7166e91bdb2c705ef3ffe36c22c68e7260797890accbdd895dde839384c6512f

Sharing

Copy URL Twitter E-mail

General

Target

7166e91bdb2c705ef3ffe36c22c68e7260797890accbdd895dde839384c6512f
Size

635KB
MD5

65e45e6c3c8dae075f21036e0d20a7d0
SHA1

55596ac0f68d1c668aeb5a3235493088ed9b6e17
SHA256

7166e91bdb2c705ef3ffe36c22c68e7260797890accbdd895dde839384c6512f
SHA512

e020d7d337ec1b0eb938168f26dbb3dbf75ac9bd80d7d815e5c7bea8399c7779e893217fa62a4cc4d7583c21fd838171e5052a417986bcfd3c0533614cc3eb03
SSDEEP

12288:+8Q2r13R3itKWmvkMGHevd/lTTuJUcFZsMuivIhISg9PMbl9Caauc3:+LK3eKWmvXvdNTTuqKsMdvdSg9PMbl9+

Score

N/A

Malware Config

Signatures

Files

7166e91bdb2c705ef3ffe36c22c68e7260797890accbdd895dde839384c6512f
.exe windows x86

0a1f43048bf77de9ce5331b9e4c447a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetSystemInfo
GetStartupInfoW
CopyFileW
GetTickCount
InitializeCriticalSection
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
QueryPerformanceCounter
HeapCreate
GetStartupInfoA
SetHandleCount
GetCurrentProcessId
FreeEnvironmentStringsW
GetModuleFileNameA
ExitProcess
Sleep
HeapReAlloc
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetFilePointer
SystemTimeToFileTime
LocalFileTimeToFileTime
DeviceIoControl
SetEndOfFile
GetFileSizeEx
WriteFile
SetFilePointerEx
ReadFile
GetEnvironmentVariableW
SetEnvironmentVariableW
TlsFree
TlsAlloc
OpenThread
TlsSetValue
TlsGetValue
ReleaseMutex
CreateFileA
CreateFileW
GetSystemTimeAsFileTime
OutputDebugStringW
FormatMessageW
GetSystemTime
LocalFree
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetModuleHandleW
FindResourceW
LoadResource
SizeofResource
GetLastError
EnterCriticalSection
RaiseException
WaitForSingleObject
CloseHandle
CreateProcessW
GetVersionExW
MulDiv
SetLastError
FlushInstructionCache
GetCurrentProcess
GetTempPathW
GetTempFileNameW
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
InterlockedExchange
GetCurrentThreadId
GetCommandLineW
CreateMutexW
FreeResource
LockResource
lstrlenA
GetStdHandle
DeleteCriticalSection
WideCharToMultiByte
LeaveCriticalSection
lstrcmpiW
LoadLibraryExW
FreeLibrary
GetModuleFileNameW
lstrlenW
GetProcAddress
LoadLibraryW
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetEnvironmentStringsW
VirtualQuery

user32

CharNextW
MessageBoxW
UnregisterClassA
IsIconic
ShowWindow
SetForegroundWindow
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
LoadStringW
DefWindowProcW
RegisterClassW
GetClassInfoW
GetCursorPos
FindWindowW
IsRectEmpty
FillRect
SetRect
PostQuitMessage
GetSystemMetrics
LoadImageW
IsDialogMessageW
GetSubMenu
LoadMenuW
LoadCursorW
GetClassInfoExW
RegisterClassExW
HideCaret
SetActiveWindow
ClientToScreen
GetKeyState
EnableMenuItem
CharLowerW
EndDialog
SetWindowTextW
GetWindow
MonitorFromWindow
GetMonitorInfoW
SetDlgItemTextW
SetFocus
FindWindowExW
EnableWindow
MoveWindow
GetWindowTextW
GetFocus
ScreenToClient
InvalidateRect
IsWindowVisible
MapWindowPoints
GetWindowRect
GetDlgItem
SetWindowPos
GetActiveWindow
PostMessageW
SetTimer
KillTimer
SetWindowRgn
SetLayeredWindowAttributes
CallWindowProcW
GetWindowLongW
GetParent
SendMessageW
CreateWindowExW
OffsetRect
PtInRect
GetClientRect
EndPaint
BeginPaint
RedrawWindow
DialogBoxParamW
IsWindow
ReleaseDC
DrawTextW
GetDC
SetWindowLongW
CreateDialogParamW
DestroyWindow

gdi32

CreateSolidBrush
GetStockObject
SetTextColor
CombineRgn
CreatePolygonRgn
CreateRectRgn
ExtTextOutW
SetBkColor
Rectangle
SetBkMode
CreatePen
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SetViewportOrgEx
DeleteObject
SelectObject
DeleteDC
CreateFontW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegQueryValueExA
RegQueryValueExW

shell32

SHGetSpecialFolderPathW
SHCreateDirectoryExW
ShellExecuteW

ole32

CoInitialize
CoTaskMemFree
OleUninitialize
CoUninitialize
OleInitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

VariantClear
SysStringLen
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
SysAllocString
SysFreeString
VariantInit
VarUI4FromStr

shlwapi

PathFindExtensionW
PathCanonicalizeW
PathRemoveExtensionW
PathRemoveFileSpecW
PathAppendW
PathCombineW
PathFileExistsW
PathRenameExtensionW
SHGetValueW
PathIsRelativeW
PathFindFileNameW

comctl32

InitCommonControlsEx
_TrackMouseEvent

version

VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoW

Sections

.text
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 273KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0a1f43048bf77de9ce5331b9e4c447a9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

version

Sections

.text Size: 267KB - Virtual size: 267KB

.rdata Size: 73KB - Virtual size: 73KB

.data Size: 13KB - Virtual size: 21KB

.rsrc Size: 273KB - Virtual size: 276KB

.text
Size: 267KB - Virtual size: 267KB

.rdata
Size: 73KB - Virtual size: 73KB

.data
Size: 13KB - Virtual size: 21KB

.rsrc
Size: 273KB - Virtual size: 276KB