2a5f55175f7efe34c1fda575ad4298fe23e3d3a8c12bef0d2a9ce251780cddb2

Sharing

Copy URL Twitter E-mail

General

Target

2a5f55175f7efe34c1fda575ad4298fe23e3d3a8c12bef0d2a9ce251780cddb2
Size

155KB
MD5

5943f167ecb22396410f90ec88e21960
SHA1

2c40ad7629f64c1d2024009de993d5847b9e8669
SHA256

2a5f55175f7efe34c1fda575ad4298fe23e3d3a8c12bef0d2a9ce251780cddb2
SHA512

11db4463f5d7514411c53c585526205541ac8adac0ab1965f813bd824db3a3660928e440ec110c8c2ef700cdd8a68c669358838f71fda71e89cc587990a6599c
SSDEEP

3072:Tnze7U8BWhdQGWTcg9nrS2SWA/rW4Lm6I+DfZnpzJgZcqD9ddo:TnaQ8cdQGWTcenrEW4i+NBCZcqD9ddo

Score

N/A

Malware Config

Signatures

Files

2a5f55175f7efe34c1fda575ad4298fe23e3d3a8c12bef0d2a9ce251780cddb2
.exe windows x86

922de565030f3b198eaa98b9a0129847

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultUILanguage
GetCurrentProcess
GetModuleFileNameW
ExpandEnvironmentStringsW
LoadLibraryW
GetSystemInfo
SetLastError
EnterCriticalSection
GetProcAddress
SetUnhandledExceptionFilter
GetModuleHandleExW
GetLocaleInfoW
GetFileAttributesW
OutputDebugStringA
InterlockedExchange
GetTickCount
CloseHandle
LeaveCriticalSection
LocalAlloc
DeleteCriticalSection
GetModuleHandleA
LocalFree
GetCurrentThread
GetLastError
HeapAlloc
GetVersion
GetProcessHeap
FormatMessageW
InterlockedDecrement
InitializeCriticalSection
InterlockedIncrement
QueryPerformanceCounter
FreeLibrary
GetCurrentProcessId
GetSystemTimeAsFileTime

rpcrt4

IUnknown_Release_Proxy
NdrOleFree
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
NdrDllGetClassObject
IUnknown_AddRef_Proxy
CStdStubBuffer_DebugServerRelease
IUnknown_QueryInterface_Proxy
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_QueryInterface
CStdStubBuffer_AddRef
NdrCStdStubBuffer_Release
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_Invoke
NdrDllCanUnloadNow
CStdStubBuffer_CountRefs

user32

ShowWindow
GetWindowRect
RegisterClassExW
RemovePropW
DispatchMessageW
GetDoubleClickTime
NotifyWinEvent
CreateWindowExW
SendMessageW
InflateRect
DestroyWindow
GetWindowLongW
PostQuitMessage
AdjustWindowRectEx
SetForegroundWindow
DestroyIcon
SetWindowPos
GetMessageW
DefWindowProcW
PtInRect
GetSubMenu
LoadCursorW
SetTimer
LoadMenuW
GetAncestor
SetPropW
DestroyMenu
TranslateMessage
PostMessageW
KillTimer
SetWindowLongW
LoadStringW
GetCursorPos
IsWindowVisible
GetProcessDefaultLayout
TrackPopupMenuEx

ole32

CoTaskMemRealloc
StringFromGUID2
HWND_UserFree
HWND_UserMarshal
CoCreateInstance
CoUninitialize
CoGetMalloc
HWND_UserUnmarshal
CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoTaskMemFree
CoInitializeEx
HWND_UserSize

msvcrt

_initterm
free
??3@YAXPAX@Z
memset
__getmainargs
isdigit
_XcptFilter
exit
malloc
__p__commode
??2@YAPAXI@Z
_vsnwprintf
_amsg_exit
__set_app_type
memcpy

advapi32

OpenProcessToken
GetTokenInformation
ConvertSidToStringSidW
OpenThreadToken
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW

crypt32

CryptUnprotectData
CryptProtectData

shlwapi

PathParseIconLocationW
StrStrW
StrChrW

shell32

ShellExecuteExW
Shell_NotifyIconW

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

922de565030f3b198eaa98b9a0129847

Headers

File Characteristics

Imports

kernel32

rpcrt4

user32

ole32

msvcrt

advapi32

crypt32

shlwapi

shell32

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB