bbe8695c64b33f3818abe6d5f2cbb73afe8f09a88388d35fcbaf9f0629806897

Sharing

Copy URL

Twitter E-mail

General

Target

bbe8695c64b33f3818abe6d5f2cbb73afe8f09a88388d35fcbaf9f0629806897
Size

449KB
MD5

5422b1973dd48e8f9544030a8e5413d2
SHA1

596d861f3bf867c14b6bb4d0cb9ad60f2eae3c13
SHA256

bbe8695c64b33f3818abe6d5f2cbb73afe8f09a88388d35fcbaf9f0629806897
SHA512

e18ad819f74979af841cbd4156ca679af7620b43ab968834f1ce95dd6c85c922aad1eb84f44d3a79938475e1534deb72c6dfbe0ac5c50d1654c250bd7e773a7e
SSDEEP

6144:HWxkuv7REGw+oRJeInPzxZ9zoiWJSXZ0bIS/ei0KK3e4RlnHvouHjwvKfhcyhZc5:HoB7REBeIr9blZ0ESj34RlvZg

Score

N/A

Malware Config

Signatures

Files

bbe8695c64b33f3818abe6d5f2cbb73afe8f09a88388d35fcbaf9f0629806897
.exe windows x86

a5eaa0d665a4fc49f01a8cecb3fd42b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

LocalReAlloc
TlsFree
GlobalFlags
InterlockedIncrement
lstrlenA
SetErrorMode
GetFileTime
WritePrivateProfileStringW
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
HeapReAlloc
ExitThread
CreateThread
SetStdHandle
GetFileType
ExitProcess
HeapSize
TlsSetValue
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
InterlockedDecrement
GetModuleHandleA
SuspendThread
SetThreadPriority
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
GetThreadLocale
GlobalAlloc
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryA
SetLastError
lstrcmpW
GetVersionExA
lstrcatW
lstrcpyW
FreeLibrary
GetWindowsDirectoryW
WinExec
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
ReadFile
GetFileSize
GetCurrentProcess
GetModuleHandleW
lstrcmpiW
CompareStringW
WideCharToMultiByte
WriteFile
FlushFileBuffers
GetSystemDefaultLangID
CreateProcessW
GetProcAddress
lstrlenW
LoadLibraryW
GetTempFileNameW
GetTempPathW
DeleteFileW
GetFileAttributesW
GetDriveTypeW
GetLogicalDriveStringsW
CreateFileW
ReleaseMutex
CreateMutexW
Process32NextW
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
FormatMessageW
GetLastError
LocalFree
GetModuleFileNameW
Sleep
MultiByteToWideChar
GetTickCount
WaitForSingleObject
CloseHandle
ResumeThread
CreateEventW
SetEvent
FindResourceW
LoadResource
LockResource
SizeofResource
GetStdHandle

user32

DestroyMenu
WindowFromPoint
GetWindowThreadProcessId
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMessageW
GetCursorPos
ValidateRect
CharUpperW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
IsWindowEnabled
ShowWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
ScreenToClient
GetMessagePos
CopyIcon
LoadCursorW
MessageBeep
InflateRect
ReleaseDC
GetDC
UnregisterClassW
GetSysColorBrush
SetWindowsHookExW
SetWindowLongW
GetWindowRect
GetSysColor
SetCursor
InvalidateRect
PtInRect
RedrawWindow
IsWindow
GetClientRect
GetSystemMetrics
IsIconic
RegisterWindowMessageW
GetDesktopWindow
PostQuitMessage
KillTimer
LoadIconW
SetTimer
GetForegroundWindow
SendMessageW
DispatchMessageW
TranslateMessage
PeekMessageW
PostMessageW
GetParent
EnableWindow
UnregisterClassA

gdi32

DeleteDC
ScaleWindowExtEx
DeleteObject
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetClipBox
CreateFontIndirectW
GetTextExtentPoint32W
GetObjectW
GetStockObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
CryptAcquireContextW
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
CryptReleaseContext
CryptVerifySignatureW
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptImportKey

shell32

ShellExecuteW
SHGetFolderPathW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
UrlUnescapeW
PathFindExtensionW
StrFormatByteSizeW

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
VariantChangeType
VariantInit

wininet

InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
InternetOpenUrlW
InternetReadFile
InternetGetConnectedState
InternetCheckConnectionW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetSetOptionExW
InternetQueryDataAvailable

Sections

.text
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5eaa0d665a4fc49f01a8cecb3fd42b4

Headers

File Characteristics

Imports

psapi

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

wininet

Sections

.text Size: 268KB - Virtual size: 266KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 12KB - Virtual size: 33KB

.rsrc Size: 96KB - Virtual size: 92KB

.text
Size: 268KB - Virtual size: 266KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 12KB - Virtual size: 33KB

.rsrc
Size: 96KB - Virtual size: 92KB