18d4f5b8b34b69e0f983bc52a9195f4cc5319bfd396660aa634a3705cf6d9764

Sharing

Copy URL Twitter E-mail

General

Target

18d4f5b8b34b69e0f983bc52a9195f4cc5319bfd396660aa634a3705cf6d9764
Size

517KB
MD5

6d92da33f4716f6b9a9f3e5d792dda31
SHA1

ded8351405346b9117eabe78c203b40109513e29
SHA256

18d4f5b8b34b69e0f983bc52a9195f4cc5319bfd396660aa634a3705cf6d9764
SHA512

e222ccd07e52feaf0a23b99b02de3c3c5746bfa4e367851edbce6ef4e87c52ea533b1b2e929f2f7ba2f7ae7c6bb7f1a414565ccecd87a40b91e1fb5e644c9fd5
SSDEEP

6144:k7Xq6QVLKxkZJeYAGYpS73pR3dc+J5x5qtpzDEFeA3J3m3705PnGJda+FGegSObs:8IKxYkYGUzd3J3m34ZGJgIPEPE

Score

N/A

Malware Config

Signatures

Files

18d4f5b8b34b69e0f983bc52a9195f4cc5319bfd396660aa634a3705cf6d9764
.exe windows x86

f591cf2d9fb8ceee32fd054d298dcf54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

GetExpandedNameW
LZOpenFileW
LZCopy
LZClose

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

comctl32

ord17

setupapi

SetupIterateCabinetW

shlwapi

StrStrIW

kernel32

WriteConsoleW
GetConsoleOutputCP
GetVersionExW
FindClose
FindNextFileW
lstrcmpW
FindFirstFileW
lstrcatW
lstrcpyW
lstrlenW
WritePrivateProfileStringW
WritePrivateProfileSectionW
GetPrivateProfileSectionW
GetWindowsDirectoryW
MoveFileExW
FreeLibrary
GetProcAddress
LoadLibraryW
WaitForSingleObject
OpenProcess
CloseHandle
GetTimeZoneInformation
GetModuleFileNameW
GetCurrentProcessId
Sleep
GetTempPathW
HeapFree
GetProcessHeap
WriteFile
GetDiskFreeSpaceW
GetModuleHandleW
DeleteFileW
HeapAlloc
CopyFileW
SetFileAttributesW
GetFileAttributesW
Process32NextW
lstrcmpiW
Process32FirstW
CreateToolhelp32Snapshot
GetLocaleInfoW
MultiByteToWideChar
WideCharToMultiByte
SetFilePointer
CreateProcessW
ReadFile
GetFileSize
CreateFileW
CreateDirectoryW
RemoveDirectoryW
SetCurrentDirectoryW
GetCurrentProcess
GetDriveTypeW
GetLogicalDriveStringsW
GetShortPathNameW
GetSystemDirectoryW
GetLastError
CreateMutexW
GetCurrentDirectoryW
WriteConsoleA
SetStdHandle
LoadLibraryA
InterlockedExchange
SetConsoleCtrlHandler
RtlUnwind
InitializeCriticalSection
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleHandleA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
HeapSize
CreateFileA
FlushFileBuffers
CompareStringA
CompareStringW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
lstrcpynW
SetEnvironmentVariableA
ExitProcess
HeapReAlloc
VirtualAlloc
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
ExitThread
GetCurrentThreadId
CreateThread
GetCommandLineA
GetVersionExA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
SetLastError

user32

KillTimer
PostMessageW
DialogBoxParamW
IsDlgButtonChecked
EndDialog
GetDlgItemTextW
SetFocus
CharUpperW
ExitWindowsEx
EnableWindow
FindWindowW
GetSystemMenu
DeleteMenu
DefWindowProcW
SetDlgItemTextW
CharPrevW
PeekMessageW
DispatchMessageW
SystemParametersInfoW
GetWindowRect
MoveWindow
ShowWindow
BringWindowToTop
SetActiveWindow
LoadStringW
MessageBoxW
wsprintfW
GetDlgItem
SendMessageW
DrawMenuBar

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
OpenProcessToken

shell32

SHChangeNotify
SHGetFolderPathW
SHGetFileInfoW
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetMalloc

ole32

CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.prdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f591cf2d9fb8ceee32fd054d298dcf54

Headers

File Characteristics

Imports

lz32

version

comctl32

setupapi

shlwapi

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 252KB - Virtual size: 249KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 84KB - Virtual size: 354KB

.idata Size: 8KB - Virtual size: 6KB

.rsrc Size: 60KB - Virtual size: 59KB

.prdata Size: 76KB - Virtual size: 76KB

.text
Size: 252KB - Virtual size: 249KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 84KB - Virtual size: 354KB

.idata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 60KB - Virtual size: 59KB

.prdata
Size: 76KB - Virtual size: 76KB