d5080c0347ada37bf4e95de0caaaa802f6e66ec84b8360c1e56ff92ab0a3ef3e

Sharing

Copy URL

Twitter E-mail

General

Target

d5080c0347ada37bf4e95de0caaaa802f6e66ec84b8360c1e56ff92ab0a3ef3e
Size

333KB
MD5

5be55a47af003e3c7ffefaf695712020
SHA1

d797a29b1fb0bda82b7b0180aacf1d729af2097a
SHA256

d5080c0347ada37bf4e95de0caaaa802f6e66ec84b8360c1e56ff92ab0a3ef3e
SHA512

01eeecc919691c321aff67ecd72a107a7a4ec4245ede12cc4dde9dc0580794cffb885680381adb894a3824463cc6330c87d2a72764fc6103d81476980e0f49ca
SSDEEP

6144:0SnQt7/im61AIfbbHlR2Zji9V23PfcKrKywm4uAI0jX7whvE7:0SA7/TGAMbHbzudGyf/AIukvA

Score

N/A

Malware Config

Signatures

Files

d5080c0347ada37bf4e95de0caaaa802f6e66ec84b8360c1e56ff92ab0a3ef3e
.exe windows x86

bc812aba86a0991a26291325e43b257b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryW
LoadLibraryW
GetModuleFileNameW
GetDriveTypeW
GetPrivateProfileStringW
WriteFile
GetCurrentProcess
SetLastError
GetProcAddress
LockResource
WriteConsoleW
GetTimeZoneInformation
GetProcessHeap
LCMapStringW
FlushFileBuffers
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetEnvironmentVariableA
GetConsoleMode
GetConsoleCP
IsProcessorFeaturePresent
HeapSize
GetModuleHandleW
SizeofResource
LoadResource
FreeLibrary
FindResourceW
LocalFree
CloseHandle
FindNextFileW
FindClose
GetLongPathNameW
GetLastError
GetTempPathW
MultiByteToWideChar
CreateFileW
GetFileAttributesW
FormatMessageW
CopyFileW
Sleep
WideCharToMultiByte
OpenProcess
WaitForSingleObject
MoveFileExW
CreateProcessW
SetEndOfFile
SetFilePointer
FindFirstFileW
CompareStringW
GetTempFileNameW
GetFullPathNameW
RtlUnwind
SetStdHandle
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
LocalAlloc
InterlockedExchange
LoadLibraryA
RaiseException
GetCommandLineW
HeapSetInformation
HeapFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
HeapAlloc
SetFileAttributesW
EnterCriticalSection
LeaveCriticalSection
CreateDirectoryW
RemoveDirectoryW
FindFirstFileExW
DeleteFileW
EncodePointer
DecodePointer
ExitThread
GetCurrentThreadId
CreateThread
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
MoveFileW
ReadFile
HeapReAlloc
ExitProcess
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount

user32

CopyRect
SetWindowTextW
wsprintfW
SetTimer
ScreenToClient
GetWindowRect
DrawTextW
DialogBoxParamW
GetParent
GetClientRect
GetDC
LoadIconW
OffsetRect
GetWindowLongW
ReleaseDC
GetDlgItem
SetWindowLongW
EndDialog
GetDesktopWindow
SetWindowPos
SendMessageW

gdi32

SelectObject

advapi32

CryptVerifySignatureA
CryptDestroyKey
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCreateKeyExW
OpenProcessToken
OpenSCManagerA
QueryServiceStatusEx
StartServiceW
RegQueryValueExW
OpenServiceW
CloseServiceHandle
RegSetValueExW
RegCloseKey
RegOpenKeyExW

comctl32

InitCommonControlsEx

shell32

ShellExecuteExW

shlwapi

PathCommonPrefixW
PathAppendW
PathRemoveFileSpecW
PathStripToRootW

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc812aba86a0991a26291325e43b257b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

shell32

shlwapi

Sections

.text Size: 118KB - Virtual size: 117KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 96KB - Virtual size: 96KB

.reloc Size: 9KB - Virtual size: 8KB

.rrdata Size: 68KB - Virtual size: 68KB

.text
Size: 118KB - Virtual size: 117KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 96KB - Virtual size: 96KB

.reloc
Size: 9KB - Virtual size: 8KB

.rrdata
Size: 68KB - Virtual size: 68KB