a779bc4eb9e588f436466458ba5c982fa8f5fb09beb83d3121606de3ffb1f333

Sharing

Copy URL Twitter E-mail

General

Target

a779bc4eb9e588f436466458ba5c982fa8f5fb09beb83d3121606de3ffb1f333
Size

428KB
MD5

27d7b4d316d9e9670fd64287fe53eda6
SHA1

71afb1b9488ac685b133d0b56a3a1bb5c763efd3
SHA256

a779bc4eb9e588f436466458ba5c982fa8f5fb09beb83d3121606de3ffb1f333
SHA512

c6e9e728f9aa634e738ae6122945c9be5836dad39d5c32e3ad5901326b0eb8b714a350dfc20cd991767bb526417a9de1b8e18d31bcb67eb5ff9e9a2428cd2be5
SSDEEP

6144:m6Rl1/l66NnLkQjZnE/MGNG2/4rNNtX8tUm9bvZuHbZmYkUKUrNVopFe:TRl1/lsF/MGNG2/2HtX8+m9BDUrNVOU

Score

N/A

Malware Config

Signatures

Files

a779bc4eb9e588f436466458ba5c982fa8f5fb09beb83d3121606de3ffb1f333
.exe windows x86

ecd592e784b207c1be2ba36462faa5fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileA

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

kernel32

WideCharToMultiByte
lstrlenW
GetLastError
InterlockedIncrement
lstrcmpiA
IsDBCSLeadByte
DebugBreak
OutputDebugStringA
SetLastError
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
FindFirstFileA
CreateProcessA
WinExec
GetCurrentDirectoryA
CreateEventA
OpenEventA
GetProcAddress
GetCurrentThread
GlobalFree
GlobalAlloc
ReadFile
CreateFileA
WriteFile
GetPrivateProfileStringA
MultiByteToWideChar
GetFileAttributesA
CreateDirectoryA
lstrcpyA
GetTimeFormatA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
TerminateProcess
SetHandleCount
GetFileType
SetStdHandle
GetTimeZoneInformation
LCMapStringW
LCMapStringA
Sleep
HeapSize
GetStdHandle
ExitProcess
FatalAppExitA
HeapCreate
HeapDestroy
GetStringTypeW
GetStringTypeA
TlsFree
TlsSetValue
TlsAlloc
GetCurrentThreadId
GetPrivateProfileIntA
OpenProcess
CloseHandle
lstrlenA
InterlockedDecrement
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
TlsGetValue
LeaveCriticalSection
EnterCriticalSection
RaiseException
IsValidCodePage
GetOEMCP
GetCPInfo
GetStartupInfoA
SetEnvironmentVariableA
GetCommandLineA
SetFilePointer
CompareStringW
CompareStringA
FlushFileBuffers
GetLocaleInfoW
SetEndOfFile
SetConsoleCtrlHandler
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetConsoleMode
GetConsoleCP
HeapReAlloc
VirtualQuery
GetSystemInfo
CreateFileW
GetExitCodeProcess
GetVersionExA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
VirtualProtect
GetDateFormatA

user32

wsprintfA
UnregisterClassA
LoadImageA
IsWindow
PostMessageA
EndDialog
GetSysColorBrush
GetParent
GetSystemMetrics
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
SendMessageA
GetDlgItem
KillTimer
SetTimer
SetWindowTextA
GetWindowLongA
DefWindowProcA
GetActiveWindow
MessageBoxA
DialogBoxParamA
CharLowerA
DestroyWindow
CharNextA
LoadStringA
SetWindowLongA
GetWindow

gdi32

SetTextColor
SetBkMode

advapi32

RegEnumKeyExA
RegQueryValueExA
GetFileSecurityA
ImpersonateSelf
OpenThreadToken
MapGenericMask
AccessCheck
RevertToSelf
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

shell32

ShellExecuteA

ole32

CoFreeLibrary
CoLoadLibrary
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SafeArrayAccessData
SafeArrayUnaccessData
VarUI4FromStr
SysFreeString

comctl32

InitCommonControlsEx

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecd592e784b207c1be2ba36462faa5fd

Headers

File Characteristics

Imports

urlmon

psapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 144KB - Virtual size: 144KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 144KB - Virtual size: 144KB