3ec2d70992a52d917b23e5f91ac07fa78d2b22c9271a30c45b1dc05e946cb903

Sharing

Copy URL

Twitter E-mail

General

Target

3ec2d70992a52d917b23e5f91ac07fa78d2b22c9271a30c45b1dc05e946cb903
Size

356KB
MD5

6c49837ea66c27057c7045fb381b3a74
SHA1

8f83872ce477359795b6f5dee3d5f0d5c86c72c0
SHA256

3ec2d70992a52d917b23e5f91ac07fa78d2b22c9271a30c45b1dc05e946cb903
SHA512

db55aeadf8fce31806e71e4c4774b560bb2f1843063fa3ff33fb54116decfd19ff747c043d0e63cff3f4eb90c375a68d5dd0a8df1e1d738e5e685a4d0186bea7
SSDEEP

6144:WT8vqhfb9SFohdZVUnnS7jZdH6UyktOSIHT2jsLEM1I:WTIWfb9SwUnSv/frOJ/LEN

Score

N/A

Malware Config

Signatures

Files

3ec2d70992a52d917b23e5f91ac07fa78d2b22c9271a30c45b1dc05e946cb903
.exe windows x86

5bb76c9b862d3d66ddbf9ae1fa74b496

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

sensapi

IsNetworkAlive

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
InterlockedDecrement
GetFileTime
WaitForSingleObject
lstrlenA
InterlockedIncrement
lstrcmpiA
lstrcpyA
GetModuleHandleA
GetModuleFileNameA
lstrcpynA
IsDBCSLeadByte
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
Sleep
CreateThread
CreateEventA
lstrcatA
SetEvent
ExitProcess
GetTickCount
FreeLibrary
LoadLibraryExA
GetCommandLineA
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
CompareStringA
CompareStringW
GetEnvironmentVariableA
GetProcAddress
LoadLibraryA
SetFilePointer
CreateDirectoryA
GetTempPathA
MoveFileExA
GetTempFileNameA
SetEnvironmentVariableA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateFileA
lstrcmpA
ReleaseMutex
ResetEvent
CreateMutexA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
CloseHandle
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetCPInfo
GetOEMCP
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetTimeZoneInformation
SetUnhandledExceptionFilter
GetCurrentProcessId
QueryPerformanceCounter
IsBadWritePtr
VirtualFree
HeapCreate
GetSystemTimeAsFileTime
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetDateFormatA
GetTimeFormatA
RtlUnwind
LocalFree
HeapSize
HeapReAlloc
HeapDestroy
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
WriteFile
MulDiv

user32

SetWindowPos
MsgWaitForMultipleObjects
PeekMessageA
GetWindowTextLengthA
GetWindowTextA
ShowWindow
CharUpperA
LoadIconA
CharNextA
SendMessageA
UnregisterClassA
DestroyWindow
PostThreadMessageA
DefWindowProcA
LoadCursorA
SetWindowTextA
GetWindow
SetWindowLongA
IsWindow
GetClassInfoExA
CreateAcceleratorTableA
GetParent
GetClassNameA
RedrawWindow
DestroyAcceleratorTable
GetDlgItem
SetFocus
GetFocus
IsChild
GetWindowLongA
BeginPaint
EndPaint
GetDesktopWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
GetClientRect
FillRect
SetCapture
ReleaseCapture
GetSysColor
GetMessageA
DispatchMessageA
TranslateMessage
KillTimer
RegisterWindowMessageA
PostQuitMessage
CreateWindowExA
RegisterClassExA
CallWindowProcA
wsprintfA

gdi32

SelectObject
DeleteObject
CreateCompatibleDC
BitBlt
GetDeviceCaps
GetObjectA
GetStockObject
CreateSolidBrush
CreateCompatibleBitmap
DeleteDC

advapi32

RegDeleteKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

shell32

ord165
SHGetSpecialFolderPathA
Shell_NotifyIconA
SHGetFileInfoA
ShellExecuteExA
SHGetSpecialFolderPathW

ole32

CreateStreamOnHGlobal
OleLockRunning
OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
StringFromCLSID
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemAlloc
CoCreateGuid
CoTaskMemRealloc
CoInitialize
CoUninitialize
StringFromGUID2
CoInitializeEx
OleUninitialize
OleInitialize
CoGetClassObject

oleaut32

SysStringByteLen
RegisterTypeLi
DispCallFunc
VarBstrCat
OleCreateFontIndirect
GetErrorInfo
SysFreeString
UnRegisterTypeLi
VariantChangeType
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SysAllocString
SysAllocStringByteLen
SafeArrayCopy
SafeArrayDestroy
SysAllocStringLen
VariantCopy
VariantClear
SafeArrayUnlock
SafeArrayLock
VariantInit
SafeArrayGetDim
SafeArrayGetUBound
SafeArrayGetLBound
VarBstrCmp
SysStringLen

shlwapi

PathFindFileNameA
StrStrW
PathFindExtensionA
PathIsURLW
StrToIntW
SHGetValueA
PathRenameExtensionA
PathAppendA

Sections

.text
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5bb76c9b862d3d66ddbf9ae1fa74b496

Headers

File Characteristics

Imports

sensapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 204KB - Virtual size: 202KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 96KB - Virtual size: 96KB

.text
Size: 204KB - Virtual size: 202KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 96KB - Virtual size: 96KB