b6b0ba50faec7e1f0107f1604eabf4dd15715f428364f24dac28a2b08a0c9be0

Sharing

Copy URL Twitter E-mail

General

Target

b6b0ba50faec7e1f0107f1604eabf4dd15715f428364f24dac28a2b08a0c9be0
Size

1.2MB
MD5

61a1268dd2ab805e0432503bf38ba071
SHA1

dfec9d48909350d935c2ead075e6afb937a2eb0b
SHA256

b6b0ba50faec7e1f0107f1604eabf4dd15715f428364f24dac28a2b08a0c9be0
SHA512

0f1ed8ee77800a5b3565370b1a5b74f65bfc07f70af1cbc631f48ad88e9f2e58cbefc2b5fdce7bafaf7904d4f64837e6e6aa36b3455bf920f65e3a87e05c04ae
SSDEEP

24576:rP5lXm0T/yJD2bsWTCAS0h3wt54d9mT0Z21OC:r7xTK5kCASMDd9mT02X

Score

N/A

Malware Config

Signatures

Files

b6b0ba50faec7e1f0107f1604eabf4dd15715f428364f24dac28a2b08a0c9be0
.exe windows x86

657d3c31a7d90ae0adedc544c5a9b0e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msi

ord180

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA
RegOpenKeyA
RegEnumKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegQueryValueA
CryptDestroyHash
CryptDestroyKey
CryptAcquireContextA
CryptReleaseContext
CryptImportKey
CryptVerifySignatureA
CryptHashData
CryptCreateHash

crypt32

CertOpenStore
CertCloseStore
CertFindCertificateInStore
CertGetCertificateChain
CertGetNameStringA
CryptVerifyDetachedMessageSignature
CryptMsgClose
CryptQueryObject
CertFreeCertificateContext
CryptMsgGetParam

kernel32

CreateEventA
SetEvent
CreateThread
lstrcmpA
OpenEventA
FreeLibrary
GetProcAddress
LoadLibraryA
LockResource
LoadResource
FindResourceExA
GetModuleFileNameA
GlobalLock
FindResourceA
LocalFree
FormatMessageA
GetUserDefaultLangID
FlushInstructionCache
GetCurrentProcess
InterlockedIncrement
ResetEvent
FreeResource
GlobalFree
GlobalHandle
GlobalAlloc
GlobalUnlock
Sleep
GetTimeFormatA
GetDateFormatA
ReadFile
GetFileSize
CreateFileA
GetShortPathNameA
GetModuleHandleA
lstrcmpiA
InterlockedDecrement
lstrcatA
SetUnhandledExceptionFilter
CreateProcessA
GetCommandLineA
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
FindFirstFileA
GetFileAttributesA
FindClose
FindNextFileA
lstrcpynA
lstrcpyA
GetSystemDirectoryA
MoveFileA
DeleteFileA
WriteFile
GlobalSize
SetFilePointer
GetPrivateProfileStringA
WritePrivateProfileStringA
WritePrivateProfileSectionA
GetPrivateProfileSectionNamesA
CreateDirectoryA
LocalAlloc
CopyFileA
RemoveDirectoryA
GetTempPathA
GetTempFileNameA
CompareFileTime
GetSystemTimeAsFileTime
SetFileAttributesA
FileTimeToSystemTime
QueryPerformanceFrequency
GetFileTime
OutputDebugStringA
GetTickCount
GetSystemTime
SystemTimeToTzSpecificLocalTime
SetEndOfFile
VirtualQuery
VirtualProtect
SearchPathA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
QueryPerformanceCounter
SystemTimeToFileTime
MoveFileExA
GlobalReAlloc
IsBadReadPtr
GetCPInfo
LCMapStringW
LCMapStringA
SetStdHandle
FlushFileBuffers
GetFileType
SetCurrentDirectoryA
SetEnvironmentVariableA
LocalFileTimeToFileTime
SetFileTime
ExitProcess
GetVersion
GetStartupInfoA
GetTimeZoneInformation
HeapAlloc
HeapReAlloc
HeapFree
RaiseException
RtlUnwind
InterlockedExchange
SetVolumeLabelA
GetDriveTypeA
TlsAlloc
GetCurrentDirectoryA
GetDiskFreeSpaceA
TlsGetValue
TerminateProcess
HeapSize
GetEnvironmentVariableA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
IsBadCodePtr
GetLocaleInfoW
EnterCriticalSection
LeaveCriticalSection
CreateMutexA
WaitForSingleObject
GetCurrentThreadId
GetLocalTime
ReleaseMutex
CloseHandle
GetLastError
SetLastError
lstrlenA
GetVersionExA
CompareStringW
CompareStringA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
TlsSetValue
GetWindowsDirectoryA

user32

PostMessageA
CreateDialogIndirectParamA
CreateDialogParamA
GetDlgCtrlID
SetWindowLongA
GetSysColorBrush
DialogBoxIndirectParamA
PeekMessageA
ReleaseDC
CharToOemBuffA
DispatchMessageA
DestroyWindow
GetParent
GetWindow
SystemParametersInfoA
GetClientRect
MapWindowPoints
GetDC
GetSystemMetrics
AdjustWindowRectEx
GetMenu
RegisterClassExA
GetClassInfoExA
RegisterWindowMessageA
DefWindowProcA
DestroyCursor
GetWindowTextA
GetWindowTextLengthA
SetFocus
IsChild
GetFocus
CallWindowProcA
RedrawWindow
GetClassNameA
CreateAcceleratorTableA
CreateWindowExA
ReleaseCapture
SetCapture
InvalidateRgn
PostThreadMessageA
CharNextA
GetMessageA
CharLowerBuffA
IsDlgButtonChecked
KillTimer
IsDialogMessageA
GetPropA
SetPropA
RemovePropA
EnableMenuItem
SetWindowRgn
ExitWindowsEx
GetDlgItemTextA
MsgWaitForMultipleObjects
SetWindowPos
EnableWindow
SetDlgItemTextA
LoadImageA
SendMessageA
GetSystemMenu
AppendMenuA
ShowWindow
BeginPaint
IsWindow
EndPaint
FillRect
ScreenToClient
InvalidateRect
UpdateWindow
SetCursor
ClientToScreen
GetWindowRect
PtInRect
GetDlgItem
LoadCursorA
SendDlgItemMessageA
SetWindowTextA
GetWindowLongA
GetSysColor
DialogBoxParamA
EndDialog
GetActiveWindow
LoadStringA
CharLowerA
wsprintfA
MessageBoxA
GetDesktopWindow
OemToCharBuffA
SetForegroundWindow
TranslateMessage

gdi32

DeleteObject
SetBkColor
SetTextColor
CreateFontIndirectA
GetObjectA
RestoreDC
TextOutA
SetBkMode
SelectObject
SaveDC
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
GetStockObject
CreateRectRgn
CreateSolidBrush

ole32

CoLoadLibrary
StgOpenStorage
CoRevokeClassObject
CoRegisterClassObject
OleLockRunning
CoTaskMemAlloc
CLSIDFromString
OleUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
StringFromCLSID
CoCreateGuid
StringFromGUID2
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CLSIDFromProgID
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoUninitialize
ProgIDFromCLSID
OleInitialize

oleaut32

SafeArrayGetLBound
SysFreeString
SysAllocStringLen
SysStringLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SysAllocStringByteLen
SafeArrayPutElement
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
LoadTypeLi
RegisterTypeLi
OleCreateFontIndirect
DispCallFunc
SafeArrayCreateVector
SafeArrayCopy
VariantInit
SafeArrayCreate
VariantChangeType
LoadRegTypeLi
GetErrorInfo
SafeArrayGetElement
CreateErrorInfo
SetErrorInfo
VariantCopy
VariantClear
SysAllocString

shell32

SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteExA
SHGetPathFromIDListA
SHGetMalloc

urlmon

CoInternetGetSession

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 756KB - Virtual size: 755KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

657d3c31a7d90ae0adedc544c5a9b0e7

Headers

File Characteristics

Imports

msi

advapi32

crypt32

kernel32

user32

gdi32

ole32

oleaut32

shell32

urlmon

version

Sections

.text Size: 756KB - Virtual size: 755KB

.rdata Size: 156KB - Virtual size: 154KB

.data Size: 52KB - Virtual size: 73KB

.rsrc Size: 224KB - Virtual size: 224KB

.text
Size: 756KB - Virtual size: 755KB

.rdata
Size: 156KB - Virtual size: 154KB

.data
Size: 52KB - Virtual size: 73KB

.rsrc
Size: 224KB - Virtual size: 224KB