c8494d7b755d3615b6efa73295e8cfcc7b9d5e6443af432593d3e96b43d7e60e

Sharing

Copy URL

Twitter E-mail

General

Target

c8494d7b755d3615b6efa73295e8cfcc7b9d5e6443af432593d3e96b43d7e60e
Size

891KB
MD5

4341263c1d0e2f428632b58c95c5da60
SHA1

706a716c6ad35a36a34c702557de38000fb52685
SHA256

c8494d7b755d3615b6efa73295e8cfcc7b9d5e6443af432593d3e96b43d7e60e
SHA512

adb672c8188dabc5ee65dbb6f746f95a4087bd4710229edcd882ffa79bf0ff1f777c25472a484e2a077f95fbd1ef2db846dac93d957198e3272dfe668a81362c
SSDEEP

24576:DtCXWXjithHLbPQ6lcOM6EhmEL6a9E5arW:tXt650mx5arW

Score

N/A

Malware Config

Signatures

Files

c8494d7b755d3615b6efa73295e8cfcc7b9d5e6443af432593d3e96b43d7e60e
.exe windows x86

5a422c191e323784e633e3f2404ca429

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
SetUnhandledExceptionFilter
CreateEventW
SetEvent
ReadFile
lstrcpynA
lstrlenA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
LCMapStringA
RtlUnwind
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
LCMapStringW
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
WriteFile
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
VirtualQuery
GetSystemInfo
VirtualProtect
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
DeleteFileW
TerminateProcess
GetCurrentProcessId
Sleep
CreateProcessW
GetModuleHandleW
LoadLibraryExW
lstrcmpiW
FreeLibrary
LoadLibraryW
GlobalAlloc
GlobalLock
GlobalUnlock
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameW
GetLastError
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
ResumeThread
SetThreadContext
GetThreadContext
SuspendThread
InterlockedIncrement
InterlockedDecrement
GetPrivateProfileStringW
GetPrivateProfileIntW
WriteProfileStringW
WritePrivateProfileStringW
CreateThread
CloseHandle
CreateFileW
GetTempPathW
IsBadStringPtrW
GetProcAddress
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
lstrcpynW
InitializeCriticalSectionAndSpinCount
SetLastError
lstrcatW
MulDiv
GetVersionExW
lstrcpyW
lstrlenW
lstrcmpW
EnterCriticalSection
LeaveCriticalSection
FindResourceExW
SizeofResource
MultiByteToWideChar
LockResource
LoadResource
FindResourceW
GetTickCount
OutputDebugStringW
VirtualProtectEx
WaitForSingleObject
ResetEvent
GetACP
RaiseException

user32

TranslateMessage
DispatchMessageW
GetWindowThreadProcessId
GetForegroundWindow
GetMessageA
GetMessageW
FindWindowExW
DrawTextW
DrawIconEx
MapWindowPoints
GetWindowDC
LoadAcceleratorsW
OffsetRect
InflateRect
SetRectEmpty
SetCursor
CallNextHookEx
ModifyMenuW
PeekMessageW
UnhookWindowsHookEx
MsgWaitForMultipleObjects
PostQuitMessage
SetWindowsHookExW
CheckMenuRadioItem
GetMenuItemID
EnableMenuItem
AppendMenuW
DrawEdge
MonitorFromPoint
DeleteMenu
GetDlgCtrlID
CreatePopupMenu
IsMenu
DestroyMenu
UpdateWindow
TrackPopupMenu
TranslateAcceleratorW
GetClassNameW
CreateAcceleratorTableW
ScreenToClient
LoadStringA
SystemParametersInfoW
IsWindowEnabled
MessageBeep
CharLowerW
GetActiveWindow
GetSysColorBrush
FrameRect
GetMessagePos
WindowFromPoint
AdjustWindowRectEx
DrawFrameControl
TrackPopupMenuEx
RemoveMenu
SetCapture
ReleaseCapture
FillRect
InvalidateRgn
GetDC
GetDesktopWindow
DestroyAcceleratorTable
SetFocus
GetWindowPlacement
GetFocus
GetKeyState
ClientToScreen
MoveWindow
GetIconInfo
SetMenu
GetWindowTextLengthW
GetWindowTextW
GetMonitorInfoW
MessageBoxW
EndPaint
DestroyIcon
BeginPaint
CharNextW
LoadStringW
LoadIconW
LoadMenuW
ReleaseDC
SetWindowTextW
GetDlgItem
SetMenuItemInfoW
GetMenuItemInfoW
SetMenuDefaultItem
GetMenu
GetSubMenu
GetMenuItemCount
RegisterClassExW
LoadImageW
wvsprintfW
LoadCursorW
GetClassInfoExW
InvalidateRect
PtInRect
GetParent
CreateWindowExW
GetSystemMetrics
SetPropW
SetWindowPos
IsWindowVisible
GetPropW
ShowWindow
IsWindow
DefWindowProcW
GetWindowRect
RedrawWindow
GetClientRect
DestroyWindow
GetWindowLongW
GetSysColor
LoadBitmapW
EqualRect
SetClassLongW
PostThreadMessageW
IsChild
PostMessageW
RegisterWindowMessageW
GetWindow
CallWindowProcW
SetWindowLongW
GetClassLongW
SendMessageW
GetWindowTextA
UnregisterClassA

gdi32

CreateDIBSection
PatBlt
CreatePatternBrush
CreateBitmap
SetBkColor
SetBrushOrgEx
CreatePen
Polygon
SetTextColor
CreateFontIndirectW
SetViewportOrgEx
OffsetWindowOrgEx
SetWindowOrgEx
SetStretchBltMode
SetBkMode
StretchBlt
GetTextExtentPoint32W
CreateSolidBrush
BitBlt
GetObjectW
GetDeviceCaps
CreateCompatibleBitmap
GetStockObject
DeleteDC
SelectObject
DeleteObject
CreateCompatibleDC

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW

shell32

ShellExecuteW

ole32

CoGetInterfaceAndReleaseStream
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemFree
OleInitialize
CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
CoTaskMemAlloc
OleUninitialize
CoMarshalInterThreadInterfaceInStream
StringFromCLSID
CLSIDFromString
CoCreateInstance

oleaut32

SysStringLen
VarUI4FromStr
DispCallFunc
SysAllocStringLen
LoadTypeLi
LoadRegTypeLi
VariantInit
OleCreateFontIndirect
SysFreeString
VariantClear
SysAllocString

shlwapi

StrStrIW

comctl32

ImageList_Destroy
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Draw
ImageList_LoadImageW
ImageList_Create
ImageList_GetImageCount
ImageList_DrawIndirect
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
InitCommonControlsEx
ImageList_AddMasked

msimg32

TransparentBlt

urlmon

URLDownloadToFileW

Sections

.text
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 636KB - Virtual size: 635KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a422c191e323784e633e3f2404ca429

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

urlmon

Sections

.text Size: 195KB - Virtual size: 194KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 14KB - Virtual size: 1.0MB

.rsrc Size: 636KB - Virtual size: 635KB

.text
Size: 195KB - Virtual size: 194KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 14KB - Virtual size: 1.0MB

.rsrc
Size: 636KB - Virtual size: 635KB