13bf3509fd101d7124debf9e7105b184cf7f210d7026bb945a504d9f1f4cd816

Sharing

Copy URL

Twitter E-mail

General

Target

13bf3509fd101d7124debf9e7105b184cf7f210d7026bb945a504d9f1f4cd816
Size

640KB
MD5

61afb4a169c34141aa5cd4daa7446a91
SHA1

7bf8ef99a0eaad8391d78b810f46a0b5eade8814
SHA256

13bf3509fd101d7124debf9e7105b184cf7f210d7026bb945a504d9f1f4cd816
SHA512

ebf82b258fd732d3fb9a747956d2d10673be23471d33205548c36bc2427b6074b2eabfe6a1c455ad2ada34f4e2b74898a9d10eb27d0578734e3020fde0f66d4d
SSDEEP

12288:GpEodmc22J9eWYo7R/LvqZynM8/kjAk2gQ1wwc3OqitK0bpxjmCAdPaGy:GGoMA92o7RDqZEM8/kZQ1i3CkCpxjmvo

Score

N/A

Malware Config

Signatures

Files

13bf3509fd101d7124debf9e7105b184cf7f210d7026bb945a504d9f1f4cd816
.exe windows x86

6f67bed680ab51cd3d7afc50354fd269

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
GlobalFree
GlobalHandle
LockResource
LoadResource
GetModuleFileNameW
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryA
InterlockedIncrement
lstrcmpA
FlushInstructionCache
GetCurrentProcess
GetModuleFileNameA
GetShortPathNameW
GetExitCodeProcess
WaitForSingleObject
OpenProcess
LocalFree
WriteFile
LocalAlloc
CreateFileA
SizeofResource
FindClose
FindFirstFileA
CreateDirectoryA
GetVersionExA
GetShortPathNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GlobalAlloc
GlobalLock
CreateProcessA
CloseHandle
lstrlenA
SetUnhandledExceptionFilter
RaiseException
SetFilePointer
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
TerminateProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
GetOEMCP
GetACP
GetCPInfo
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
HeapAlloc
HeapFree
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
DeleteCriticalSection
SetStdHandle
FlushFileBuffers
EnterCriticalSection
GlobalUnlock
LeaveCriticalSection
HeapDestroy
InitializeCriticalSection
DeleteFileA
InterlockedDecrement
GetCurrentThreadId
IsBadCodePtr

user32

ShowWindow
IsDialogMessageA
DispatchMessageA
PostQuitMessage
TranslateMessage
GetMessageA
PeekMessageA
DestroyWindow
MoveWindow
GetCursor
CreateWindowExA
wsprintfA
InvalidateRgn
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetDesktopWindow
GetParent
GetClassNameA
RedrawWindow
IsWindow
BeginPaint
GetClientRect
FillRect
EndPaint
CallWindowProcA
GetDC
ReleaseDC
GetFocus
IsChild
SetFocus
GetSysColor
CreateDialogIndirectParamA
GetWindowTextLengthA
GetWindowTextA
GetWindow
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
LoadImageA
SendMessageA
SetWindowTextA
GetDlgItem
SystemParametersInfoA
SetWindowPos
GetSystemMetrics
GetWindowRect
InvalidateRect
GetWindowLongA
SetWindowLongA

gdi32

SelectObject
GetObjectA
GetStockObject
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
PatBlt

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoTaskMemAlloc
StringFromCLSID
OleLockRunning
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
CoUninitialize

oleaut32

SysAllocStringLen
LoadRegTypeLi
VariantClear
OleCreateFontIndirect
SysFreeString
DispCallFunc
SysAllocString
SysStringLen

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetGetConnectedState

comctl32

ord17

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 536KB - Virtual size: 535KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f67bed680ab51cd3d7afc50354fd269

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

wininet

comctl32

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 23KB

.rsrc Size: 536KB - Virtual size: 535KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 23KB

.rsrc
Size: 536KB - Virtual size: 535KB