57e745f271cf4c9d9620a73fad41488ba43803910fd7bad6e4f03df0766078f8

Sharing

Copy URL Twitter E-mail

General

Target

57e745f271cf4c9d9620a73fad41488ba43803910fd7bad6e4f03df0766078f8
Size

646KB
MD5

7b31ea2530cb79271320687d2c9d4cc0
SHA1

5ddf9bfeb3801927c495b2ac93fb99c1c27434dc
SHA256

57e745f271cf4c9d9620a73fad41488ba43803910fd7bad6e4f03df0766078f8
SHA512

9767f3eb8fe3f89351aad8bf301a4ad064fe843efa17959fff4e1939a4066362a570ab9c4e965f95bb2f936ad9ed25818dc381d32ec832d1e0078efc6f034635
SSDEEP

12288:lYK2nwmuS7hmWhvLWHK4c1/K/uH5boeaSLMqbvm5usSfiQrkVZDI2OoLS4AT+lC:lYDw6mWhvL4NM/K/00DSZjfix3EhZ+

Score

N/A

Malware Config

Signatures

Files

57e745f271cf4c9d9620a73fad41488ba43803910fd7bad6e4f03df0766078f8
.exe windows x64

163e620c5943782b62bd77ec405e0f88

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

kernel32

SetFilePointer
lstrlenA
SetFileTime
WriteFile
ReadFile
GetLastError
SetLastError
lstrcmpiA
SetFileAttributesA
GetTempFileNameA
CloseHandle
GetTempPathA
LocalFileTimeToFileTime
lstrcmpA
FreeLibrary
WaitForSingleObject
SetEvent
GetTickCount
GetCommandLineA
GetPrivateProfileIntA
Sleep
CreateEventA
lstrlenW
FlushFileBuffers
SetCurrentDirectoryA
FindFirstFileA
GetProcAddress
RemoveDirectoryA
CopyFileA
FindClose
GetPrivateProfileStringA
CreateFileA
GetSystemInfo
ConvertDefaultLocale
FindNextFileA
GetModuleHandleA
LoadLibraryExA
GetVersionExA
GetCurrentProcessId
DeleteFileA
CreateThread
GlobalFree
GetPrivateProfileSectionA
CreateMutexA
ReleaseMutex
GetFileSize
CreateDirectoryA
LoadLibraryA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
GetStartupInfoW
DosDateTimeToFileTime
WritePrivateProfileStringA
GetProcessHeap

user32

DialogBoxParamA
GetDlgItemTextA
SetWindowTextA
GetSystemMetrics
SystemParametersInfoA
PostMessageA
SetWindowLongPtrA
SetDlgItemTextA
EndDialog
EnableMenuItem
RegisterWindowMessageA
SetFocus
KillTimer
GetClassInfoExA
SendDlgItemMessageA
RegisterClassExA
ShowWindow
GetWindowLongPtrA
GetWindowRect
MoveWindow
CharNextA

msvcrt

__setusermatherr
?terminate@@YAXXZ
_fmode
_amsg_exit
_initterm
_acmdln
exit
_commode
memset
memcpy
__set_app_type
_cexit
_ismbblead
_exit
_XcptFilter
__C_specific_handler
__getmainargs
_vsnprintf

cmpbk32

PhoneBookLoad
PhoneBookMergeChanges
PhoneBookUnload
PhoneBookParseInfoA
PhoneBookFreeFilter

cmutil

CmStrCpyAllocA
CmStrCpyAllocW
IsLogonAsSystem
CmBuildFullPathFromRelativeA
SzToWzWithAlloc
CmLoadIconA
??0CmLogFile@@QEAA@XZ
??1CmLogFile@@QEAA@XZ
?Init@CmLogFile@@QEAAJPEAUHINSTANCE__@@HPEBD@Z
?SetParams@CmLogFile@@QEAAJHKPEBD@Z
?Start@CmLogFile@@QEAAJH@Z
?Stop@CmLogFile@@QEAAJXZ
?DeInit@CmLogFile@@QEAAJXZ
?Log@CmLogFile@@QEAAXW4_CMLOG_ITEM@@ZZ
CmCompareStringA
CmStrrchrA
CmFmtMsgA
WzToSzWithAlloc
CmLoadSmallIconA
CmFree
CmRealloc
CmStrchrA
CmMalloc

comctl32

ord17

rasapi32

RasEnumConnectionsA

winhttp

WinHttpGetProxyForUrl
WinHttpGetDefaultProxyConfiguration
WinHttpGetIEProxyConfigForCurrentUser
WinHttpReadData
WinHttpCrackUrl
WinHttpOpenRequest
WinHttpOpen
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpCloseHandle
WinHttpConnect
WinHttpSendRequest
WinHttpReceiveResponse

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 568KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

163e620c5943782b62bd77ec405e0f88

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

msvcrt

cmpbk32

cmutil

comctl32

rasapi32

winhttp

Sections

.text Size: 71KB - Virtual size: 70KB

.data Size: 1KB - Virtual size: 11KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 568KB - Virtual size: 2.5MB

.text
Size: 71KB - Virtual size: 70KB

.data
Size: 1KB - Virtual size: 11KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 568KB - Virtual size: 2.5MB