9d0adf51910e69aeb6281ad0d2f184b9409eb1fab03f3b6aa166353ebd182737

Sharing

Copy URL Twitter E-mail

General

Target

9d0adf51910e69aeb6281ad0d2f184b9409eb1fab03f3b6aa166353ebd182737
Size

194KB
MD5

7cc978a0f9e8816a3923806bda5cd42b
SHA1

ef2082d5c30992de502898f7971e46ee89ae548f
SHA256

9d0adf51910e69aeb6281ad0d2f184b9409eb1fab03f3b6aa166353ebd182737
SHA512

8376e5fa4ee9ed078d96f30cc8490f243e4ca192582970fcce54ecd25ea2ac810715f3614124bf11006a49b2c57f1d64eec4df2f223090551f813093b87bcaa9
SSDEEP

3072:UUDzw1AVLPSfJCBXxaPBXPVpx4z3EzapYaMwxmt0969UyyMFZhnwp800qkoy:BIABafJCBX6BnY3W7pt0Y9Thwp8m

Score

N/A

Malware Config

Signatures

Files

9d0adf51910e69aeb6281ad0d2f184b9409eb1fab03f3b6aa166353ebd182737
.exe windows x86

b40ba0aeb3238d0fca95ee4668b03628

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathCombineW

advapi32

CryptDestroyHash
RegQueryInfoKeyA
RegDeleteValueA
CryptGetHashParam
RegQueryValueExA
RegEnumValueA
CryptEncrypt
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
CryptReleaseContext
RegSetValueExA
CryptImportKey
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptDestroyKey
RegEnumKeyExA
RegDeleteKeyA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

gdiplus

GdipAlloc
GdipFree
GdipDisposeImage
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCloneImage

gdi32

ExtEscape
CreateCompatibleDC
GetDeviceCaps
CreateDIBitmap
CreateDIBSection
BitBlt
StretchDIBits
SelectPalette
CreateSolidBrush
DeleteDC
GetObjectA
GetDIBits
CreateFontA
DeleteObject
GetStockObject
RealizePalette
SetStretchBltMode
CreateCompatibleBitmap
SelectObject
SetBkMode

ole32

CoTaskMemFree
OleLockRunning
CoInitialize
StgOpenStorage
CoSetProxyBlanket
CoUninitialize
StgCreateDocfile
CreateItemMoniker
BindMoniker
StringFromGUID2
GetRunningObjectTable
CLSIDFromProgID
CoTaskMemRealloc
CoCreateInstance
CreateBindCtx
CoInitializeSecurity
StgIsStorageFile
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoGetClassObject
CoTaskMemAlloc
CLSIDFromString

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

winmm

timeGetTime
timeSetEvent

user32

CallWindowProcA
wsprintfA
EndPaint
FindWindowA
RegisterWindowMessageA
IsChild
GetDC
GetQueueStatus
GetActiveWindow
CreateAcceleratorTableA
SendNotifyMessageA
RegisterClassExA
DestroyWindow
SetFocus
SetParent
DestroyAcceleratorTable
SetCapture
DrawTextA
KillTimer
PostMessageA
DispatchMessageA
EnumDisplayDevicesA
GetDesktopWindow
GetClientRect
BeginPaint
GetWindowTextA
SetWindowTextA
DefWindowProcA
SendMessageA
GetWindowRect
FillRect
SetRect
CreateDialogParamA
GetWindowTextLengthA
LoadCursorA
SetWindowLongA
RedrawWindow
MsgWaitForMultipleObjects
GetWindow
CharNextA
InvalidateRect
wvsprintfA
SendMessageTimeoutA
ReleaseDC
UnregisterClassA
GetParent
MoveWindow
InvalidateRgn
GetSysColor
GetClassInfoExA
CreateWindowExA
IsWindow
GetDlgItem
PostThreadMessageA
EqualRect
GetWindowLongA
GetClassNameA
GetFocus
ReleaseCapture
PeekMessageA
SetTimer
CopyRect
ShowWindow
SetWindowPos

kernel32

CreateFileW
GetShortPathNameW
CreateFileA
ReadFile
LocalFree
CreateFileMappingA
GetFileSize
WideCharToMultiByte
GetProcessAffinityMask
Sleep
DisableThreadLibraryCalls
EnumResourceTypesA
SetFilePointer
MapViewOfFile
GlobalAlloc
GetTickCount
LocalAlloc
GetFileAttributesA
GlobalSize
UnmapViewOfFile
WriteFile
GlobalFree
CloseHandle

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b40ba0aeb3238d0fca95ee4668b03628

Headers

File Characteristics

Imports

shlwapi

advapi32

shell32

gdiplus

gdi32

ole32

setupapi

winmm

user32

kernel32

version

wininet

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 75KB - Virtual size: 74KB

.tls Size: 1024B - Virtual size: 108KB

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 75KB - Virtual size: 74KB

.tls
Size: 1024B - Virtual size: 108KB