ca55b9bf7e4241f46d2f8783f9079a734833d45ed4b88c2637b662116d0fba04

Sharing

Copy URL Twitter E-mail

General

Target

ca55b9bf7e4241f46d2f8783f9079a734833d45ed4b88c2637b662116d0fba04
Size

328KB
MD5

a2468ef850380b4114de6f80a62d0850
SHA1

16a677dea183a7d658cada359f2eab020f46b661
SHA256

ca55b9bf7e4241f46d2f8783f9079a734833d45ed4b88c2637b662116d0fba04
SHA512

9a17c1d7688740bdf1faa2e40a08381c2934ccc6fa344044fe5d47e634a5c3281ed01ab60fe0d9e01652361b1ac55d89d4d95fcdf8fad1071994b54517f0ada5
SSDEEP

6144:Ycp2qRe+KT0lwd/A+CVPc/fWlorAIdAikDuyl:Np2wedYlwNL0c0oc/i

Score

N/A

Malware Config

Signatures

Files

ca55b9bf7e4241f46d2f8783f9079a734833d45ed4b88c2637b662116d0fba04
.exe windows x86

22ae72e696cb82cd34c1caa9ad3d6e20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceExA
VirtualAlloc
lstrlenA
GetCommandLineA
GetFileAttributesExA
OpenSemaphoreW
GetFullPathNameA
EnumTimeFormatsW
FlushConsoleInputBuffer
GlobalAddAtomW
SetConsoleActiveScreenBuffer
DuplicateHandle
GlobalFindAtomA
GetWindowsDirectoryA
VirtualProtect
CreateNamedPipeW
RemoveDirectoryA
InitializeCriticalSection
lstrcatW
FormatMessageA
FlushFileBuffers
VirtualUnlock
LocalSize
OutputDebugStringA
GlobalGetAtomNameW
SetCommTimeouts
FormatMessageW
SetFileTime
ReadConsoleA
SetSystemTime
SetErrorMode
GetFileType
LeaveCriticalSection
GetFileInformationByHandle
_llseek
lstrcpyA
GetAtomNameA
CreateProcessA
MultiByteToWideChar
FindFirstFileA
SetConsoleCursorPosition
FreeResource
CreateMutexW
OutputDebugStringW
GetProfileIntA
GetShortPathNameA
ReadConsoleInputW
EnumSystemCodePagesA
GetTempPathW
ExitProcess

user32

PostMessageW
DrawTextExA
DialogBoxIndirectParamW
MessageBoxExA
RemovePropA
OpenDesktopW
SetScrollRange
MessageBoxW
MessageBoxIndirectW
NotifyWinEvent
DrawStateW
MonitorFromPoint
ShowCaret
RegisterWindowMessageW
LoadBitmapA
EnumDisplayDevicesW
RegisterClassW
CloseDesktop
RegisterDeviceNotificationW
CreateDialogIndirectParamA
AppendMenuA
SendNotifyMessageA
GetKeyboardState
AdjustWindowRectEx
ReleaseCapture
FindWindowW
ActivateKeyboardLayout
CopyImage
EnumDisplaySettingsExW
GetKeyboardType
GetMessageA
ShowOwnedPopups
GetClipboardFormatNameA
GetCaretPos
LoadKeyboardLayoutW
GetMessagePos
GetDialogBaseUnits
CreateWindowExW
SetForegroundWindow
GetSystemMenu
GetClipboardData
GetWindowRect
IsWindow
GetSystemMetrics
InsertMenuItemA
ChildWindowFromPointEx
EqualRect
GetQueueStatus
mouse_event
BeginPaint
WaitMessage

gdi32

SetLayout
GetRgnBox
GetEnhMetaFileHeader
GetFontData
GetPixelFormat
AddFontResourceA
EnumFontFamiliesA
CopyEnhMetaFileA
GetTextExtentExPointA
InvertRgn
StartDocA
PlayMetaFile
CreatePenIndirect
GetCurrentPositionEx
EnumFontsA
EqualRgn
ExtCreatePen

comdlg32

GetOpenFileNameA
GetFileTitleA
GetFileTitleW
ReplaceTextA

advapi32

SetSecurityDescriptorGroup
SetServiceStatus
RegCreateKeyW
QueryServiceStatus
InitializeAcl
RegOpenKeyExW
RegEnumKeyExA
CreateServiceA
ClearEventLogW
GetCurrentHwProfileW
SetFileSecurityA
StartServiceCtrlDispatcherW
IsValidAcl
RegEnumValueW
ChangeServiceConfigA
RegQueryValueExW
RegOpenKeyA
ImpersonateNamedPipeClient
CryptDeriveKey
SetSecurityDescriptorSacl
RegQueryInfoKeyW
CryptGenKey
LogonUserW
MakeSelfRelativeSD
ReportEventW
RegisterEventSourceA
CloseServiceHandle
AllocateAndInitializeSid

shell32

Shell_NotifyIconW

ole32

CoFreeAllLibraries
OleInitialize
OleQueryLinkFromData
CoFileTimeNow

oleaut32

QueryPathOfRegTypeLi
SafeArrayGetLBound
VariantCopy
SetErrorInfo
LoadTypeLi
SysAllocStringLen
SafeArrayCreate
SafeArrayRedim

comctl32

DestroyPropertySheetPage

shlwapi

SHRegCloseUSKey
SHRegWriteUSValueW
StrDupW
PathUnquoteSpacesA
StrStrIA
SHRegGetUSValueW
PathIsUNCServerW
StrCmpNA

Sections

owwwug
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

mmceqoe
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

oqmqa
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

giyim
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22ae72e696cb82cd34c1caa9ad3d6e20

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

owwwug Size: 2KB - Virtual size: 2KB

mmceqoe Size: 5KB - Virtual size: 4KB

oqmqa Size: 280KB - Virtual size: 279KB

giyim Size: 39KB - Virtual size: 39KB

owwwug
Size: 2KB - Virtual size: 2KB

mmceqoe
Size: 5KB - Virtual size: 4KB

oqmqa
Size: 280KB - Virtual size: 279KB

giyim
Size: 39KB - Virtual size: 39KB