3b0e1f54e55a6ff10fe0103c45cb47f4ad3043f68f7380bdb8ef6eb57d01dbc4

Sharing

Copy URL Twitter E-mail

General

Target

3b0e1f54e55a6ff10fe0103c45cb47f4ad3043f68f7380bdb8ef6eb57d01dbc4
Size

546KB
MD5

042f4317aba072eee8d225b22eae40b0
SHA1

8980e5fc9f93fd3e0357f673f42c9b2d3d96bd5a
SHA256

3b0e1f54e55a6ff10fe0103c45cb47f4ad3043f68f7380bdb8ef6eb57d01dbc4
SHA512

599325226f72fed53754a8cad6005026da8c8a5ca760e3f2c985ea462524e33574e1899c35712a551d92e2eda9db0989560030007730e200ff7ed2ff88865b51
SSDEEP

12288:dUMxi6uExHEVQuPf+EAYOgH0aTj/fCv3bj8AVZWR:dUMxv3HEVQuPf+Eu+0aTjkXV

Score

N/A

Malware Config

Signatures

Files

3b0e1f54e55a6ff10fe0103c45cb47f4ad3043f68f7380bdb8ef6eb57d01dbc4
.exe windows x86

14bd2e580a016b0d169992b48c0902ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
InternetSetOptionExW
HttpOpenRequestW
InternetConnectW
HttpSendRequestW
HttpQueryInfoW
InternetCloseHandle
InternetOpenW
HttpAddRequestHeadersW
InternetCrackUrlW

ws2_32

WSACleanup
closesocket

winmm

timeGetTime

shlwapi

SHGetValueW
PathFileExistsW

gdiplus

GdipCreateFromHDC
GdipCreateBitmapFromStreamICM
GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipFree
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipDeleteGraphics
GdipDrawImagePointRectI
GdipDrawImageRectRectI

kernel32

HeapSize
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetStdHandle
GetProcessHeap
RtlUnwind
HeapReAlloc
GetConsoleMode
GetConsoleCP
AreFileApisANSI
ExitProcess
IsProcessorFeaturePresent
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
RaiseException
GetCurrentThreadId
GetTickCount
DeleteFileW
GetTempFileNameW
Sleep
MoveFileExW
CloseHandle
WaitForSingleObject
CreateFileW
GetFileSize
SetFilePointer
WriteFile
lstrcpyW
lstrlenW
GetLastError
InterlockedIncrement
InterlockedDecrement
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadLibraryExW
LoadResource
SizeofResource
lstrcmpiW
FindResourceW
MultiByteToWideChar
SetLastError
GetCurrentProcess
FlushInstructionCache
CreateDirectoryW
GetFileAttributesW
SetFileAttributesW
GetTempPathW
TerminateProcess
GetFileType
OpenProcess
lstrcmpW
CopyFileW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
ReadFile
GetSystemInfo
VirtualAlloc
VirtualFree
QueryPerformanceCounter
InterlockedCompareExchange
GetSystemTimeAsFileTime
IsDebuggerPresent
CreateThread
GetModuleHandleExW
OutputDebugStringA
GetCurrentProcessId
GetCommandLineW
LocalFree
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FlushFileBuffers
FreeResource
WideCharToMultiByte
GetVersionExW
CreateFileA
GlobalAlloc
GlobalLock
GlobalUnlock
OutputDebugStringW
LoadLibraryA
LoadLibraryW
DeviceIoControl
lstrlenA
ResumeThread
GetSystemDirectoryW
GetStartupInfoW
DecodePointer
EncodePointer
HeapAlloc
HeapFree
ReadConsoleW
ExitThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
SetStdHandle
SetFilePointerEx
WriteConsoleW
GetStringTypeW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetEndOfFile
SetEnvironmentVariableA
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
LoadLibraryExA
InterlockedExchange
CreateProcessW

gdi32

GetTextMetricsW
GetCurrentObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SetTextColor
SelectObject
GetStockObject
DeleteObject
CreateSolidBrush
CreateFontW
BitBlt
SetBkMode

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCreateKeyW
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey

ole32

CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
CoCreateGuid
CoInitializeSecurity
CoSetProxyBlanket
CreateStreamOnHGlobal
CoInitializeEx

oleaut32

VariantInit
SysAllocString
VarUI4FromStr
SysFreeString
VariantClear

user32

SetTimer
KillTimer
UnregisterClassW
PostMessageW
FindWindowW
wsprintfW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
DefWindowProcW
DestroyWindow
CharNextW
EnumDisplaySettingsW
RegisterWindowMessageW
SendMessageTimeoutW
PostQuitMessage
RegisterClassExW
CreateWindowExW
LoadCursorW
LoadIconW
SendMessageW
CallWindowProcW
ShowWindow
SetLayeredWindowAttributes
SetWindowPos
IsWindowVisible
CreateDialogParamW
GetDlgItem
SetDlgItemTextW
GetActiveWindow
ReleaseCapture
GetSystemMetrics
InvalidateRect
GetWindowRect
SetCursor
OffsetRect
GetWindowLongW
SetWindowLongW
SystemParametersInfoW
CharLowerBuffW
IsWindow
WindowFromPoint
GetDesktopWindow
FindWindowExW
MessageBoxW
UpdateLayeredWindow
GetDC
ReleaseDC
TrackMouseEvent
IsWindowEnabled
DrawTextW
GetWindowTextW
GetClientRect

comctl32

InitCommonControlsEx

Sections

.text
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

14bd2e580a016b0d169992b48c0902ea

Headers

DLL Characteristics

File Characteristics

Imports

wininet

ws2_32

winmm

shlwapi

gdiplus

kernel32

gdi32

advapi32

ole32

oleaut32

user32

comctl32

Sections

.text Size: 325KB - Virtual size: 324KB

.rdata Size: 99KB - Virtual size: 99KB

.data Size: 6KB - Virtual size: 28KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 28KB - Virtual size: 28KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 325KB - Virtual size: 324KB

.rdata
Size: 99KB - Virtual size: 99KB

.data
Size: 6KB - Virtual size: 28KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 28KB - Virtual size: 28KB

.rmnet
Size: 56KB - Virtual size: 60KB