5e144191ff3ebaf3ff2835697760113b8cb7f71d04aac22febdbdcdfa750b3ce

Sharing

Copy URL Twitter E-mail

General

Target

5e144191ff3ebaf3ff2835697760113b8cb7f71d04aac22febdbdcdfa750b3ce
Size

940KB
MD5

0a882b38deca04108156cdddb12e99d0
SHA1

968d1ed0fc7d080b10808581dbdf783047f1b5c3
SHA256

5e144191ff3ebaf3ff2835697760113b8cb7f71d04aac22febdbdcdfa750b3ce
SHA512

cce03627569ce603b718f8d7b23855d4217433519a6d8b9559a741e1fc4f7421ec6916a9cf7047389d5a6d027eecc9e50ff70159ff1da092f63317ebec852556
SSDEEP

12288:e1vkcPlHwPIRJagDFkjnQBZqJZ9AV3fF7VpTb8H2:mZPlQQRJaSkjnQBZU9A99Jp62

Score

N/A

Malware Config

Signatures

Files

5e144191ff3ebaf3ff2835697760113b8cb7f71d04aac22febdbdcdfa750b3ce
.exe windows x86

6f526b321efa9b661f55f1e625cec286

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LoadLibraryW
CreateFileW
GetFileSize
WriteFile
CreateThread
WaitForSingleObject
GetModuleFileNameA
CreateMutexW
GetLocalTime
GetCommandLineW
GetTickCount
SetFilePointer
EnumResourceLanguagesW
GetUserDefaultLangID
GetUserDefaultUILanguage
GetVersion
ConvertDefaultLocale
GetLocaleInfoW
TerminateProcess
CreateProcessW
GetExitCodeProcess
GetVersionExW
GetCurrentProcess
GetSystemInfo
GetSystemWow64DirectoryW
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateEventW
SetEvent
GlobalAlloc
GlobalLock
GlobalUnlock
MultiByteToWideChar
ExitProcess
FindNextFileW
SetEndOfFile
LoadLibraryA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
GetOEMCP
GetACP
HeapSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStartupInfoA
SetHandleCount
GetCurrentThreadId
SetLastError
GetFileType
GetStdHandle
HeapCreate
HeapDestroy
ReadFile
Sleep
GetFileAttributesW
CompareFileTime
CopyFileW
GetTempFileNameW
GetTempPathW
SetFileAttributesW
GlobalFree
FindClose
FindFirstFileW
MoveFileExW
DeleteFileW
TlsGetValue
GetEnvironmentVariableW
GetWindowsDirectoryW
GetCurrentDirectoryW
GetSystemDirectoryW
FreeLibrary
RemoveDirectoryW
GetProcAddress
MoveFileW
LoadLibraryExW
SetErrorMode
LocalFree
GetModuleFileNameW
WideCharToMultiByte
CloseHandle
GetLastError
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceW
HeapReAlloc
VirtualAlloc
VirtualFree
GetModuleHandleA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetModuleHandleW
TlsFree
TlsSetValue
TlsAlloc
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
RaiseException
GetCPInfo
GetStartupInfoW
GetProcessHeap
GetVersionExA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetConsoleMode
GetConsoleCP
HeapFree
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
InterlockedCompareExchange

user32

SendDlgItemMessageW
EndDialog
SetTimer
SetDlgItemTextW
wsprintfW
MessageBoxW
KillTimer
SetFocus
ShowWindow
DialogBoxIndirectParamW
SetWindowPos
GetClientRect
MonitorFromWindow
GetMonitorInfoW
OffsetRect
GetWindowLongW
AdjustWindowRect
GetWindowRect
GetDlgItem
DrawTextW
SetWindowTextW
LoadIconW
MessageBoxIndirectW
SetRectEmpty
LoadImageW
PostMessageW
EnableWindow
ReleaseDC
GetDC
EnumWindows
SendMessageW
GetWindowThreadProcessId
GetWindowModuleFileNameW
SendMessageTimeoutW
ExitWindowsEx
LoadStringW
DialogBoxParamW

gdi32

SetBkMode
SetTextColor
DeleteDC
GetTextExtentPoint32W
SelectObject
CreateCompatibleDC
DeleteObject
CreateFontW
GetStockObject

advapi32

RegCloseKey
RegOpenKeyExW
RegEnumValueW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
RegCreateKeyExW
RegQueryValueExW
IsTextUnicode
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
QueryServiceStatus
DeleteService
ControlService
QueryServiceConfigW
StartServiceW
CloseServiceHandle
ChangeServiceConfigW
ChangeServiceConfig2W
CreateServiceW
OpenServiceW
OpenSCManagerW
RegEnumKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegSetValueExW

shell32

SHCreateDirectoryExW
SHGetFolderPathW
CommandLineToArgvW
SHCreateDirectoryExA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

cabinet

ord22
ord23
ord20
ord21

shlwapi

PathRemoveBackslashW
PathIsRootW
PathIsSystemFolderW
PathMatchSpecA
PathIsDirectoryW
PathAddBackslashW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathFileExistsW
PathCombineW
PathFindExtensionW
PathAppendW
PathFindFileNameA
PathAddBackslashA
PathRemoveFileSpecA
PathAppendA
PathRenameExtensionW
SHDeleteKeyW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExW
EnumProcessModules

Sections

.text
Size: 272KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 600KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6f526b321efa9b661f55f1e625cec286

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

cabinet

shlwapi

version

psapi

Sections

.text Size: 272KB - Virtual size: 269KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 8KB - Virtual size: 17KB

.rsrc Size: 600KB - Virtual size: 600KB

.text
Size: 272KB - Virtual size: 269KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 8KB - Virtual size: 17KB

.rsrc
Size: 600KB - Virtual size: 600KB