e22d7c0058722b0696b9282bfda2a6ef0bf8af99c4069a5fd97118cc1ff06bfb

Sharing

Copy URL Twitter E-mail

General

Target

e22d7c0058722b0696b9282bfda2a6ef0bf8af99c4069a5fd97118cc1ff06bfb
Size

356KB
MD5

778000a5af01b6bbfcaa3373839aee50
SHA1

68ad99347dc59f0ecc955458a594bd322852e104
SHA256

e22d7c0058722b0696b9282bfda2a6ef0bf8af99c4069a5fd97118cc1ff06bfb
SHA512

ae6fcf46c7d31cc88ab48c7ec2ea22df36650c50a4184bf58c4560d28837fbbc38f55d1ddf9b66ab91c880e2e3a5b2ee2523a9f8bf8485a04bd78cba86c493aa
SSDEEP

6144:3YK9Uon1XMbUbDTLAijXdPL+NkzYKGpdr89Gh9IuEeev:W+22ljXdPLuK2r89G/hEnv

Score

N/A

Malware Config

Signatures

Files

e22d7c0058722b0696b9282bfda2a6ef0bf8af99c4069a5fd97118cc1ff06bfb
.exe windows x86

15f7caba49db3b574ec4728752a067c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wintrust

WinVerifyTrust

u3dapi10

ord3
ord1
ord103
ord2
ord4

kernel32

GetConsoleOutputCP
WriteConsoleA
MoveFileW
DeleteFileW
GetLastError
LocalFree
GetShortPathNameW
GetModuleFileNameW
CreateProcessW
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
EnterCriticalSection
SetEvent
LeaveCriticalSection
WaitForMultipleObjects
ResetEvent
WaitForSingleObject
GetProcAddress
GetModuleHandleW
LoadLibraryW
FreeLibrary
SetCurrentDirectoryW
GetCurrentDirectoryW
MultiByteToWideChar
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
WideCharToMultiByte
GetFullPathNameW
IsBadStringPtrW
FindFirstFileW
FindClose
InterlockedDecrement
GetEnvironmentVariableW
LoadLibraryExW
SizeofResource
LockResource
LoadResource
FindResourceExW
GetFileAttributesW
CreateMutexW
ReleaseMutex
GetPrivateProfileStructA
GetPrivateProfileStringA
WritePrivateProfileStructA
WritePrivateProfileStringA
GetLocalTime
lstrlenW
GetCurrentThreadId
CreateIoCompletionPort
GetQueuedCompletionStatus
ReadDirectoryChangesW
PostQueuedCompletionStatus
WriteConsoleW
WriteFile
TerminateProcess
GetWindowsDirectoryW
OpenProcess
GetCurrentProcessId
SetProcessWorkingSetSize
CreateEventA
lstrlenA
SetEnvironmentVariableW
IsBadReadPtr
SystemTimeToFileTime
GetVersionExA
LoadLibraryA
GetSystemDirectoryA
GetShortPathNameA
FindFirstFileA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
Sleep
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
HeapDestroy
VirtualFree
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
InterlockedIncrement
GetCPInfo
CreateFileA
FlushFileBuffers
CreateFileW
RtlUnwind
RaiseException
GetStartupInfoW
GetProcessHeap
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
CreateThread
ExitThread
HeapReAlloc
VirtualQuery
GetSystemInfo
GetModuleHandleA
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
InterlockedExchange

user32

CharNextW
CallWindowProcW
SendMessageW
EndDialog
ShowScrollBar
GetScrollBarInfo
IsWindow
GetDlgItem
SetWindowLongW
GetWindowLongW
DefWindowProcW
PostQuitMessage
GetMessageW
CreateWindowExW
RegisterClassExW
LoadIconW
KillTimer
SetTimer
AttachThreadInput
SetForegroundWindow
GetForegroundWindow
ShowWindow
IsIconic
GetWindowTextW
GetWindowThreadProcessId
EnumWindows
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
MessageBoxW
PostMessageW
wsprintfW
DialogBoxParamW

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW

shell32

ShellExecuteW
CommandLineToArgvW
SHGetFolderPathW

ole32

CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

oleaut32

SafeArrayCreate
SysAllocString
SysAllocStringLen
SafeArrayUnlock
SafeArrayLock
VariantInit
SafeArrayPutElement
SysFreeString
SafeArrayGetDim
SafeArrayGetElement
SystemTimeToVariantTime
SafeArrayDestroy
VariantClear

shlwapi

AssocQueryStringW

wininet

InternetCreateUrlW
InternetCrackUrlW

Sections

.text
Size: 228KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

15f7caba49db3b574ec4728752a067c7

Headers

File Characteristics

Imports

wintrust

u3dapi10

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

wininet

Sections

.text Size: 228KB - Virtual size: 225KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 228KB - Virtual size: 225KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 76KB - Virtual size: 76KB