1731ca3e437fb9de022c2f7c2d1fad20f8d24d1d8f4951cd6d6416562f4d7472

Sharing

Copy URL Twitter E-mail

General

Target

1731ca3e437fb9de022c2f7c2d1fad20f8d24d1d8f4951cd6d6416562f4d7472
Size

624KB
MD5

545b3021e9c8b82216a13f113c4dda90
SHA1

f5e1443b3f80879a0b02ed75a187f1e2f6bd1cc6
SHA256

1731ca3e437fb9de022c2f7c2d1fad20f8d24d1d8f4951cd6d6416562f4d7472
SHA512

3bc997fee5d21167b2ca371055fbc22abf2e8aae61e1c7f1e257aa168382f49fdd1e56629543bc525488ab242108cdb6934942c60994a0c610f08d641828f88e
SSDEEP

12288:E0bDt39SkAuqQYQT6SAryYT6SAryGT6SAryFT6SAry:E0b7SkAuXYo6Sy6S46Sv6S

Score

N/A

Malware Config

Signatures

Files

1731ca3e437fb9de022c2f7c2d1fad20f8d24d1d8f4951cd6d6416562f4d7472
.exe windows x86

107879563aa50982652c6580eea80407

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msi

ord210
ord180
ord178
ord44
ord168
ord15
ord87
ord110
ord91
ord77
ord148
ord31
ord159
ord8
ord160
ord117
ord158
ord67
ord174
ord141

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shlwapi

SHSetValueA
SHGetValueA

mpr

WNetGetConnectionA
MultinetGetConnectionPerformanceA

kernel32

GlobalLock
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeLibrary
GlobalAlloc
SetLastError
FindNextFileA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessVersion
MulDiv
GlobalFlags
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
SizeofResource
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
RtlUnwind
Sleep
GetStartupInfoA
GetCommandLineA
ExitProcess
CreateThread
GlobalUnlock
HeapAlloc
HeapFree
SetStdHandle
GetFileType
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
TerminateProcess
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalFree
LockResource
FindResourceA
LoadResource
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpA
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
LoadLibraryA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DuplicateHandle
CreateFileA
FindFirstFileA
FindClose
lstrcpynA
GetFileTime
GetFileSize
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
SuspendThread
GetCurrentThreadId
ResumeThread
GetVersionExA
lstrcpyA
lstrcatA
GetCurrentThread
GetProfileStringA
GetLastError
WaitForSingleObject
CreateEventA
GetDriveTypeA
GetModuleFileNameA
GetCurrentDirectoryA
GetVersion
GetSystemDirectoryA
GetProcAddress
GetCurrentProcess
CreateProcessA
GetExitCodeProcess
CloseHandle
GetUserDefaultLangID
GetModuleHandleA
LoadLibraryExA
GetPrivateProfileStringA
GetComputerNameA
GetDiskFreeSpaceExA
GetTempPathA
GetFileAttributesA
SetFileAttributesA
CopyFileA
CreateMutexA
ReleaseMutex
SetEvent
ExitThread

user32

LoadStringA
SetCursor
GetAsyncKeyState
MapDialogRect
ReleaseDC
GetDC
LoadCursorA
GetSysColorBrush
GetClassNameA
PtInRect
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyMenu
InflateRect
InvalidateRect
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
UnhookWindowsHookEx
GetSystemMetrics
CharUpperA
wsprintfA
GetMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
LoadIconA
ShowWindow
SetWindowTextA
IsDialogMessageA
GetParent
MessageBoxA
EnableWindow
ExitWindowsEx
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
PostMessageA
SendMessageA
SetDlgItemTextA
IntersectRect

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetTextExtentPointA
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
BitBlt
CreateCompatibleDC
SetMapMode
SetBkMode
RestoreDC
SaveDC
DeleteDC
GetStockObject
SelectObject
DeleteObject
GetDeviceCaps
PatBlt
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
CreateBitmap

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
FreeSid
EqualSid
RegCloseKey
OpenThreadToken
GetTokenInformation
AllocateAndInitializeSid

comctl32

ImageList_ReplaceIcon
ImageList_SetBkColor
ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Destroy
ImageList_Create

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�L��A�
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

&��A�
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

&V��A8
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

&��A�
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

107879563aa50982652c6580eea80407

Headers

File Characteristics

Imports

msi

version

shlwapi

mpr

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 24KB - Virtual size: 39KB

.rsrc Size: 4KB - Virtual size: 2KB

�L��A� Size: 84KB - Virtual size: 84KB

.text Size: 8KB - Virtual size: 4KB

&���A� Size: 84KB - Virtual size: 84KB

.text Size: 8KB - Virtual size: 4KB

&V��A8 Size: 84KB - Virtual size: 84KB

.text Size: 8KB - Virtual size: 4KB

&���A� Size: 84KB - Virtual size: 84KB

.text Size: 8KB - Virtual size: 4KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 24KB - Virtual size: 39KB

.rsrc
Size: 4KB - Virtual size: 2KB

�L��A�
Size: 84KB - Virtual size: 84KB

.text
Size: 8KB - Virtual size: 4KB

&��A�
Size: 84KB - Virtual size: 84KB

.text
Size: 8KB - Virtual size: 4KB

&V��A8
Size: 84KB - Virtual size: 84KB

.text
Size: 8KB - Virtual size: 4KB

&��A�
Size: 84KB - Virtual size: 84KB

.text
Size: 8KB - Virtual size: 4KB