d35519b3297d3e4c4b508fc62b367ddc9dff52bbb950bcc1558608046c6356ca

Sharing

Copy URL Twitter E-mail

General

Target

d35519b3297d3e4c4b508fc62b367ddc9dff52bbb950bcc1558608046c6356ca
Size

120KB
MD5

4f106813e8b01bcc8aa1328166a2afe5
SHA1

b41b5b581a04b811a29df40414844618b3f49849
SHA256

d35519b3297d3e4c4b508fc62b367ddc9dff52bbb950bcc1558608046c6356ca
SHA512

cf2b1ae04d016430277c30002f6094b0d76c49d364a3e14d0a09f88272264266e26f6d107351e4401592f44df8da57d1ff7d3f1029058562a14fd3be917e7760
SSDEEP

3072:RO9zNgvzltlMF2sKBRZJ2F5iVKIRw6VfixoyS3:RO9ETlMF2sKBV2H0Lw6VfixoB

Score

N/A

Malware Config

Signatures

Files

d35519b3297d3e4c4b508fc62b367ddc9dff52bbb950bcc1558608046c6356ca
.exe windows x86

87c450385d3c4ac0a593e1dde6e45616

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

RpcBindingFromStringBindingW
RpcStringBindingComposeW
NdrClientCall2

psapi

GetModuleFileNameExW
EnumProcesses

shutil

GetHtmlHelpPath
LaunchWebHelp
OMP_CmdLineGetOptionValue
OMP_CmdLineFindSwitch
OMP_CmdLineInit
MsgWmHtmlHelp
MsgWmHtmlContextMenu
GetGraphicsModuleHandle
Sh_HtmlHelp
REG_GetOpt
GetComponentPath
OMP_FileExists
REG_OpenEx
REG_ConnectComputer
OMP_CmdLineEnd
REG_QueryValueEx
REG_HKEY_Equal
REG_CloseKey
REG_OpenKeyEx
Shutil_SplashScreen
UIP
VseGetLocalMachineAboutInfo
AboutDialogBox2

msvcrt

wcsstr
_wcsnicmp
memmove
wcsncat
wcslen
_wcsicmp
wcscmp
wcschr
wcsncpy
wcsrchr
wcscpy
wcscat
free
malloc
_except_handler3
strrchr
iswctype
towlower
_snwprintf
wprintf
_strdup
time
sprintf
_c_exit
_onexit
_exit
qsort
towupper
realloc
_wcsdup
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_controlfp

kernel32

SetNamedPipeHandleState
WaitNamedPipeW
GetStartupInfoA
DeviceIoControl
LoadLibraryA
CreateDirectoryA
FindFirstFileA
CreateFileA
GetCurrentProcessId
WritePrivateProfileStringA
OpenEventA
SetUnhandledExceptionFilter
DebugBreak
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
GetCurrentThreadId
CloseHandle
CreateThread
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleHandleW
IsBadReadPtr
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEvent
OpenEventW
GetLastError
OpenProcess
UnmapViewOfFile
MapViewOfFile
Sleep
OpenFileMappingW
WaitForMultipleObjects
FormatMessageW
ResetEvent
GetSystemTimeAsFileTime
WaitForSingleObject
CreateEventW
VirtualFreeEx
CreateRemoteThread
VirtualProtectEx
WriteProcessMemory
VirtualAllocEx
GetModuleFileNameW
CreateProcessW
ExitThread
GetCurrentProcess
SetProcessWorkingSetSize
GetComputerNameW
GlobalGetAtomNameW
GlobalFree
GlobalUnlock
GlobalHandle
GetVersion
GlobalLock
GlobalAlloc
GlobalAddAtomW
LocalFree
LocalAlloc
ExitProcess
GlobalDeleteAtom
TerminateProcess
CreateMutexW
SetCurrentDirectoryW
GetWindowsDirectoryW
GetCommandLineW
ExpandEnvironmentStringsW
FindClose
FindNextFileW
FindFirstFileExW
FindFirstFileW
GetSystemDefaultLCID
GetUserDefaultLCID
GetThreadLocale
LoadLibraryExW
InterlockedIncrement
InterlockedDecrement
SetErrorMode
CreateFileW
ReadFile
WriteFile
SetFilePointer

user32

GetWindowRect
SetWindowPos
GetDlgItem
CreateWindowExW
GetClientRect
SendDlgItemMessageW
LoadImageW
GetParent
InvalidateRect
PtInRect
IsWindowEnabled
GetCursorPos
SetDlgItemTextW
EnableWindow
LoadStringW
SetFocus
ShowWindow
EnableMenuItem
CheckMenuItem
GetMenu
ScreenToClient
GetMenuStringW
GetWindowLongW
DestroyMenu
TrackPopupMenuEx
CreatePopupMenu
DispatchMessageW
TranslateMessage
IsDialogMessageW
TranslateAcceleratorW
GetMessageW
CreateDialogParamW
LoadAcceleratorsW
LoadIconW
ReleaseDC
GetDC
wsprintfW
IsWindowVisible
SetActiveWindow
PostMessageW
UpdateWindow
SetForegroundWindow
IsWindow
MessageBoxW
SetWindowTextW
GetClassNameW
DestroyWindow
GetDesktopWindow
SetWindowLongW
EnumWindows
SetTimer
DefWindowProcW
PostQuitMessage
RegisterClassW
LoadCursorW
RegisterWindowMessageW
GetSystemMenu
KillTimer
GetMenuState
GetMenuDefaultItem
SetMenuDefaultItem
wsprintfA
SetMenuItemInfoW
GetMenuItemInfoW
GetWindowTextW
IsChild
EnumChildWindows
GetMenuItemCount
PostMessageA
RegisterWindowMessageA
SendMessageW
AppendMenuW

gdi32

GetDeviceCaps
GetObjectW
CreateFontIndirectW
GetTextExtentPoint32W
SelectObject

comctl32

ImageList_Create
CreateStatusWindowW
ord17
ImageList_ReplaceIcon

advapi32

RegConnectRegistryW
CloseEventLog
ReportEventW
RegisterEventSourceW
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
StartServiceW
QueryServiceLockStatusW
OpenSCManagerW
OpenServiceW
ControlService
QueryServiceStatus
CloseServiceHandle
RegNotifyChangeKeyValue
AllocateAndInitializeSid
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid

shell32

Shell_NotifyIconW
ShellExecuteExW

ntdll

_wcslwr

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cwcpkyv
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

87c450385d3c4ac0a593e1dde6e45616

Headers

File Characteristics

Imports

rpcrt4

psapi

shutil

msvcrt

kernel32

user32

gdi32

comctl32

advapi32

shell32

ntdll

version

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 32KB - Virtual size: 32KB

cwcpkyv Size: - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 32KB - Virtual size: 32KB

cwcpkyv
Size: - Virtual size: 4KB