3a389b6162c2ae7abc14ed9702d7e75bedaba08ce8e7544dec69765e4e9576fe

Sharing

Copy URL Twitter E-mail

General

Target

3a389b6162c2ae7abc14ed9702d7e75bedaba08ce8e7544dec69765e4e9576fe
Size

476KB
MD5

667f46a422173855d8316e2a6165cea0
SHA1

30967dc06b6db93b050f9093587b74e0549cfaa0
SHA256

3a389b6162c2ae7abc14ed9702d7e75bedaba08ce8e7544dec69765e4e9576fe
SHA512

5dc59ee07eec083d2ddfbeea3ee72e3c05ca9770140a0f7e0c6e1ddb62685c4585727624b32526122a3b9d0a14c832b42c5f3028b7644cf19f04202b47db67d6
SSDEEP

12288:CzJUYJbhmzvpWlEzUH/MW/Wm7MDgTuaZxZMma:CJrovpWlEAJt7kgqSM

Score

N/A

Malware Config

Signatures

Files

3a389b6162c2ae7abc14ed9702d7e75bedaba08ce8e7544dec69765e4e9576fe
.exe windows x86

a6e9bbf4f0709aa938d2c638b5f53138

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegDeleteValueA

user32

ShowWindow
ReleaseCapture
CreateAcceleratorTableA
GetParent
GetClassNameA
RedrawWindow
IsWindow
SetWindowPos
InvalidateRect
GetClientRect
FillRect
EndPaint
CallWindowProcA
GetDC
ReleaseDC
GetFocus
IsChild
SetFocus
GetSysColor
PeekMessageA
MsgWaitForMultipleObjects
InvalidateRgn
DestroyWindow
SendMessageA
GetDlgItem
CreateWindowExA
LoadImageA
SetCapture
RegisterClassA
PostMessageA
TrackPopupMenu
SetForegroundWindow
GetCursorPos
GetDesktopWindow
GetWindowTextLengthA
AppendMenuA
CreatePopupMenu
PostQuitMessage
EndDialog
EnableWindow
GetWindowTextA
SetWindowTextA
SetWindowLongA
GetWindow
CharNextA
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
DialogBoxIndirectParamA
wsprintfA
LoadStringA
MessageBoxA
BeginPaint
TranslateMessage
DispatchMessageA
GetWindowLongA

gdi32

DeleteObject
GetStockObject
GetObjectA
CreateSolidBrush
GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC

comctl32

ord17

wintrust

WinVerifyTrust

wininet

HttpSendRequestA
InternetGetConnectedState
InternetCloseHandle
InternetReadFile
InternetTimeToSystemTime
HttpQueryInfoA
InternetErrorDlg
InternetCrackUrlA
HttpAddRequestHeadersA
InternetTimeFromSystemTime
HttpOpenRequestA
InternetConnectA
InternetOpenA

urlmon

URLDownloadToFileA

shell32

Shell_NotifyIconA

kernel32

WaitForSingleObject
lstrlenW
MultiByteToWideChar
lstrcpynA
lstrcatA
LockResource
FreeLibrary
GetThreadLocale
CreatePipe
SetHandleInformation
ReadFile
LoadLibraryA
GetProcAddress
GetVersionExA
GetSystemTime
SystemTimeToTzSpecificLocalTime
WaitForMultipleObjects
SetEvent
CreateEventA
ResetEvent
CreateThread
GetCurrentProcess
FlushInstructionCache
CreateProcessA
GetExitCodeProcess
FormatMessageA
GetFileSize
GetFileTime
FileTimeToSystemTime
Sleep
SystemTimeToFileTime
CompareFileTime
SetFilePointer
SetEndOfFile
WriteFile
CreateFileA
WideCharToMultiByte
GlobalLock
GlobalUnlock
GlobalAlloc
FindResourceA
LoadResource
GetLastError
GlobalHandle
GlobalFree
FreeResource
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetTempPathA
DeleteFileA
lstrlenA
lstrcpyA
lstrcmpA
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
GetCommandLineA
InterlockedIncrement
InterlockedDecrement
GetStartupInfoA
GetModuleHandleA
CloseHandle
CreateMutexA
lstrcmpiA

olepro32

ord253

ole32

CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoTaskMemFree
CoUninitialize
CoInitializeSecurity
CLSIDFromProgID
CLSIDFromString
StringFromCLSID
CoTaskMemAlloc
OleLockRunning
CoCreateGuid

oleaut32

SysFreeString
SysAllocString
LoadRegTypeLi
SysStringLen
VariantClear
SysAllocStringLen

msvcrt

__set_app_type
__p__fmode
_stricmp
_controlfp
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
__setusermatherr
__p__commode
_strdup
_adjust_fdiv
time
iswspace
_exit
??2@YAPAXI@Z
_splitpath
strstr
fopen
fread
fclose
_ftol
srand
_except_handler3
_EH_prolog
__CxxFrameHandler
??3@YAXPAX@Z
free
sscanf
isspace
?terminate@@YAXXZ
malloc
_purecall
fgetc
rand
strrchr
strncmp
asctime
strncpy
sprintf
localtime

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

:(�
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a6e9bbf4f0709aa938d2c638b5f53138

Headers

File Characteristics

Imports

advapi32

user32

gdi32

comctl32

wintrust

wininet

urlmon

shell32

kernel32

olepro32

ole32

oleaut32

msvcrt

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 164KB - Virtual size: 162KB

:(� Size: 236KB - Virtual size: 236KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 164KB - Virtual size: 162KB

:(�
Size: 236KB - Virtual size: 236KB