27966c8f8bb6f5e8c3a309051f5dac75c731eb221e3c9262e8b8a5a7f000952b

Sharing

Copy URL Twitter E-mail

General

Target

27966c8f8bb6f5e8c3a309051f5dac75c731eb221e3c9262e8b8a5a7f000952b
Size

252KB
MD5

710478c59b8380667d2bf461f35e18f0
SHA1

cb8f41491589d4732dd6b77f6811ff041d3186e2
SHA256

27966c8f8bb6f5e8c3a309051f5dac75c731eb221e3c9262e8b8a5a7f000952b
SHA512

26243e10363a307d1560e285e20cb73ae90e92effe953b386563a500272497f4ca92bb1a1144b564b1f43939feb586546599385cccd4b73c7d52d0cec5345833
SSDEEP

6144:gXkKpF+zs9MpUx1vNyqL33DEPST/Jd8S1An:gXkHK7VnDRT/JdhAn

Score

N/A

Malware Config

Signatures

Files

27966c8f8bb6f5e8c3a309051f5dac75c731eb221e3c9262e8b8a5a7f000952b
.exe windows x86

3624ed1b5eb2f431da81d5f3a3220f9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

HeapAlloc
lstrlenA
lstrcmpiA
FindResourceA
lstrcpyA
lstrcatA
GetModuleFileNameA
GetModuleHandleA
CloseHandle
CreateMutexA
WaitForSingleObject
Sleep
lstrcpynA
CreateDirectoryA
WriteFile
CreateFileA
DeleteFileA
GetCurrentThreadId
CreateThread
CreateEventA
IsDBCSLeadByte
SetLastError
LockResource
LoadResource
InterlockedIncrement
SetEvent
InterlockedDecrement
GetFileAttributesA
GetTimeFormatA
GetDateFormatA
GetLocalTime
CreateProcessA
MulDiv
GlobalUnlock
GlobalLock
lstrcmpA
FreeLibrary
SizeofResource
LoadLibraryExA
GetCommandLineA
GlobalFree
GlobalHandle
ExpandEnvironmentStringsA
CopyFileA
MoveFileA
GetComputerNameA
SetStdHandle
GetStdHandle
GetSystemDirectoryA
ReadFile
GetFileSize
FlushFileBuffers
GetProcessHeap
FileTimeToSystemTime
GetFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
TerminateProcess
GetProcAddress
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCPInfo
GetOEMCP
GetStartupInfoA
HeapReAlloc
RtlUnwind
RaiseException
ExitProcess
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
LoadLibraryA
IsBadReadPtr
IsBadCodePtr
SetHandleCount
SetFilePointer
VirtualProtect
GetSystemInfo
VirtualQuery
HeapFree
GetCurrentProcess
FlushInstructionCache
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GlobalAlloc
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetTimeZoneInformation
GetFileType

user32

GetClassNameA
SetWindowPos
RedrawWindow
GetDlgItem
GetParent
IsChild
SetFocus
BeginPaint
EndPaint
CallWindowProcA
GetDesktopWindow
InvalidateRgn
CreateAcceleratorTableA
CreateWindowExA
RegisterClassExA
wsprintfA
UnregisterClassA
GetClassInfoExA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
RegisterWindowMessageA
DialogBoxIndirectParamA
CreateDialogIndirectParamA
GetActiveWindow
SetWindowContextHelpId
MapDialogRect
GetWindowRect
SendMessageA
InvalidateRect
ReleaseDC
GetDC
GetClientRect
FillRect
SetCapture
ReleaseCapture
GetSysColor
MsgWaitForMultipleObjects
PeekMessageA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DestroyAcceleratorTable
DefWindowProcA
PostThreadMessageA
GetMessageA
DispatchMessageA
TranslateMessage
DestroyWindow
LoadStringA
FindWindowA
GetWindow
SetForegroundWindow
IsIconic
CharUpperA
CharNextA
IsWindow
ShowWindow
GetWindowLongA
SetWindowLongA
GetFocus
LoadCursorA

gdi32

CreateFontIndirectA
CreateSolidBrush
DeleteObject
SelectObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetDeviceCaps
GetStockObject
GetObjectA

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

ole32

CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
CoCreateInstance
StringFromGUID2
CLSIDFromString
CoInitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoRegisterClassObject
CoRevokeClassObject
OleInitialize
OleUninitialize
CoUninitialize

oleaut32

SysStringByteLen
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
LoadRegTypeLi
VariantInit
VariantClear
OleCreateFontIndirect
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysFreeString
SysStringLen
SysAllocStringLen

shlwapi

PathFindExtensionA

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3624ed1b5eb2f431da81d5f3a3220f9b

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 104KB - Virtual size: 100KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 112KB - Virtual size: 112KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 112KB - Virtual size: 112KB