1dec2bbf5f2b392f6f29582b76bc05802d02a9237aff7302fbe8cc1802811ceb

Sharing

Copy URL Twitter E-mail

General

Target

1dec2bbf5f2b392f6f29582b76bc05802d02a9237aff7302fbe8cc1802811ceb
Size

568KB
MD5

66d2c27bab638c46fbc74e4b425b4592
SHA1

841bc4decbd65afedc657f4501cb6cdbc20dce88
SHA256

1dec2bbf5f2b392f6f29582b76bc05802d02a9237aff7302fbe8cc1802811ceb
SHA512

63c225780d0a84ac43798516eb1a59b7278e310d09dd2858b086797f350d3ebb6f0cc54f923baf590aa9a22fdf6caee29be019c405620428d7691d0cab6dd749
SSDEEP

12288:95zCzP4NtRJmcqibIh51k6Vdt922K0tK1mAlskUGuc5hvV7:KzPcRJrqiAzk6pQfskN

Score

N/A

Malware Config

Signatures

Files

1dec2bbf5f2b392f6f29582b76bc05802d02a9237aff7302fbe8cc1802811ceb
.exe windows x86

39e7ba57a58fa7b9b0acb963c2bb6259

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

RealShellExecuteExA
ExtractIconExW
SHAppBarMessage
SHGetDesktopFolder

wininet

DeleteUrlCacheGroup
SetUrlCacheEntryInfoA
HttpQueryInfoA
FtpGetFileSize
GetUrlCacheGroupAttributeW
InternetGetCertByURL
InternetSetOptionA

comctl32

ImageList_Add
DrawInsert
ImageList_GetIcon
MakeDragList
ImageList_GetIconSize
DrawStatusTextA
InitCommonControlsEx

kernel32

HeapCreate
GetConsoleMode
ExpandEnvironmentStringsW
InterlockedExchange
CreateNamedPipeW
InitializeCriticalSection
FreeEnvironmentStringsW
WriteConsoleOutputCharacterW
ReadConsoleInputW
GetProcessHeaps
WideCharToMultiByte
GetCurrentProcess
VirtualFree
InterlockedDecrement
VirtualQuery
GetTempPathW
MapViewOfFileEx
GetLastError
CreateDirectoryA
EnterCriticalSection
GetVersion
GetStringTypeA
FindNextChangeNotification
InitializeCriticalSectionAndSpinCount
VirtualQueryEx
CreateMutexA
SetStdHandle
HeapDestroy
GetStartupInfoA
LCMapStringW
GetEnvironmentStringsW
GetConsoleTitleW
GetModuleFileNameA
GetCommandLineW
GetTickCount
EnumCalendarInfoW
GetEnvironmentStrings
GetModuleHandleA
IsBadWritePtr
FreeResource
HeapReAlloc
GetSystemTime
WriteConsoleA
TlsSetValue
CompareStringA
CreateDirectoryExA
GlobalGetAtomNameW
CloseHandle
FlushFileBuffers
OpenMutexA
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetEnvironmentStringsA
GetCurrentThreadId
GetSystemDirectoryA
WriteFile
GetCurrentProcessId
GlobalGetAtomNameA
VirtualAllocEx
DeleteCriticalSection
CompareStringW
GetProfileSectionA
FormatMessageA
TlsAlloc
GetModuleFileNameW
GetStringTypeW
SetComputerNameA
GetModuleHandleW
GetProcAddress
TlsGetValue
ReleaseSemaphore
VirtualAlloc
GetStartupInfoW
GetFileType
GetProcAddress
GetStdHandle
InterlockedIncrement
SetFileAttributesW
GetConsoleOutputCP
OpenProcess
RtlMoveMemory
TerminateProcess
GetComputerNameW
LeaveCriticalSection
SetHandleCount
HeapAlloc
SetConsoleWindowInfo
GetLocalTime
GetTimeFormatW
QueryPerformanceCounter
ExitProcess
WaitForSingleObject
RtlUnwind
TlsFree
LoadLibraryA
GetTimeZoneInformation
SetFilePointer
GetCPInfo
SetEnvironmentVariableA
DeleteFileA
ReadFile
GetCurrentThread
CreateNamedPipeA
VirtualFreeEx
LoadLibraryExA
FindFirstFileExW
GetSystemTimeAsFileTime
SetLastError
ReadFileEx
LCMapStringA
HeapFree
LoadResource
MultiByteToWideChar
GetPrivateProfileSectionW
LocalFileTimeToFileTime
SetWaitableTimer
GetCommandLineA
FoldStringA

user32

ShowWindow
DefWindowProcA
CharPrevExA
LoadMenuIndirectW
SendMessageTimeoutW
DefMDIChildProcA
EqualRect
TrackPopupMenuEx
GetMenuStringW
IsWindow
SetScrollPos
GetInputDesktop
DdeAddData
ImpersonateDdeClientWindow
DrawTextExA
EnumPropsW
DdeCreateDataHandle
GetMenuItemCount
DdeSetUserHandle
DdeConnect
BlockInput
GetClassWord
IsWindowVisible
SetClassLongW
DdeCmpStringHandles
GetWindowDC
DdeQueryStringA
ToUnicode
DdePostAdvise
CreateWindowExW
MonitorFromRect
DestroyCaret
RegisterClassExA
ModifyMenuA
WaitMessage
MessageBoxW
EnumDisplaySettingsExA
DestroyWindow
GetMenu
SetMenuInfo
RemovePropW
FreeDDElParam
LoadAcceleratorsW
CallMsgFilter
LoadMenuA
ReleaseCapture
RegisterClassA
GetIconInfo
LoadIconA
BringWindowToTop
OpenInputDesktop

gdi32

GetSystemPaletteUse
GetMiterLimit
SetWindowExtEx
CreateMetaFileA
TranslateCharsetInfo
SetPaletteEntries
CopyEnhMetaFileA
CombineTransform
GetTextMetricsW
StrokePath

advapi32

RegOpenKeyExA
CryptReleaseContext
CryptEnumProviderTypesA
RegReplaceKeyA
CryptSetKeyParam
CryptSetHashParam
RegNotifyChangeKeyValue
CreateServiceA
RegOpenKeyW
CryptSetProviderExW
RegSetValueExW
ReportEventW
RegLoadKeyA
CreateServiceW
RegQueryValueA
CryptSetProviderW
LookupPrivilegeDisplayNameA
AbortSystemShutdownW
RegCreateKeyA
CryptEnumProvidersA
CryptAcquireContextW
RegFlushKey
RegConnectRegistryW

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39e7ba57a58fa7b9b0acb963c2bb6259

Headers

File Characteristics

Imports

shell32

wininet

comctl32

kernel32

user32

gdi32

advapi32

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 264KB - Virtual size: 263KB

.data Size: 108KB - Virtual size: 125KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 264KB - Virtual size: 263KB

.data
Size: 108KB - Virtual size: 125KB

.rsrc
Size: 16KB - Virtual size: 14KB