11391763bdfe36e23d442afc77c5a81b7e2b160088bb0a3c05238918a70d7c41

Sharing

Copy URL

Twitter E-mail

General

Target

11391763bdfe36e23d442afc77c5a81b7e2b160088bb0a3c05238918a70d7c41
Size

280KB
MD5

0b20d917db6bdfce30f9bb3d3c371af0
SHA1

49019bb7f6798b3db10464d8a85d34dfbf7a7a0c
SHA256

11391763bdfe36e23d442afc77c5a81b7e2b160088bb0a3c05238918a70d7c41
SHA512

5db296e02326ff74d48f1557234c3d13902ac7a023ec3dd221fb17642309875b45deed56fe32ff0825460278272aee8b8d17ec8dee09068b71aad3d0251b23e4
SSDEEP

6144:6wJk8ztpCSPDDMeKJtmXSYW2j+bOR0ay7B:6Sk8zCSPmtYW2j+C

Score

N/A

Malware Config

Signatures

Files

11391763bdfe36e23d442afc77c5a81b7e2b160088bb0a3c05238918a70d7c41
.exe windows x86

8d6d21cc176458559d1181ad4805ce3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
lstrcmpW
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
lstrcpynW
lstrcpynA
DebugBreak
OutputDebugStringW
lstrlenA
GetModuleHandleW
FreeLibrary
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
ReleaseMutex
CreateMutexW
CloseHandle
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
ReadFile
WriteFile
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
HeapSize
GlobalLock
GetProcAddress
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
VirtualQuery
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetVersionExA
GetStartupInfoW
GetModuleHandleA
HeapReAlloc
RtlUnwind
ExitProcess
GlobalUnlock
MulDiv
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
LoadLibraryA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
CreateFileW
GetStringTypeA
GetStringTypeW
VirtualProtect
GetSystemInfo
GetCPInfo
GetLastError
lstrcpyW
lstrlenW
GetModuleFileNameW
GetCurrentThreadId
HeapAlloc
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
GetOEMCP
SetEndOfFile
EnterCriticalSection
GetProcessHeap
HeapFree
DeleteCriticalSection
FreeEnvironmentStringsA
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
TerminateProcess
InterlockedExchange

user32

EndDialog
MessageBeep
GetMenuState
GetMenuStringW
LoadImageW
MessageBoxW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
wvsprintfW
LoadStringA
GetActiveWindow
SystemParametersInfoW
DialogBoxParamW
IsWindowVisible
GetSubMenu
InsertMenuW
SetDlgItemTextW
GetMenuItemCount
EnableMenuItem
CheckMenuItem
DeleteMenu
TranslateAcceleratorW
SetMenuDefaultItem
GetMenuItemInfoW
SetMenuItemInfoW
LoadStringW
GetMenu
PostMessageW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
CharNextW
GetClassNameW
DestroyWindow
RedrawWindow
IsWindow
GetDlgItem
SetFocus
EnableWindow
GetScrollRange
GetScrollInfo
SetScrollRange
SetScrollPos
MoveWindow
FindWindowW
SetForegroundWindow
LoadMenuW
GetMenuItemID
LoadAcceleratorsW
GetFocus
IsChild
GetWindow
DestroyAcceleratorTable
BeginPaint
EndPaint
GetDesktopWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
FillRect
GetSysColor
CreateWindowExW
RegisterClassExW
ClientToScreen
ScreenToClient
ReleaseCapture
LoadCursorW
wsprintfW
GetClassInfoExW
SendMessageW
GetParent
SetCapture
ShowWindow
GetClientRect
GetWindowRect
SetWindowPos
CallWindowProcW
GetWindowLongW
SetWindowLongW
DefWindowProcW
UnregisterClassW
PostQuitMessage

gdi32

GetTextMetricsW
CreateSolidBrush
GetStockObject
GetObjectW
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
DeleteObject
SelectObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW

ole32

CoTaskMemRealloc
CoTaskMemFree
OleUninitialize
OleInitialize
CoCreateInstance
CoUninitialize
CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
CoTaskMemAlloc
StringFromGUID2
CoInitialize
CLSIDFromString

oleaut32

OleCreateFontIndirect
SysStringByteLen
LoadTypeLi
LoadRegTypeLi
VariantInit
DispCallFunc
VariantClear
SysStringLen
SysAllocString
SysAllocStringLen
SysFreeString
VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

amuxtlu
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 228KB - Virtual size: 228KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d6d21cc176458559d1181ad4805ce3d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 48KB - Virtual size: 51KB

.rsrc Size: 20KB - Virtual size: 16KB

amuxtlu Size: 8KB - Virtual size: 4KB

Size: 228KB - Virtual size: 228KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 48KB - Virtual size: 51KB

.rsrc
Size: 20KB - Virtual size: 16KB

amuxtlu
Size: 8KB - Virtual size: 4KB