNameW
GetCommandLineA
ExitProcess
EnumResourceNamesA
BackupWrite
CancelIo
ChangeTimerQueueTimer
CommConfigDialogW
CopyFileW
CreateFileA
CreateJobObjectW
CreateTimerQueueTimer
DeleteFileA
DeleteTimerQueueTimer
EndUpdateResourceW
EnumResourceLanguagesA

ntdll

DbgPrintReturnControlC
ZwPlugPlayControl
ZwImpersonateClientOfPort
ZwDeleteObjectAuditAlarm
ZwCreateTimer
ZwCreateIoCompletion
RtlpNtSetValueKey
RtlUpperChar
RtlSetUserFlagsHeap
RtlNtStatusToDosError
RtlNormalizeProcessParams
RtlLargeIntegerToChar
CsrClientConnectToServer
NtAlertResumeThread
NtCreateThread
NtPowerInformation
NtRegisterThreadTerminatePort
NtYieldExecution
RtlAppendStringToString
RtlConvertExclusiveToShared
RtlDelete
RtlEqualString
RtlFindMostSignificantBit
RtlFindSetBits
RtlImpersonateSelf
RtlInitializeCriticalSection
RtlInitializeHandleTable
RtlLargeIntegerArithmeticShift

user32

ShowCursor
SendMessageA
PostMessageA
OemToCharW
IsCharUpperA
GetDlgItem
EnableMenuItem
EmptyClipboard
DrawCaption
DialogBoxParamA
CreateIcon
UpdateWindow
CharLowerA
CharToOemA
CharToOemBuffA
CloseWindow
CreateDialogParamA

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 487KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ce42bf5812460411050900a96d5fdfd

Headers

File Characteristics

Imports

version

winmm

comdlg32

setupapi

kernel32

ntdll

user32

Sections

.text Size: 57KB - Virtual size: 57KB

.data Size: 487KB - Virtual size: 1.1MB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 57KB - Virtual size: 57KB

.data
Size: 487KB - Virtual size: 1.1MB

.rsrc
Size: 48KB - Virtual size: 47KB