055a76ab57e31027491843f8cc1663f1e80aa170240c641fa261972bc40a27a8

Sharing

Copy URL Twitter E-mail

General

Target

055a76ab57e31027491843f8cc1663f1e80aa170240c641fa261972bc40a27a8
Size

1.2MB
MD5

6300c4b1ec06c1ec2e607eda17a3d1cb
SHA1

25fe8aadb153d27fdec1bfd30e1900e3a2ef2923
SHA256

055a76ab57e31027491843f8cc1663f1e80aa170240c641fa261972bc40a27a8
SHA512

619475285c54eed74b5dce602b75825a01c7dbe2631e27d2fad172c57303d592382174f15db46c0144ce79d0db12225d06dc60353d31bde189e5387ec7b57934
SSDEEP

24576:PPXsdXnQhzlXm8MJ89Ly9YwXAp6sJWyPrxgBZ5+Q8pKRi/lW3eNRmhM1k1sDc:PlzFJDOxXAYsJHPlgBmQIKo/lW3eNRmT

Score

N/A

Malware Config

Signatures

Files

055a76ab57e31027491843f8cc1663f1e80aa170240c641fa261972bc40a27a8
.exe windows x86

bd05f708e84883a87e1cdf24428f6b8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
CreatePen
GetObjectW
ExcludeClipRect
EnableEUDC
GetCharWidthFloatW
EnumObjects
DeleteObject
GetDeviceCaps
CreateScalableFontResourceW
CreateDCW

user32

DefWindowProcW
RegisterClassExA
CreateWindowExA
CharUpperA
MessageBoxA
DestroyWindow
ShowWindow
RegisterClassA

shell32

SHGetNewLinkInfo
ExtractAssociatedIconA
SHGetDataFromIDListW
SHQueryRecycleBinW

comctl32

ImageList_Read
ImageList_GetDragImage
ImageList_DragMove
ImageList_Add
ImageList_Remove
CreateStatusWindowA
InitCommonControlsEx
ImageList_Copy
ImageList_DrawIndirect
CreateStatusWindowW
ImageList_GetImageRect
_TrackMouseEvent
ImageList_AddMasked
CreateUpDownControl
ImageList_GetBkColor
ImageList_GetImageInfo
DrawStatusTextW
DrawInsert
CreateMappedBitmap
ImageList_Duplicate

wininet

FtpGetFileA
GetUrlCacheConfigInfoA
RetrieveUrlCacheEntryFileW
InternetAutodial
InternetCreateUrlA
FtpRenameFileW
InternetCrackUrlA
GetUrlCacheHeaderData
InternetWriteFile

kernel32

GetCurrentThreadId
FreeEnvironmentStringsW
GetConsoleOutputCP
CompareStringW
GetTimeFormatA
VirtualAlloc
GetACP
SetStdHandle
TlsGetValue
GetTickCount
HeapAlloc
InitializeCriticalSectionAndSpinCount
SetHandleCount
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
ReadFile
SetLastError
QueryPerformanceCounter
GetLocaleInfoA
WideCharToMultiByte
TlsFree
WriteConsoleW
GetCurrentProcess
CloseHandle
GetCurrentProcessId
TransactNamedPipe
GetPrivateProfileSectionNamesA
HeapReAlloc
GetProfileStringW
GetCurrentThread
GetSystemTimeAsFileTime
GetCPInfo
LCMapStringW
GetFileType
IsDebuggerPresent
ExitProcess
VirtualFree
GetModuleHandleA
GetStartupInfoA
GetDateFormatA
OpenMutexA
GetLocaleInfoW
GetModuleFileNameA
CreateFileA
GetUserDefaultLCID
FlushFileBuffers
GetConsoleMode
CreateMutexA
InterlockedIncrement
WriteConsoleA
GlobalCompact
ReadConsoleOutputCharacterW
VirtualQueryEx
GetStringTypeW
GetProcAddress
GetConsoleCP
InterlockedExchange
InterlockedDecrement
MultiByteToWideChar
RtlUnwind
GetPrivateProfileSectionW
LCMapStringA
HeapSize
HeapCreate
IsValidCodePage
Sleep
GetModuleHandleW
SetEnvironmentVariableA
GetEnvironmentStringsW
SetConsoleCtrlHandler
LoadLibraryA
GetStringTypeA
GetTimeZoneInformation
EnterCriticalSection
UnhandledExceptionFilter
CompareStringA
GetCommandLineA
LocalShrink
GetEnvironmentStrings
HeapFree
VirtualQuery
EnumSystemLocalesA
WriteFile
LeaveCriticalSection
HeapDestroy
TlsAlloc
TerminateProcess
GetLastError
TlsSetValue
FreeLibrary
GetStdHandle
DeleteCriticalSection
IsValidLocale
GetDiskFreeSpaceA
GetMailslotInfo
GetOEMCP
SetFilePointer

advapi32

CryptHashData
RegReplaceKeyA
CryptHashSessionKey
CryptDuplicateHash
CryptEncrypt
CryptImportKey
RegEnumValueA
CryptSignHashA
CryptDuplicateKey
CryptExportKey
RegSaveKeyA
LookupSecurityDescriptorPartsA
RegQueryInfoKeyA
CryptSetProviderExW

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 247KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 756KB - Virtual size: 754KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd05f708e84883a87e1cdf24428f6b8f

Headers

File Characteristics

Imports

gdi32

user32

shell32

comctl32

wininet

kernel32

advapi32

Sections

.text Size: 171KB - Virtual size: 171KB

.rdata Size: 247KB - Virtual size: 251KB

.data Size: 756KB - Virtual size: 754KB

.rsrc Size: 34KB - Virtual size: 33KB

.text
Size: 171KB - Virtual size: 171KB

.rdata
Size: 247KB - Virtual size: 251KB

.data
Size: 756KB - Virtual size: 754KB

.rsrc
Size: 34KB - Virtual size: 33KB