ba79733c6fdfacfc841d7ea3338959d2359f08945bb8c050235ceb49dbe48878

Sharing

Copy URL Twitter E-mail

General

Target

ba79733c6fdfacfc841d7ea3338959d2359f08945bb8c050235ceb49dbe48878
Size

642KB
MD5

6522d2b9d8ed57e5e4b52db6db037850
SHA1

1340999fd4a1fb73f4ae0e226ca20a5ec28eed4c
SHA256

ba79733c6fdfacfc841d7ea3338959d2359f08945bb8c050235ceb49dbe48878
SHA512

cbcef7caef7c38ba01764e2c0213a00511d175f49a9c3bc1d648be37b66701d177c6ac798df4ceb5a4285b9a0b306e8b8ae4645cb6103262cb65cb8791a6dc20
SSDEEP

12288:Qul1UaMjpYS/ho4lgz1Kf9JuDPVzeLNA3EGVVzK+9RIqr+9VRln01:/l1UaMpt/ZE6uDtz2N1GVVzK+9RIq+bE

Score

N/A

Malware Config

Signatures

Files

ba79733c6fdfacfc841d7ea3338959d2359f08945bb8c050235ceb49dbe48878
.exe windows x86

f6fbcd432fb95b09a4bc664a3652e0db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleInitialize
OleUninitialize
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid

shlwapi

SHDeleteKeyA
PathAppendA
UrlUnescapeA
UrlEscapeA
PathFileExistsA

wininet

InternetReadFile
InternetGetLastResponseInfoA
InternetCrackUrlA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetTimeToSystemTime
InternetSetOptionA
InternetGetConnectedState
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetCanonicalizeUrlA

user32

SendDlgItemMessageA
GetClientRect
FillRect
GetDlgItemTextA
GetClassInfoExA
LoadCursorA
RegisterClassExA
GetSystemMetrics
CharUpperA
SetWindowLongA
UpdateWindow
SetTimer
RedrawWindow
GetMessageA
TranslateMessage
CharNextA
CharPrevA
CreateWindowExA
CharLowerA
DispatchMessageA
DialogBoxParamA
SetWindowRgn
DestroyWindow
GetWindowLongA
ClientToScreen
GetFocus
DefWindowProcA
GetWindowTextA
GetClassNameA
IsWindowVisible
GetForegroundWindow
GetCursorPos
EnumWindows
InvalidateRect
BeginPaint
EndPaint
SetWindowTextA
LoadIconA
SendMessageA
GetSystemMenu
EnableMenuItem
SetDlgItemTextA
GetDlgItem
SetForegroundWindow
SetActiveWindow
SetFocus
ShowWindow
GetWindowRect
ScreenToClient
SetWindowPos
EndDialog
LoadStringA
GetDC
ReleaseDC
DrawTextW
MessageBoxA
PtInRect

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString
SysAllocStringLen

gdi32

CreatePatternBrush
GetDeviceCaps
CreateBitmap
GetObjectA
BitBlt
StretchBlt
CombineRgn
SetTextColor
CreateCompatibleDC
DeleteDC
GetTextExtentPointW
CreateFontW
DeleteObject
GetPixel
CreateRectRgn
TextOutW
GetTextExtentPoint32A
SetPixel
CreateSolidBrush
SetBkMode
SelectObject

advapi32

RegEnumValueA
RegEnumKeyExA
ConvertSidToStringSidA
IsValidSid
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
GetLengthSid
RegCreateKeyExA
RegSetValueExA
RegOpenKeyA
RegQueryValueA
InitializeSecurityDescriptor
RegSetValueA
RegQueryValueExA
OpenProcessToken
GetTokenInformation
EqualSid
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
FreeSid
GetUserNameA
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
LookupAccountNameA
AllocateAndInitializeSid

shell32

SHGetSpecialFolderPathA
ShellExecuteExA
SHGetFolderPathW

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

msimg32

TransparentBlt

msi

ord71
ord93
ord141
ord8

kernel32

GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LeaveCriticalSection
EnterCriticalSection
SetEnvironmentVariableA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetCurrentDirectoryA
GetSystemInfo
GetFileAttributesA
RtlUnwind
FileTimeToLocalFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
GetModuleHandleW
ExitProcess
SetStdHandle
GetFileType
GetLocalTime
GetCommandLineA
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSection
GetFullPathNameA
SetEndOfFile
LCMapStringA
LCMapStringW
GetTimeZoneInformation
HeapCreate
VirtualFree
VirtualAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
SetHandleCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
InitializeCriticalSectionAndSpinCount
SetEnvironmentVariableW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
FlushFileBuffers
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
CompareStringA
CompareStringW
ReadConsoleInputA
SetConsoleMode
DeleteCriticalSection
GetDriveTypeA
GetTempPathA
GetTempFileNameA
InterlockedDecrement
InterlockedIncrement
GetSystemTime
GetSystemTimeAsFileTime
SetLastError
AttachConsole
GetStdHandle
AllocConsole
GetConsoleScreenBufferInfo
RaiseException
GetLastError
lstrcpyA
lstrlenA
CloseHandle
CreateMutexA
OpenMutexA
GetVersionExA
Process32Next
OpenProcess
Process32First
CreateToolhelp32Snapshot
FreeLibrary
GetProcAddress
LoadLibraryA
WideCharToMultiByte
RemoveDirectoryA
FindClose
DeleteFileA
FindNextFileA
MoveFileExA
FindFirstFileA
GetModuleFileNameA
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetCurrentProcess
GetModuleHandleA
LocalFree
FormatMessageA
ReadFile
Sleep
CreateFileA
ExpandEnvironmentStringsA
MultiByteToWideChar
GetFileSize
WriteFile
PeekNamedPipe
ConnectNamedPipe
CreateNamedPipeA
CreateDirectoryA
CopyFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
CompareFileTime
SystemTimeToFileTime
GetFileTime
GetTickCount
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
SetFileAttributesA
SetFilePointer
FileTimeToSystemTime
GetFileInformationByHandle
GetFileSizeEx
GetLocaleInfoA
FreeResource
SetConsoleWindowInfo

rpcrt4

UuidToStringA
RpcStringFreeA

crypt32

CertCloseStore
CertFreeCertificateContext
CertGetNameStringW
CertFindCertificateInStore
CryptMsgGetParam
CryptQueryObject
CryptMsgClose

Sections

.text
Size: 441KB - Virtual size: 441KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f6fbcd432fb95b09a4bc664a3652e0db

Headers

DLL Characteristics

File Characteristics

Imports

ole32

shlwapi

wininet

user32

oleaut32

gdi32

advapi32

shell32

version

msimg32

msi

kernel32

rpcrt4

crypt32

Sections

.text Size: 441KB - Virtual size: 441KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 11KB - Virtual size: 113KB

.rsrc Size: 115KB - Virtual size: 116KB

.text
Size: 441KB - Virtual size: 441KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 11KB - Virtual size: 113KB

.rsrc
Size: 115KB - Virtual size: 116KB