83c68e902397656016e833ec05f4a79b3c9e205996d5b8d0c696ebfce8294715

Sharing

Copy URL Twitter E-mail

General

Target

83c68e902397656016e833ec05f4a79b3c9e205996d5b8d0c696ebfce8294715
Size

1.3MB
MD5

a78f2c089b332c02100d324bee77d269
SHA1

5ef5a4d019f1845124524d5ea21a6f24c8e69ff6
SHA256

83c68e902397656016e833ec05f4a79b3c9e205996d5b8d0c696ebfce8294715
SHA512

f399c2613f8c9d8afb02d9eb4a63799ee89af5627d72a64ce9034c572ef6c314f096365c482c80bcb37afc183bf6ab8a502e2560ada8186d69b38d49ebe0b10e
SSDEEP

24576:46CeMkCvMP6OByJJwYpBcSyOHG3MQ2FoAVlV1oVcHVrVxVrVCCVwVCptolgugu7t:kMPhByv/p6S7HGr

Score

N/A

Malware Config

Signatures

Files

83c68e902397656016e833ec05f4a79b3c9e205996d5b8d0c696ebfce8294715
.exe windows x86

2c161d12b5e1ce8b8a9967300bfa5c14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueA
RegOpenKeyExA
RegCloseKey

bxhkouling

ord1

comctl32

ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_DragLeave

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
DPtoLP
LPtoDP
StretchBlt
BitBlt
DeleteObject
CreateSolidBrush
CreateDIBitmap
CreatePen
GetROP2

kernel32

lstrcpyn
WinExec
CopyFileA
lstrlen
DeleteFileA
lstrcpy
GetLocalTime
GlobalLock
GlobalUnlock
GlobalAlloc
Sleep
GetModuleFileNameA
GlobalFree
GetVolumeInformationA
GetVersionExA
GetSystemTime
CreateFileA
DeviceIoControl
CloseHandle
GetDriveTypeA
GetWindowsDirectoryA
GetDiskFreeSpaceExA
SetFileAttributesA
SetFileTime
GetSystemDirectoryA
FileTimeToSystemTime
GetFileTime
SystemTimeToFileTime
GetLastError
GetTickCount
FreeLibrary
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetStartupInfoA
lstrcat

mfc42

ord4467
ord3481
ord2252
ord2446
ord2411
ord2023
ord4242
ord366
ord825
ord4398
ord3582
ord1771
ord1771
ord2411
ord2023
ord2411
ord2411
ord2411
ord2411
ord2411
ord4396
ord3574
ord5290
ord3402
ord4424
ord3721
ord5241
ord4376
ord4853
ord2584
ord2514
ord6052
ord3825
ord1775
ord5241
ord4441
ord4401
ord4425
ord3639
ord5261
ord795
ord616
ord609
ord800
ord641
ord1146
ord1168
ord860
ord567
ord540
ord324
ord2301
ord2289
ord2370
ord2302
ord4234
ord3092
ord4710
ord2818
ord924
ord537
ord6199
ord4224
ord6334
ord858
ord6663
ord4204
ord535
ord922
ord5710
ord939
ord941
ord5280
ord4129
ord5981
ord3597
ord2379
ord3317
ord6453
ord4299
ord612
ord2864
ord3663
ord2414
ord4275
ord665
ord1641
ord2452
ord1979
ord5186
ord354
ord640
ord283
ord2405
ord5785
ord1640
ord323
ord2859
ord755
ord470
ord2754
ord6194
ord2584
ord2584
ord3654
ord2438
ord6270
ord2863
ord1644
ord3693
ord4133
ord4297
ord5787
ord6119
ord3573
ord6597
ord6650
ord6807
ord1679
ord1679
ord1679
ord1679
ord1679
ord1679
ord4689
ord1679
ord4738
ord1679
ord1679
ord4689
ord4738
ord4738
ord6856
ord4589
ord4341
ord4899
ord4341
ord4892
ord1679
ord5076
ord4340
ord4347
ord4720
ord4889
ord4531
ord4545
ord4524
ord2399
ord4524
ord4524
ord4963
ord4960
ord4108
ord3571
ord5240
ord3748
ord1725
ord5260
ord6614
ord6691
ord4432
ord6514
ord2614
ord6478
ord3626
ord4627
ord6803
ord4278
ord6591
ord539
ord6808
ord1679
ord4689
ord6805
ord1572
ord5281
ord6215
ord2086
ord6661
ord465
ord1945
ord4341
ord4349
ord4723
ord4890
ord4961
ord4961
ord1726
ord560
ord813
ord4273
ord2860
ord6785
ord2119
ord3803
ord6232
ord6230
ord6148
ord2568
ord6271
ord3225
ord3257
ord3912
ord2544
ord2543
ord2511
ord978
ord1731
ord5163
ord2883
ord2398
ord2418
ord6224
ord6226
ord2429
ord2250
ord4732
ord5477
ord2259
ord4836
ord4440
ord3720
ord527
ord794
ord4264
ord4541
ord6268
ord4789
ord4757
ord3394
ord2580
ord4400
ord3729
ord804
ord4267
ord2580
ord4400
ord3370
ord3640
ord2100
ord2078
ord2123
ord2099
ord2080
ord3874
ord6907
ord6007
ord3998
ord3996
ord3301
ord3286
ord2642
ord6905
ord693
ord1941
ord3398
ord3733
ord686
ord810
ord384
ord2408
ord4271
ord2862
ord2096
ord4284
ord6008
ord4506
ord1200
ord3296
ord5773
ord5442
ord5683
ord807
ord554
ord5655
ord4163
ord6625
ord4277
ord6662
ord4160
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord1175
ord2621
ord1134
ord2092
ord6605
ord2385
ord5237
ord4407
ord1776
ord1776
ord2982
ord4151
ord2878
ord2879
ord3403
ord5472
ord975
ord5012
ord3350
ord4303
ord5103
ord5100
ord3059
ord2390
ord2723
ord1842
ord823
ord674
ord4427
ord3825
ord4080
ord2982
ord2976
ord3825
ord3830
ord3262
ord3081
ord2985
ord2982
ord3136
ord1776
ord5241
ord2982
ord2982
ord1727
ord2124
ord5252
ord6376
ord5065
ord2982
ord4436
ord2055
ord2648
ord1665
ord4837
ord3798
ord4353
ord2649
ord5282
ord6800
ord6374
ord6797
ord6054
ord5851
ord1576

msvcrt

_setmbcp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
fscanf
fprintf
_itoa
_CIpow
memmove
time
atof
_strcmpi
_strcmpi
_memicmp
_fcvt
fread
_mbsicmp
free
sprintf
_ftol
_mbscmp
fclose
fwrite
fopen
malloc
strncpy
strstr
fseek
atoi
fgets
fputc
fputs
_mbsstr
sscanf
calloc
_mbsdup
__CxxFrameHandler
_controlfp

oleaut32

VariantClear

shell32

ShellExecuteA

user32

KillTimer
CopyRect
GetParent
GetWindow
ReleaseCapture
PtInRect
OpenClipboard
SetCursorPos
GetClipboardData
WindowFromPoint
AppendMenuA
GetSystemMenu
DrawIcon
GetSystemMetrics
IsIconic
CheckMenuItem
IsZoomed
ClientToScreen
InvalidateRect
MessageBoxA
CloseClipboard
mouse_event
GetKeyState
GetCursorPos
keybd_event
SetTimer
SetCursor
LoadMenuA
GetSubMenu
LoadBitmapA
SetMenuItemBitmaps
GetDesktopWindow
GetDC
ReleaseDC
FillRect
LoadCursorA
EnableWindow
GetWindowRect
GetWindowTextA
SetActiveWindow
PeekMessageA
TranslateMessage
DispatchMessageA
SendMessageA
GetClientRect
UpdateWindow
SetWindowPos
LoadIconA
GetDlgCtrlID
SetClipboardData
EmptyClipboard

Sections

.text
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_BSS
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 332KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mackt
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2c161d12b5e1ce8b8a9967300bfa5c14

Headers

File Characteristics

Imports

advapi32

bxhkouling

comctl32

gdi32

kernel32

mfc42

msvcrt

oleaut32

shell32

user32

Sections

.text Size: 292KB - Virtual size: 290KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 12KB - Virtual size: 10KB

_BSS Size: 4KB - Virtual size: 16B

.text1 Size: 192KB - Virtual size: 192KB

.adata Size: 64KB - Virtual size: 64KB

.data1 Size: 128KB - Virtual size: 128KB

.pdata Size: 320KB - Virtual size: 320KB

.rsrc Size: 332KB - Virtual size: 330KB

.mackt Size: 8KB - Virtual size: 8KB

.text
Size: 292KB - Virtual size: 290KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 12KB - Virtual size: 10KB

_BSS
Size: 4KB - Virtual size: 16B

.text1
Size: 192KB - Virtual size: 192KB

.adata
Size: 64KB - Virtual size: 64KB

.data1
Size: 128KB - Virtual size: 128KB

.pdata
Size: 320KB - Virtual size: 320KB

.rsrc
Size: 332KB - Virtual size: 330KB

.mackt
Size: 8KB - Virtual size: 8KB