29b1d6bdce2c1c8c6150994b010f01102029d454346a5db933da36d21a452fa3

Sharing

Copy URL

Twitter E-mail

General

Target

29b1d6bdce2c1c8c6150994b010f01102029d454346a5db933da36d21a452fa3
Size

456KB
MD5

65b2b6238f9a1fff8bafb2d233687d70
SHA1

a89126704d15aac88383e7c7c20a5cc508eecb55
SHA256

29b1d6bdce2c1c8c6150994b010f01102029d454346a5db933da36d21a452fa3
SHA512

011a04aa41dc69b59fb3201bc2dcba3d4da1f343b781c2c35e658b8c79f1ddf446167f41b63a3f9be8382814563bfad6a682a8f52dbe921e53b3c515ddfb6317
SSDEEP

6144:k47voB48j7GgjhGc9TBt+9TAWPlnALXqo1jmUZxL6xQGQm9UmM7I+6cwgL:kMABtfGgjhGc9TbYAWiLXqs76ve7I+Lx

Score

N/A

Malware Config

Signatures

Files

29b1d6bdce2c1c8c6150994b010f01102029d454346a5db933da36d21a452fa3
.exe windows x86

67ad0079d5920038f55ad5f1eab4c9cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
lstrcmpiA
lstrlenA
SetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
InitializeCriticalSection
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
lstrcmpA
MulDiv
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
IsDBCSLeadByte
GlobalFree
GlobalHandle
FreeLibrary
LoadLibraryExA
WriteFile
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetFileSize
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
Sleep
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStdHandle
HeapCreate
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
VirtualQuery
VirtualProtect
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
InterlockedExchange
SetFilePointer
ReadFile
CreateFileA
CloseHandle
GetSystemInfo
GetModuleHandleA
LoadLibraryA
GetProcAddress
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
GetThreadLocale
GetLocaleInfoA
GetACP
MultiByteToWideChar
GetStringTypeA

user32

GetSystemMetrics
PostQuitMessage
MessageBoxA
GetWindowRect
SetWindowPos
MoveWindow
SetWindowTextA
DestroyWindow
EqualRect
ReleaseCapture
MapDialogRect
CreateDialogIndirectParamA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
CopyRect
CreateAcceleratorTableA
IsWindow
GetDesktopWindow
GetFocus
SetFocus
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
FillRect
UnregisterClassA
GetClassNameA
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
CharNextA
GetSysColor
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
SendMessageA
IsDialogMessageA
SetWindowContextHelpId
GetWindow
SendDlgItemMessageA
CreateWindowExA
GetWindowLongA
SetWindowLongA

gdi32

GetStockObject
GetObjectA
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC

advapi32

RegSetValueExA
RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

ole32

CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoInitialize
CoUninitialize
CoTaskMemRealloc
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2

oleaut32

SysStringLen
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysStringByteLen
SysAllocString
SysAllocStringLen
SysFreeString

comctl32

InitCommonControlsEx

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

67ad0079d5920038f55ad5f1eab4c9cf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 132KB - Virtual size: 128KB

.bss Size: - Virtual size: 7.0MB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 12KB - Virtual size: 8KB

.rsrc Size: 16KB - Virtual size: 12KB

.tc Size: 248KB - Virtual size: 248KB

.text
Size: 132KB - Virtual size: 128KB

.bss
Size: - Virtual size: 7.0MB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 12KB - Virtual size: 8KB

.rsrc
Size: 16KB - Virtual size: 12KB

.tc
Size: 248KB - Virtual size: 248KB