b6b4b3a846e80c124ea9e2217ca2bc7d23ae1ef2109c66e424afbea726254999

Sharing

Copy URL Twitter E-mail

General

Target

b6b4b3a846e80c124ea9e2217ca2bc7d23ae1ef2109c66e424afbea726254999
Size

448KB
MD5

6229ddcab215c558da69487feba4ea06
SHA1

6876269f55bd1cc2767b5fbc5ee4611e8c82fd28
SHA256

b6b4b3a846e80c124ea9e2217ca2bc7d23ae1ef2109c66e424afbea726254999
SHA512

8f030465d76d4511cd4b39067f2f9dd78ac5fd9deb7ad3ed7ca44f98969043b88c78d4ecc6b1b4e675a3b304f1fdb5b2ac2f234af52003161b5c7e9ba07da853
SSDEEP

6144:WhYAbQWorAPRYR4fR4FOvOKU3Lc2VnfkxtJh4MpKwgZbOolPsf5WD2NWz:WhYAbQWGc2yfRuOvOd4+EolPsIig

Score

N/A

Malware Config

Signatures

Files

b6b4b3a846e80c124ea9e2217ca2bc7d23ae1ef2109c66e424afbea726254999
.exe windows x86

7f596d996a44a66d6d6be440ee1162db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenW
InternetSetOptionW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle

iphlpapi

GetAdaptersAddresses

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetSystemDirectoryW
GetComputerNameW
ReadFile
GetStartupInfoW
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
lstrlenA
GetProcAddress
GetModuleHandleW
OpenProcess
FreeLibrary
GetCurrentThreadId
GetACP
Sleep
GetCurrentProcess
GetVersionExW
GetSystemWow64DirectoryW
FindResourceW
SizeofResource
LoadResource
LockResource
FreeResource
GetCurrentDirectoryW
SetCurrentDirectoryW
RemoveDirectoryW
GetFileSize
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetEvent
InitializeCriticalSection
ReleaseSemaphore
ResetEvent
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
RaiseException
SetLastError
FlushInstructionCache
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpW
GetTempFileNameW
LoadLibraryExW
lstrcmpiW
GetCurrentDirectoryA
SetStdHandle
ExitProcess
HeapCreate
GetStartupInfoA
SetHandleCount
GetConsoleMode
GetSystemTime
GetModuleFileNameA
GetStdHandle
SetFilePointer
IsValidCodePage
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetSystemTimeAsFileTime
HeapReAlloc
GetFileType
GetFullPathNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
InitializeCriticalSectionAndSpinCount
GetDriveTypeA
SetFileTime
CloseHandle
CreateFileW
FileTimeToSystemTime
DeleteFileW
SetFileAttributesW
CreateDirectoryW
CopyFileW
GetLastError
GetPrivateProfileIntW
lstrlenW
GetCommandLineW
WideCharToMultiByte
GetCurrentProcessId
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetVolumeInformationW
VirtualFree
FlushFileBuffers
WriteFile
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
MultiByteToWideChar
GetTempPathW
GetConsoleCP
VirtualAlloc
SetEndOfFile
CreateFileA
HeapSize

user32

SetCapture
MoveWindow
ScreenToClient
ClientToScreen
CreateAcceleratorTableW
CreateWindowExW
DefWindowProcW
RegisterClassExW
LoadCursorW
RedrawWindow
CharNextW
GetSysColor
GetFocus
IsChild
EndPaint
BeginPaint
GetWindowTextLengthW
RegisterWindowMessageW
PostQuitMessage
FillRect
InvalidateRgn
DispatchMessageW
TranslateMessage
GetMessageW
UnregisterClassA
MessageBoxW
ReleaseCapture
CallWindowProcW
InvalidateRect
DestroyAcceleratorTable
GetWindow
MonitorFromWindow
GetMonitorInfoW
SetWindowPos
PostMessageW
GetDesktopWindow
ShowWindow
DestroyIcon
KillTimer
SendInput
SetTimer
MessageBeep
SetWindowTextW
LoadIconW
GetClassNameW
GetClientRect
SendMessageW
ReleaseDC
GetDC
IsWindow
DestroyWindow
MapWindowPoints
GetWindowRect
GetDlgItem
SetFocus
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
EnumWindows
LockSetForegroundWindow
SetWindowLongW
wsprintfA
wvsprintfW
wsprintfW
GetWindowTextW
GetWindowThreadProcessId
GetWindowLongW
GetParent
GetClassInfoExW
PeekMessageW

gdi32

BitBlt
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
GetStockObject
GetObjectW
GetDeviceCaps
SelectObject
DeleteDC

advapi32

FreeSid
AllocateAndInitializeSid
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
CheckTokenMembership
RegQueryInfoKeyW
RegDeleteValueW
RegCreateKeyExW

shell32

SHGetFolderPathW
ShellExecuteW
Shell_NotifyIconW

ole32

CoTaskMemRealloc
OleInitialize
OleUninitialize
CLSIDFromString
CoTaskMemFree
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromProgID

oleaut32

SysFreeString
VarUI4FromStr
DispCallFunc
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysAllocString
VariantClear
SysAllocStringLen
VariantInit
SysStringLen

shlwapi

StrStrIW
StrCatW
PathFileExistsW
PathAddBackslashW
PathFindFileNameW
PathIsDirectoryW
StrCmpIW
PathRemoveBackslashW
PathFindExtensionW
StrCpyW

urlmon

URLDownloadToFileW

psapi

GetProcessImageFileNameW
GetModuleFileNameExW
EnumProcessModules

Sections

.text
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7f596d996a44a66d6d6be440ee1162db

Headers

DLL Characteristics

File Characteristics

Imports

wininet

iphlpapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

urlmon

psapi

Sections

.text Size: 256KB - Virtual size: 256KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 10KB - Virtual size: 18KB

.rsrc Size: 44KB - Virtual size: 44KB

.reloc Size: 85KB - Virtual size: 88KB

.text
Size: 256KB - Virtual size: 256KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 10KB - Virtual size: 18KB

.rsrc
Size: 44KB - Virtual size: 44KB

.reloc
Size: 85KB - Virtual size: 88KB