e83d45bd3589ba897cf0d457c4e6f5051de5332a9e5b1e73af9ec2fdbe6f6e76

Sharing

Copy URL Twitter E-mail

General

Target

e83d45bd3589ba897cf0d457c4e6f5051de5332a9e5b1e73af9ec2fdbe6f6e76
Size

957KB
MD5

7a5e7f914d34db0d50fb3bccdaaa7440
SHA1

cad5f51797b292a1678eecdb5dad17297dcf2aa8
SHA256

e83d45bd3589ba897cf0d457c4e6f5051de5332a9e5b1e73af9ec2fdbe6f6e76
SHA512

8898859548778c782350e919b9547c5f5a227a389ed4b7a569c8d5a86833c785a7b571509d30b60d5ea11791aae490d6c5c983f6e3c4c8a8c585cb5457ee9f10
SSDEEP

24576:Lg17uCnUNIym5CQtMOt7kU/kXYxMZDTWg8oSMLqH:pU/kWMZDTbPSZ

Score

N/A

Malware Config

Signatures

Files

e83d45bd3589ba897cf0d457c4e6f5051de5332a9e5b1e73af9ec2fdbe6f6e76
.exe windows x86

bf304dbb27d78a81f35ebfc07f667b83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenW
InternetCloseHandle
InternetOpenUrlW
InternetSetOptionW
InternetSetCookieW

comctl32

InitCommonControlsEx

shlwapi

StrCmpIW
StrToIntW
PathFileExistsW
StrStrIW

ws2_32

select
setsockopt
connect
socket
inet_addr
htonl
getservbyname
gethostbyaddr
getservbyport
WSACleanup
closesocket
WSAGetLastError
recv
send
getsockname
ntohs
bind
htons
getsockopt
ioctlsocket
getpeername
__WSAFDIsSet
listen
accept
recvfrom
inet_ntoa
gethostname
gethostbyname
WSAStartup
sendto
WSASetLastError

kernel32

WideCharToMultiByte
ReadFile
DeleteFileW
SetErrorMode
WaitForSingleObject
GetExitCodeProcess
CreateEventW
SuspendThread
SetFileAttributesW
FindResourceExW
FindResourceW
LoadResource
GetPrivateProfileStringW
SizeofResource
LockResource
GlobalMemoryStatusEx
SetEvent
ResetEvent
WaitForMultipleObjects
FreeLibrary
LoadLibraryExW
lstrcmpiW
MulDiv
OpenEventW
ResumeThread
GetCurrentThreadId
DeleteCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetFullPathNameA
SetStdHandle
GetModuleHandleA
GetCurrentDirectoryA
QueryPerformanceCounter
GetEnvironmentStringsW
InterlockedExchange
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
GetStartupInfoA
SetHandleCount
GetModuleFileNameA
HeapDestroy
HeapCreate
HeapSize
IsValidCodePage
GetOEMCP
GetACP
FindFirstFileA
GetDriveTypeA
GetFileInformationByHandle
RtlUnwind
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetDriveTypeW
FileTimeToLocalFileTime
GetStartupInfoW
GetCPInfo
ExitProcess
GetSystemTimeAsFileTime
GetFullPathNameW
UnhandledExceptionFilter
TerminateProcess
FormatMessageA
ExpandEnvironmentStringsA
GetStdHandle
GetFileType
PeekNamedPipe
GetSystemDirectoryA
SleepEx
SetNamedPipeHandleState
WaitNamedPipeW
QueryPerformanceFrequency
LocalAlloc
ReleaseMutex
OpenMutexW
RemoveDirectoryW
InterlockedCompareExchange
RaiseException
FlushInstructionCache
lstrcpynW
LeaveCriticalSection
GetVersionExW
InitializeCriticalSection
lstrcpynA
GetModuleFileNameW
lstrcpyW
DebugBreak
FindNextFileW
CreateFileMappingW
FindClose
GetTempPathW
MultiByteToWideChar
CreateFileW
Sleep
WriteFile
OutputDebugStringW
InterlockedIncrement
lstrlenA
SetFilePointer
FindFirstFileW
LocalFree
CloseHandle
lstrlenW
GetModuleHandleW
GetCurrentProcess
VirtualAlloc
InterlockedDecrement
CreateMutexW
GetCommandLineW
GetSystemDirectoryW
GlobalFree
SetLastError
GlobalAlloc
GetTickCount
GetProcAddress
LoadLibraryW
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetLocalTime
InitializeCriticalSectionAndSpinCount
OpenFileMappingW
UnmapViewOfFile
MapViewOfFile
CreateThread
ExitThread
FileTimeToSystemTime
GetFileAttributesW
LoadLibraryA
VirtualProtect
VirtualQuery
CreateProcessW
SetUnhandledExceptionFilter
FormatMessageW
GetLastError
CopyFileW
MoveFileExW
FreeEnvironmentStringsW
FlushFileBuffers
GetFileSize
CreateDirectoryW
GetCurrentProcessId
IsDebuggerPresent
lstrcatW
VirtualFree

user32

MessageBoxW
LoadStringW
SendMessageW
GetSystemMetrics
UnregisterClassA
SetRectEmpty
FindWindowW
wvsprintfW
MoveWindow
CopyRect
DefWindowProcW
IsWindow
GetMenuItemCount
LoadBitmapW
CreatePopupMenu
ShowWindow
SetWindowPos
EndDialog
SetWindowLongW
EnableMenuItem
CallWindowProcW
GetMonitorInfoW
SetMenuItemInfoW
DestroyIcon
SetWindowTextW
DestroyMenu
UpdateWindow
MapWindowPoints
SetMenuDefaultItem
RemoveMenu
CharNextW
DrawTextW
FillRect
GetParent
EnableWindow
DestroyWindow
GetMessageW
LoadImageW
wsprintfW
GetDC
TranslateMessage
LoadAcceleratorsW
LoadMenuW
ReleaseDC
GetDlgItem
DispatchMessageW
EndPaint
SetCursor
TranslateAcceleratorW
GetSystemMenu
SetTimer
GetWindowRect
MonitorFromPoint
PostQuitMessage
PostMessageW
PeekMessageW
KillTimer
LoadStringA
DialogBoxParamW
LoadCursorW
MessageBeep
SubtractRect
DrawIcon
GetClientRect
SetFocus
GetMenuItemInfoW
BeginPaint
PtInRect
GetClassInfoExW
RegisterClassExW
LoadIconW
TrackPopupMenuEx
IntersectRect
InvalidateRect
GetWindowLongW
AppendMenuW
GetWindowTextW
SetClassLongW
CreateWindowExW

gdi32

DPtoLP
MoveToEx
SetTextColor
CreateFontIndirectW
SetBkMode
DeleteObject
SelectObject
CreatePen
CreateSolidBrush
GetTextMetricsW
LineTo
GetDeviceCaps

advapi32

FreeSid
SetSecurityDescriptorSacl
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetLengthSid
InitializeAcl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAceEx
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetNamedSecurityInfoW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegOpenKeyW
RegSetValueExW
RegCreateKeyExW
AllocateAndInitializeSid
LookupAccountSidW
EqualSid
GetTokenInformation
OpenProcessToken
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
SetNamedSecurityInfoW
SetEntriesInAclW

shell32

CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW
SHFileOperationW
Shell_NotifyIconW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoInitialize
CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

VariantInit
SysStringLen
SysAllocString
SysFreeString
VarUI4FromStr

imm32

ImmDisableIME

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Sections

.text
Size: 679KB - Virtual size: 679KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 129KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bf304dbb27d78a81f35ebfc07f667b83

Headers

DLL Characteristics

File Characteristics

Imports

wininet

comctl32

shlwapi

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

imm32

version

Sections

.text Size: 679KB - Virtual size: 679KB

.rdata Size: 147KB - Virtual size: 147KB

.data Size: 129KB - Virtual size: 132KB

.text
Size: 679KB - Virtual size: 679KB

.rdata
Size: 147KB - Virtual size: 147KB

.data
Size: 129KB - Virtual size: 132KB