376b821df41f92f05dcb8bd3142e9c447a93786d372c58800a9e187e7fce7b6a

Sharing

Copy URL Twitter E-mail

General

Target

376b821df41f92f05dcb8bd3142e9c447a93786d372c58800a9e187e7fce7b6a
Size

104KB
MD5

49f44e7b10d89dbd32497bd5b450ffdf
SHA1

30642ca012a4c4c7ab310034e63c5bd3515c9f89
SHA256

376b821df41f92f05dcb8bd3142e9c447a93786d372c58800a9e187e7fce7b6a
SHA512

419c63bfd64dff3a85bf5db35f12c6665a461b0f96f05bec26c39937052fda654b06acb48c9d9a23c504d65ff0555126cc21ce062ec7da8e3647048e4205d1ce
SSDEEP

3072:u79wKPp8tCyJsg4RRWwVBScerBw+g4gojCtl:u7qwp86g4PpngruvVcCtl

Score

N/A

Malware Config

Signatures

Files

376b821df41f92f05dcb8bd3142e9c447a93786d372c58800a9e187e7fce7b6a
.exe windows x86

230d23c7350c57ef0047f2a35cbe6854

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalSize
GetTickCount
GlobalMemoryStatus
GetSystemInfo
OpenEventA
SetErrorMode
CreateMutexA
CopyFileA
GetModuleFileNameA
GetSystemTime
GetCurrentThreadId
GlobalLock
LocalFileTimeToFileTime
SystemTimeToFileTime
CreatePipe
DisconnectNamedPipe
TerminateProcess
PeekNamedPipe
WaitForMultipleObjects
OpenProcess
GetCurrentProcess
lstrcmpiA
GetModuleHandleA
GlobalUnlock
GlobalFree
LocalSize
GetLocalTime
GetSystemDirectoryA
CreateToolhelp32Snapshot
Process32First
Process32Next
GetVersionExA
LoadLibraryA
GetProcAddress
WinExec
GetWindowsDirectoryA
GetStartupInfoA
MoveFileA
WriteFile
SetFilePointer
ReadFile
CreateFileA
GetFileSize
RemoveDirectoryA
LocalAlloc
FindFirstFileA
LocalReAlloc
FindNextFileA
LocalFree
FindClose
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
lstrcatA
CreateProcessA
lstrlenA
lstrcpyA
GetFileAttributesA
CreateEventA
CreateDirectoryA
GetLastError
DeleteFileA
Sleep
CancelIo
InterlockedExchange
ResetEvent
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
InitializeCriticalSection
CreateThread
ResumeThread
SetEvent
WaitForSingleObject
TerminateThread
CloseHandle
SetFileTime

user32

BlockInput
SendMessageA
SystemParametersInfoA
keybd_event
MapVirtualKeyA
SetCapture
WindowFromPoint
SetCursorPos
mouse_event
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
GetSystemMetrics
SetRect
GetDC
GetDesktopWindow
DestroyCursor
GetCursorPos
GetCursorInfo
SetProcessWindowStation
OpenWindowStationA
GetProcessWindowStation
PostThreadMessageA
GetInputState
GetWindowThreadProcessId
CloseDesktop
SetThreadDesktop
OpenInputDesktop
GetUserObjectInformationA
GetThreadDesktop
IsWindow
CloseWindow
CreateWindowExA
PostMessageA
OpenDesktopA
DispatchMessageA
LoadCursorA
GetKeyState
GetAsyncKeyState
GetForegroundWindow
TranslateMessage
EnumWindows
IsWindowVisible
GetWindowTextA
MessageBoxA
ExitWindowsEx
wsprintfA
ReleaseDC
GetMessageA
CharNextA

gdi32

DeleteObject
CreateDIBSection
BitBlt
GetDIBits
SelectObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap

advapi32

CloseServiceHandle
CreateServiceA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyA
RegCloseKey
RegQueryValueA
RegOpenKeyExA
CloseEventLog
ClearEventLogA
OpenEventLogA
RegSetValueExA
RegCreateKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
ControlService
QueryServiceStatus
OpenServiceA
OpenSCManagerA
RegCreateKeyExA
DeleteService
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegQueryInfoKeyA
UnlockServiceDatabase
ChangeServiceConfigA
LockServiceDatabase
StartServiceA
QueryServiceConfigA
EnumServicesStatusA

shell32

SHGetFileInfoA
ShellExecuteA

msvcrt

_exit
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_strcmpi
_strupr
_strnicmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
??0exception@@QAE@ABQBD@Z
_iob
_onexit
__dllonexit
??1type_info@@UAE@XZ
calloc
_beginthreadex
strncat
exit
_errno
strchr
strcat
strncpy
strncmp
atoi
strcpy
strcmp
strrchr
_except_handler3
malloc
free
_CxxThrowException
memcmp
strstr
strlen
_ftol
ceil
memmove
__CxxFrameHandler
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
memset

winmm

waveInUnprepareHeader
waveInReset
waveInStop
waveOutWrite
waveInStart
waveInAddBuffer
waveInClose
waveInOpen
waveInGetNumDevs
waveOutOpen
waveOutGetNumDevs
waveOutReset
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutClose
waveInPrepareHeader

ws2_32

getsockname
htons
gethostname
__WSAFDIsSet
recvfrom
setsockopt
WSAIoctl
WSACleanup
WSAStartup
sendto
listen
accept
getpeername
bind
connect
ntohs
inet_addr
inet_ntoa
send
gethostbyname
socket
recv
closesocket
select

urlmon

URLDownloadToFileA

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

msvfw32

ICSeqCompressFrame
ICSeqCompressFrameEnd
ICSeqCompressFrameStart
ICSendMessage
ICOpen
ICClose
ICCompressorFree

psapi

EnumProcessModules
GetModuleFileNameExA

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

230d23c7350c57ef0047f2a35cbe6854

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msvcrt

winmm

ws2_32

urlmon

wininet

avicap32

msvfw32

psapi

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 2KB