fda7ebc153b2c8d8d6c90e27f1edb177cf1b19eb16c7e64099b4288ba4a118e2

Sharing

Copy URL Twitter E-mail

General

Target

fda7ebc153b2c8d8d6c90e27f1edb177cf1b19eb16c7e64099b4288ba4a118e2
Size

957KB
MD5

4a2a7426b66f3aecfaf558150795fd40
SHA1

e9acb023adc62fdcb0e4c470f5a621e72ef09e59
SHA256

fda7ebc153b2c8d8d6c90e27f1edb177cf1b19eb16c7e64099b4288ba4a118e2
SHA512

e4f7a51deb910e0aef0fa656f7af3f0b1067e67439347ed5562049d4a12f387051e536458dd91ac94b990b1ab524147e51c2c35f9093d6cf0eb69b7f49a516c0
SSDEEP

12288:OwhAvrw5//SPPHFFaY03ajJ2A+ZEN3+tiXihyM9Cdl2w9Dj5ad+xQ1hu5C8/nPZv:xGCSPPlsYX+ZHRyj32w9Djf7t

Score

N/A

Malware Config

Signatures

Files

fda7ebc153b2c8d8d6c90e27f1edb177cf1b19eb16c7e64099b4288ba4a118e2
.exe windows x86

ef9250a0dee7ba6e6a7f9611b1fc5baf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
SetFilePointer
ReadFile
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
GetModuleHandleW
GetLastError
InitializeCriticalSection
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
GetVersion
WideCharToMultiByte
lstrlenA
DebugBreak
OutputDebugStringW
CreateMutexW
GetCurrentDirectoryW
GetVersionExW
GetPrivateProfileStringA
GetModuleFileNameA
lstrcmpiA
GetFileTime
OpenFile
CreateProcessW
GetFileAttributesW
GetLongPathNameW
OpenProcess
WritePrivateProfileStringW
GetPrivateProfileStringW
DeleteFileW
CreateThread
GetTempFileNameW
GetTempPathW
GetWindowsDirectoryW
CreateFileW
DeviceIoControl
CloseHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
IsValidLocale
GetCurrentProcessId
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringA
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
GetLocaleInfoW
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetModuleHandleA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
InitializeCriticalSectionAndSpinCount
InterlockedExchange
SetConsoleCtrlHandler
GetStdHandle
GetCurrentThread
LoadLibraryW
InterlockedDecrement
lstrlenW
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
RaiseException
GetCurrentThreadId
SetLastError
SetCurrentDirectoryW
FatalAppExitA
HeapDestroy
HeapCreate
HeapReAlloc
GetStartupInfoW
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitProcess
Sleep
RtlUnwind
TlsFree
TlsAlloc
ReleaseMutex
OpenThread
TlsSetValue
WaitForSingleObject
ExpandEnvironmentStringsW
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
GetModuleFileNameW
EnumSystemLocalesA
VirtualAlloc
SetEnvironmentVariableW
TlsGetValue
GetEnvironmentVariableW
GetSystemTime
LocalFree
GetLocalTime
FormatMessageW
GetFileSizeEx
WriteFile
SetFilePointerEx
SetEndOfFile
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
CreateFileA
GetProcAddress

user32

InflateRect
CopyRect
GetClientRect
GetKeyboardLayoutList
PostQuitMessage
SendMessageTimeoutW
FindWindowW
DefWindowProcW
UnregisterClassA
CreateDialogParamW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
DestroyWindow
ShowWindow
SetWindowLongW
LoadStringW
MessageBoxW
GetActiveWindow
CharNextW
SendMessageW
CharUpperW
CharLowerW
LoadKeyboardLayoutW
SystemParametersInfoW
GetSystemMetrics
WaitForInputIdle
PostMessageW
LoadImageW
GetParent
GetWindow
GetWindowRect
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
IsDialogMessageW
SetWindowTextW
SetForegroundWindow
RegisterClassExW
CreateWindowExW
RegisterWindowMessageW
SetWindowPos

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExA
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey

shell32

SHGetPathFromIDListW
SHChangeNotify
ShellExecuteExW
ShellExecuteW
SHGetMalloc
SHGetSpecialFolderLocation

ole32

CoTaskMemRealloc
CoUninitialize
CoInitialize
CoCreateInstance
CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree
OleRun
OleUninitialize
OleInitialize
StringFromCLSID

oleaut32

VariantChangeType
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysAllocString
VariantClear
VariantInit
DispCallFunc
VarUI4FromStr
GetErrorInfo
SetErrorInfo
CreateErrorInfo

shlwapi

PathAddBackslashW
PathFileExistsW
PathAppendW
SHGetValueW
PathRemoveFileSpecW
PathIsDirectoryW
StrToIntW
StrCmpW
PathFindFileNameW
PathCombineW
StrChrW
StrCmpNIW
UrlUnescapeW
StrStrIA
PathCombineA

comctl32

InitCommonControlsEx

psapi

GetModuleFileNameExW
EnumProcesses

version

VerQueryValueW
GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoW

wininet

InternetCanonicalizeUrlW
InternetCrackUrlW

ws2_32

inet_addr

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW

imm32

ImmGetDescriptionW
ImmIsIME
ImmGetIMEFileNameW

Sections

.text
Size: 692KB - Virtual size: 691KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 29KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ef9250a0dee7ba6e6a7f9611b1fc5baf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

psapi

version

wininet

ws2_32

urlmon

imm32

Sections

.text Size: 692KB - Virtual size: 691KB

.rdata Size: 74KB - Virtual size: 74KB

.data Size: 29KB - Virtual size: 40KB

.rsrc Size: 73KB - Virtual size: 72KB

.reloc Size: 81KB - Virtual size: 84KB

.text
Size: 692KB - Virtual size: 691KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 29KB - Virtual size: 40KB

.rsrc
Size: 73KB - Virtual size: 72KB

.reloc
Size: 81KB - Virtual size: 84KB