3f12c5b6cc4563bff9c2225f339d3a26d8753689a5aed83d10cbcc6889182eee

Sharing

Copy URL Twitter E-mail

General

Target

3f12c5b6cc4563bff9c2225f339d3a26d8753689a5aed83d10cbcc6889182eee
Size

296KB
MD5

6ac95dfb16e1061fce5801afc3e5e4f0
SHA1

9e18b5c7af21c4de5c3a08f78fb180350ef3b912
SHA256

3f12c5b6cc4563bff9c2225f339d3a26d8753689a5aed83d10cbcc6889182eee
SHA512

35ec59bea1d7c486225051efb46662107608cd995baf76c122e3753c05fe22bc9d61b0196a85d4a215a205503eb92454e3e3763567a1cf8a1cb3de495936942e
SSDEEP

3072:GV03p7NLDxfYsUBB5rUkSk/Q3TfG+AHymtFEP5zJO329Z+YLhqkh9LEjOI6cYE24:GqvqsSBeXzGMOCOmP+Y19Lyb65E

Score

N/A

Malware Config

Signatures

Files

3f12c5b6cc4563bff9c2225f339d3a26d8753689a5aed83d10cbcc6889182eee
.exe windows x86

298de5030b89d2ecddf7d8c1e9fa0d9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SwitchToFiber
GetThreadPriority
GetModuleFileNameW
GetCurrentProcessId
OpenSemaphoreW
WriteConsoleOutputW
FreeLibraryAndExitThread
QueryDosDeviceA
CreateFileW
VirtualFree
EnumResourceNamesW
lstrcpyA
SizeofResource
LeaveCriticalSection
SetCurrentDirectoryA
SetMailslotInfo
lstrcmpiW
FindResourceExA
DebugBreak
SetProcessShutdownParameters
CompareStringW
GetLongPathNameA
LoadLibraryExA
GetCPInfo
GetSystemDirectoryW
GetTempPathW
lstrcpynA
SetLastError
GetAtomNameA
DosDateTimeToFileTime
SetThreadLocale
SetStdHandle
CreateNamedPipeW
FindResourceExW
CreateMutexW
CreateEventA
SetEnvironmentVariableW
VirtualAlloc
lstrcatW
UnhandledExceptionFilter
AreFileApisANSI
MoveFileExA
SetConsoleOutputCP
CreateDirectoryW
VirtualProtect
GetModuleHandleA
GetStartupInfoA

user32

LoadKeyboardLayoutA
EnumDisplayDevicesW
CreateWindowExW
OemKeyScan
GetMenu
CreateMenu
UnloadKeyboardLayout
GetMonitorInfoA
FindWindowExA
DestroyAcceleratorTable
GetSystemMenu
GetDC
CreateDialogIndirectParamW
DrawFocusRect
CreateAcceleratorTableW
GetPropA
CountClipboardFormats
GetKeyboardLayoutNameA
InvalidateRgn
DefWindowProcW
IsDlgButtonChecked
CreateDesktopA
MsgWaitForMultipleObjects
DefFrameProcA
LockWindowUpdate
SetProcessDefaultLayout
UnionRect
EnumWindowStationsW
UnregisterClassA
GetClassNameW
GetClassLongW
LoadMenuIndirectA
CharLowerBuffW
DrawMenuBar
DefFrameProcW
SendDlgItemMessageA
GetTopWindow
MonitorFromPoint
GetDlgItemTextW
SetKeyboardState
MessageBoxExA
SendMessageA
GetWindowInfo
GetClassInfoW
SetMenu

gdi32

EnumFontsW
PlayEnhMetaFileRecord
GetBkMode
SelectObject
GetFontData
EnumEnhMetaFile
ExcludeClipRect
GetCharWidthA
ModifyWorldTransform

advapi32

RegReplaceKeyW
SetServiceStatus
LookupAccountSidA
SetSecurityDescriptorGroup
CreatePrivateObjectSecurity
RegLoadKeyW
NotifyChangeEventLog
RegCreateKeyA
RegCreateKeyExA
DestroyPrivateObjectSecurity
CryptExportKey
ImpersonateSelf
StartServiceCtrlDispatcherW
GetSecurityDescriptorControl
RegSetValueW
StartServiceA
CryptGetProvParam
StartServiceCtrlDispatcherA
AbortSystemShutdownA
RegCreateKeyW
ClearEventLogW
LogonUserW
RegRestoreKeyW
IsTextUnicode
AddAccessAllowedAce
CryptDestroyHash
EnumServicesStatusW
RegQueryValueA
GetAclInformation
InitiateSystemShutdownA
RegLoadKeyA
BuildTrusteeWithNameW
GetPrivateObjectSecurity
LookupPrivilegeValueW
LookupAccountSidW
RegGetKeySecurity
SetPrivateObjectSecurity
OpenServiceA
DeleteService

shell32

SHFileOperationA
SHChangeNotify
SHGetPathFromIDListA

ole32

OleConvertIStorageToOLESTREAM
OleRegGetUserType
OleCreate
CoGetTreatAsClass
ReadClassStm
OleCreateLink
CoRegisterMallocSpy

oleaut32

QueryPathOfRegTypeLi
SafeArrayCreate
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SysFreeString
VariantChangeType
LoadTypeLi

comctl32

ImageList_DragShowNolock
ImageList_SetIconSize

shlwapi

PathRemoveArgsW
StrStrA
PathStripPathA
PathIsDirectoryW
PathIsRootA
StrFormatKBSizeW
StrCmpNIW
StrStrIA
PathRemoveBlanksA
PathFindOnPathW
StrCmpIW
SHRegWriteUSValueW
SHRegGetBoolUSValueW
SHDeleteKeyW
PathRemoveExtensionW

msvcrt

__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__set_app_type
_except_handler3
_controlfp
__p__fmode

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

298de5030b89d2ecddf7d8c1e9fa0d9a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 276KB - Virtual size: 274KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 276KB - Virtual size: 274KB