f293387ddef697455a63ebe8f284e5a209ca03502f483e4b38326c9803f6cfac

Sharing

Copy URL Twitter E-mail

General

Target

f293387ddef697455a63ebe8f284e5a209ca03502f483e4b38326c9803f6cfac
Size

768KB
MD5

5d3c5ee286f9bb0e4f1effe876be95b4
SHA1

53e55e3148ad0655d56f99349efea5e705155b0a
SHA256

f293387ddef697455a63ebe8f284e5a209ca03502f483e4b38326c9803f6cfac
SHA512

81c5bd083fb292432d9b6be6e11fda0098f335e875cfbbcefb5a99480a74361a71b97aac25bef73d40b6ab686f1f98fc69011dda3b880728bcf84c35be87c92e
SSDEEP

12288:ZxBOYTcYZy8vD4ZEfK7XqiA27VJYhqcnB+ID5h/weDNYhaAB14a3MwV3SQaOwv0Q:zBOQcYZdDaf6v27/YR+Ib/weDul4oZar

Score

N/A

Malware Config

Signatures

Files

f293387ddef697455a63ebe8f284e5a209ca03502f483e4b38326c9803f6cfac
.exe windows x86

b5018863723f640d0f84cc8a55c53289

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyA
CryptEnumProviderTypesW
RegEnumValueW
LookupAccountSidA
GetUserNameW
RegQueryInfoKeyA
CryptSetProviderExA
CryptReleaseContext
RegQueryValueExW
CryptGetUserKey
InitiateSystemShutdownW
RegOpenKeyExW
RegQueryMultipleValuesA
RegCloseKey
RegFlushKey
CryptEnumProvidersA
DuplicateToken
CryptHashSessionKey
RegEnumKeyA
LookupSecurityDescriptorPartsA
CryptSetProviderA

comctl32

InitCommonControlsEx
ImageList_AddIcon
ImageList_GetImageInfo

kernel32

CreateMailslotW
GetModuleFileNameA
GetUserDefaultLCID
OpenWaitableTimerW
Sleep
GetFileAttributesExA
IsDebuggerPresent
GetSystemTimeAsFileTime
ReadConsoleOutputCharacterA
SetThreadPriority
UnhandledExceptionFilter
EnumSystemLocalesA
FindNextFileW
OpenMutexA
GetLogicalDriveStringsA
GetProcessShutdownParameters
HeapDestroy
ReadFile
VirtualFree
GlobalCompact
LCMapStringA
MoveFileA
GetTickCount
GetLocaleInfoW
TlsSetValue
RtlUnwind
FindResourceExA
VirtualQueryEx
OutputDebugStringA
FormatMessageA
SystemTimeToFileTime
TlsFree
SetConsoleWindowInfo
VirtualQuery
CompareStringW
CreateFileA
GetSystemTime
GetStartupInfoW
DeleteCriticalSection
GetDiskFreeSpaceW
GetCurrentThreadId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetCurrentProcess
TerminateProcess
FlushInstructionCache
HeapCreate
GlobalUnlock
EnumTimeFormatsW
GetACP
InterlockedDecrement
lstrcatW
HeapReAlloc
VirtualLock
IsValidCodePage
GetConsoleOutputCP
GetProcAddress
CloseHandle
GetModuleHandleW
EnterCriticalSection
WritePrivateProfileStringA
FlushViewOfFile
WideCharToMultiByte
SetEnvironmentVariableA
IsValidLocale
FreeLibrary
ExitProcess
WaitForMultipleObjects
GetOEMCP
FindResourceA
QueryPerformanceCounter
HeapSize
GetLocaleInfoA
WaitForDebugEvent
MultiByteToWideChar
GlobalReAlloc
GetNamedPipeInfo
GetTimeZoneInformation
GlobalFindAtomA
GetFileAttributesA
CreateMailslotA
LocalCompact
GetStringTypeW
LeaveCriticalSection
CreateRemoteThread
LocalFlags
GetLastError
HeapFree
SetUnhandledExceptionFilter
GetTempPathW
WriteConsoleW
VirtualProtectEx
HeapAlloc
GetCurrentProcessId
GetFileType
InitializeCriticalSectionAndSpinCount
lstrcmpW
SetLocaleInfoA
TlsGetValue
GetProcessHeaps
GetFullPathNameA
GetStartupInfoA
GetConsoleCP
GetLogicalDriveStringsW
SetLastError
UnlockFile
CopyFileA
GetCurrentThread
FlushFileBuffers
CreateFileMappingA
GetDateFormatA
LCMapStringW
SetHandleCount
ReadConsoleA
InterlockedExchange
OpenFileMappingA
WriteFile
GetTimeFormatA
VirtualAlloc
LockResource
SetFilePointer
GetModuleHandleA
GetExitCodeProcess
GetCommandLineW
WriteConsoleA
LocalHandle
SetStdHandle
DuplicateHandle
SetConsoleCtrlHandler
GetModuleFileNameW
CreateMutexA
GetCPInfo
GetCommandLineA
CompareStringA
InterlockedIncrement
IsBadReadPtr
GetStdHandle
LoadLibraryA
WritePrivateProfileSectionA
WriteConsoleInputW
GetVolumeInformationA
GetStringTypeA
TerminateThread
TlsAlloc
SuspendThread

user32

GetForegroundWindow
IsWindowUnicode
IsDialogMessageA
PeekMessageW
RegisterClassExA
RegisterClassA
SetClassLongW
CreateAcceleratorTableW
DdeKeepStringHandle
FindWindowExW
GetWindowDC
GetWindowTextLengthW
EqualRect
GetActiveWindow
DlgDirSelectExA
GetPriorityClipboardFormat
GetOpenClipboardWindow
GetUpdateRect
ActivateKeyboardLayout
GetKeyboardLayoutNameW
RealChildWindowFromPoint
CharPrevW
ChangeMenuA
GetMenuInfo
LookupIconIdFromDirectoryEx
SendMessageW
PostQuitMessage
LoadStringA
DrawFrameControl
CallMsgFilterA

Sections

.text
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5018863723f640d0f84cc8a55c53289

Headers

File Characteristics

Imports

advapi32

comctl32

kernel32

user32

Sections

.text Size: 184KB - Virtual size: 182KB

.rdata Size: 404KB - Virtual size: 400KB

.data Size: 144KB - Virtual size: 154KB

.rsrc Size: 32KB - Virtual size: 29KB

.text
Size: 184KB - Virtual size: 182KB

.rdata
Size: 404KB - Virtual size: 400KB

.data
Size: 144KB - Virtual size: 154KB

.rsrc
Size: 32KB - Virtual size: 29KB