f961349343a47e94455f170b847b7233ff2ac1d905bf2c0fcaad41c000a64a9c

Sharing

Copy URL Twitter E-mail

General

Target

f961349343a47e94455f170b847b7233ff2ac1d905bf2c0fcaad41c000a64a9c
Size

143KB
MD5

d85c1d4d065ae53685c4a92081394a35
SHA1

7ae075a35dc11093846cd65626e880f9cc1e7bc8
SHA256

f961349343a47e94455f170b847b7233ff2ac1d905bf2c0fcaad41c000a64a9c
SHA512

4b2926ac3ab65ac3618e417baf9dbe0ddbf059e077fc013da6739107b9e1e0d602ba44c3ed103d7948c97aaab32f1677a7fd25fd2f214eb7cb7fde2943be5e57
SSDEEP

3072:jKiGXotKgkrRv0jQy0r2Pg85XJxPM8ooF9+jKBIK3asTEW:jKiGWKh1vrEg85Xvko2jE3ak

Score

N/A

Malware Config

Signatures

Files

f961349343a47e94455f170b847b7233ff2ac1d905bf2c0fcaad41c000a64a9c
.exe windows x86

19ea3668ddb59bbc80d0dff8905de83e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
lstrcmpW
GlobalMemoryStatus
GetSystemInfo
GlobalUnlock
GlobalLock
FreeResource
GlobalFree
GlobalHandle
LockResource
LoadResource
FindResourceW
CreateSemaphoreW
CreateDirectoryW
GetVersionExW
VirtualProtect
VirtualAlloc
VirtualQuery
lstrcpyW
lstrcmpiW
DeleteCriticalSection
RaiseException
SetFileAttributesW
lstrcpynW
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleHandleW
lstrcatW
SizeofResource
LoadLibraryExW
GetCommandLineW
OpenProcess
GetCurrentProcessId
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
SetUnhandledExceptionFilter
HeapAlloc
LoadLibraryA
GetStartupInfoW
SetFilePointer
WriteFile
SetEndOfFile
CreateFileW
GetFileSize
ReadFile
CloseHandle
lstrlenA
GlobalAlloc
GetCurrentThreadId
EnterCriticalSection
HeapDestroy
LeaveCriticalSection
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
WideCharToMultiByte
MultiByteToWideChar
CopyFileW
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
CreateThread
WaitForSingleObject
MoveFileExW
GetLastError
GetDriveTypeW
GetSystemDirectoryW
lstrlenW
ExpandEnvironmentStringsW
InitializeCriticalSection
GetUserDefaultUILanguage

mfc42u

ord3076
ord2971
ord3825
ord3826
ord3820
ord3074
ord4075
ord4621
ord4419
ord3592
ord324
ord4229
ord641
ord2293
ord800
ord2810
ord540
ord802
ord542
ord861
ord4155
ord538
ord5949
ord3494
ord2507
ord355
ord3087
ord6563
ord942
ord858
ord925
ord927
ord2755
ord5618
ord2757
ord6921
ord535
ord2776
ord6279
ord3092
ord4124
ord3172
ord6024
ord1899
ord5155
ord5156
ord5154
ord4899
ord4736
ord4970
ord4942
ord4371
ord4848
ord5283
ord4829
ord768
ord4253
ord823
ord2756
ord4197
ord1165
ord489
ord2606
ord6654
ord5679
ord5605
ord4050
ord1771
ord6451
ord922
ord4272
ord1735
ord940
ord5706
ord6919
ord6218
ord6868
ord2933
ord1775
ord801
ord686
ord6139
ord384
ord541
ord798
ord1989
ord6874
ord6278
ord5461
ord3313
ord5188
ord533
ord6403
ord2089
ord640
ord2442
ord1633
ord323
ord3093
ord4219
ord5604
ord2809
ord6655
ord6219
ord1900
ord1683
ord2520
ord6051
ord1768
ord5284
ord2980
ord2046
ord4425
ord496
ord771
ord4254
ord1143
ord2859
ord5845
ord3470
ord3471
ord4709
ord4667
ord4269
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord4074
ord4692
ord5303
ord5285
ord5710
ord4616
ord4418
ord3733
ord561
ord815
ord1220
ord1203
ord6211
ord2717
ord1008
ord617
ord2613
ord5208
ord296
ord1131
ord2362
ord825
ord1569
ord5261
ord4370
ord4847
ord4992
ord4704
ord2506
ord4433
ord6048
ord4073
ord1767
ord4401
ord5237
ord2377
ord5157
ord6370
ord4347
ord5276
ord3793
ord4831
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord2977
ord3142
ord3254
ord4459
ord3131
ord3257

msvcrt

wcsncpy
wcsncmp
wcslen
_wtoi
_wtol
ceil
_except_handler3
malloc
free
realloc
iswdigit
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcsicmp
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__CxxFrameHandler
_itow
_purecall
wcscoll
__set_app_type
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__dllonexit
_onexit
_controlfp
wcscmp
_CxxThrowException
_wcmdln
_wmakepath

advapi32

RegOpenKeyExA
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
QueryServiceConfigW
RegDeleteValueW
CloseServiceHandle
ChangeServiceConfigW
OpenServiceW
OpenSCManagerW
EnumServicesStatusW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExA
RegCloseKey

gdi32

GetTextExtentPoint32W
SelectObject
GetDeviceCaps
GetObjectW
GetStockObject
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
GetTextMetricsW

user32

DestroyWindow
ExitWindowsEx
CharPrevW
SetForegroundWindow
GetLastActivePopup
FindWindowW
IsIconic
CharNextW
LoadIconW
GetActiveWindow
DialogBoxIndirectParamW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateWindowExW
EnableWindow
GetDesktopWindow
SendMessageW
GetClientRect
GetFocus
MessageBoxW
IsWindowEnabled
ShowWindow
PostMessageW
SetFocus
GetParent
CallWindowProcW
SetWindowLongW
GetWindowLongW
ScreenToClient
GetMessagePos
GetProcessDefaultLayout
ReleaseDC
GetDC
GetAsyncKeyState
DefWindowProcW
GetSysColor
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
GetWindow
IsChild
EndPaint
FillRect
BeginPaint
GetDlgItem
SetWindowPos
IsWindow
RedrawWindow
GetClassNameW
GetClassInfoExW
EndDialog
GetDlgItemTextW
IsDlgButtonChecked
SetDlgItemTextW
wsprintfW
CheckDlgButton
CreateAcceleratorTableW
RegisterClassExW
LoadCursorW

oleaut32

VarUI4FromStr
SysAllocString
SysAllocStringLen
SysStringLen
VariantClear
LoadRegTypeLi
LoadTypeLi
SysFreeString
RegisterTypeLi

ole32

CoInitializeEx
CoRegisterClassObject
CoRevokeClassObject
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemRealloc

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

shell32

SHGetSpecialFolderPathW
ShellExecuteW
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19ea3668ddb59bbc80d0dff8905de83e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mfc42u

msvcrt

advapi32

gdi32

user32

oleaut32

ole32

version

shell32

Sections

.text Size: 118KB - Virtual size: 117KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 118KB - Virtual size: 117KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 20KB - Virtual size: 19KB