a513aa52f700bae7d095e3912b29cb9e478c1a8614f9815107dab5ac7fb8de1f

Sharing

Copy URL Twitter E-mail

General

Target

a513aa52f700bae7d095e3912b29cb9e478c1a8614f9815107dab5ac7fb8de1f
Size

716KB
MD5

68377dcd4cd3923310d12a5b7f0c3511
SHA1

0c00136a1eb5429ef36acf699b3d19574f37ec52
SHA256

a513aa52f700bae7d095e3912b29cb9e478c1a8614f9815107dab5ac7fb8de1f
SHA512

855cbf63fd1a30b380d201c58acb06898fadfb87945c12b46a2ef2469f41000436c5f185b7556a85bf195b8c4a4c0fe8f1f66b71742bb6f93b3b7ba1bef9bc30
SSDEEP

12288:YIZK/rO0NcvPdSV3tzcEkKDm7tiwbbxxNM9klMvuC+2via0YOld4zbOjDWS:YLE1SV3xcFf1lM2wvia0ZdquDWS

Score

N/A

Malware Config

Signatures

Files

a513aa52f700bae7d095e3912b29cb9e478c1a8614f9815107dab5ac7fb8de1f
.exe windows x86

20e79716eeabe0bbaa8afa7b3512b69b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
GetUserNameA
AllocateAndInitializeSid
RegCloseKey
RegEnumValueA
RegEnumKeyExA
RegSetValueExW
InitializeAcl
DeleteService
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
GetLengthSid
CopySid
RegOpenKeyExA
InitializeSecurityDescriptor
OpenThreadToken
RegCreateKeyA
SetSecurityDescriptorDacl
ControlService
RegQueryValueExA
OpenProcessToken
StartServiceCtrlDispatcherA
SetServiceStatus
CloseServiceHandle
GetTokenInformation
RegOpenKeyA

user32

FindWindowW
LoadMenuW
CreateWindowExW
ReuseDDElParam
ShowWindow
GetWindow
PtInRect
RegisterClassExW
MessageBoxW
FillRect
GetMenuItemID
GetCursorPos
CreateDialogIndirectParamW
SetMenuItemInfoW
GetMenuItemInfoW
KillTimer
IsRectEmpty
GetClientRect
GetDC
SetActiveWindow
DispatchMessageW
GetSystemMenu
LoadAcceleratorsW
InvalidateRect
LoadCursorW
EndDialog
SendMessageTimeoutW
LoadIconW
SetTimer
GetSystemMetrics
GetDlgItem
MoveWindow
GetSubMenu
SystemParametersInfoW
DestroyWindow
UnpackDDElParam
ScreenToClient
RegisterClassW
GetTopWindow
TranslateMessage
PostQuitMessage
DefWindowProcW
CallWindowProcW
ModifyMenuW
BeginPaint
DrawTextExW
SetCapture
AdjustWindowRectEx
GetForegroundWindow
IsWindow
EndPaint
GetIconInfo
CloseClipboard

comctl32

InitCommonControlsEx
ImageList_Create
ord17
ImageList_ReplaceIcon

shell32

ShellExecuteA
ord155
DragQueryFileW
DragAcceptFiles

comdlg32

GetSaveFileNameW
PrintDlgW

oleaut32

LoadTypeLi

mfc42

ord1576

gdi32

CreateDCW
GetDeviceCaps
DeleteDC
GetObjectW

kernel32

GetDateFormatA
UnmapViewOfFile
GetLocaleInfoA
LCMapStringA
GlobalUnlock
FlushFileBuffers
CreateDirectoryA
GetFileTime
GetCurrentThreadId
lstrlenW
FindClose
MapViewOfFile
HeapCreate
GetCurrentProcessId
GetSystemDirectoryA
ReadFile
SetLastError
GetStringTypeW
UnlockFile
RaiseException
SetErrorMode
LoadLibraryA
FreeResource
TerminateProcess
GetCurrentThread
LoadResource
SetFileTime
Sleep
GetOEMCP
InterlockedDecrement
SetEvent
FatalAppExitA
LocalFree
LocalReAlloc
CopyFileA
GetEnvironmentStrings
WriteConsoleA
CreateFileMappingA
GetLocaleInfoW
lstrcmpA
TlsAlloc
GetThreadLocale
CloseHandle
GetFileType
InterlockedExchange
GlobalDeleteAtom
SuspendThread
VirtualFree
GlobalHandle
VirtualAlloc
ExitProcess
QueryPerformanceCounter
GetConsoleOutputCP
LeaveCriticalSection
LCMapStringW
DeleteFileW
FreeEnvironmentStringsA
lstrcpyA
TlsSetValue
GetFullPathNameW
GetCPInfo
GetACP
FreeLibrary
lstrcmpiA
GetSystemTime
EnterCriticalSection
GetCommandLineA
GetSystemTimeAsFileTime
HeapReAlloc
GlobalReAlloc
MoveFileW
lstrcpynA
GetLocalTime
HeapAlloc
GetProcessHeap
WriteFile
SetEnvironmentVariableA
SizeofResource
OutputDebugStringA
LocalAlloc
GlobalAlloc
GetVersion
lstrlenA
WaitForSingleObject
ResumeThread
GetTimeFormatA
GetCurrentProcess
GetLastError
GetFullPathNameA
VirtualQuery
FindNextFileA
GetStartupInfoA
InterlockedCompareExchange
DuplicateHandle
CompareStringA
lstrcmpiW
GetTempPathA
MulDiv
WideCharToMultiByte
GetModuleHandleA
FlushInstructionCache
FreeEnvironmentStringsW
DeleteCriticalSection
GetCommandLineW
FormatMessageA
GetVersionExW
InterlockedIncrement
VirtualProtect
GetStringTypeExW
LockFile
GetTimeZoneInformation
MultiByteToWideChar
FindFirstFileA
SetEndOfFile
GetProcAddress
GetModuleFileNameA
CreateDirectoryW
IsValidCodePage
GetStdHandle
TlsFree
HeapDestroy
IsValidLocale
HeapFree
CreateThread
WriteConsoleW
RtlUnwind
GetFileAttributesA
GetTempPathW
UnhandledExceptionFilter
SetThreadPriority
TlsGetValue
GetModuleHandleW
LocalFileTimeToFileTime
GetDriveTypeA
GetStringTypeA
InitializeCriticalSection
ExitThread
GetFileSize
GetEnvironmentStringsW
GetModuleFileNameW
GetVersionExA
HeapSize
GetSystemInfo
lstrcmpW
GetTickCount
CompareStringW
CreateMutexW
GetStartupInfoW
GlobalLock
CreateFileA
SetFilePointer
GetUserDefaultLCID
FileTimeToSystemTime
GetConsoleMode
GetCurrentDirectoryA
SystemTimeToFileTime
SetHandleCount
FindNextFileW
CopyFileW
GetConsoleCP
FindFirstFileW
GlobalSize
FileTimeToLocalFileTime
GlobalFree
LockResource
IsDebuggerPresent
SetUnhandledExceptionFilter
GlobalFlags
SetStdHandle
CreateFileW
DeleteFileA
IsBadWritePtr

ole32

OleInitialize
CLSIDFromProgID
OleUninitialize
StringFromCLSID
OleLockRunning
OleRun
CoTaskMemFree

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 460KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20e79716eeabe0bbaa8afa7b3512b69b

Headers

File Characteristics

Imports

advapi32

user32

comctl32

shell32

comdlg32

oleaut32

mfc42

gdi32

kernel32

ole32

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 460KB - Virtual size: 456KB

.data Size: 104KB - Virtual size: 101KB

.rsrc Size: 56KB - Virtual size: 55KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 460KB - Virtual size: 456KB

.data
Size: 104KB - Virtual size: 101KB

.rsrc
Size: 56KB - Virtual size: 55KB