79e160b918ae04513dd84fa2fff8f0f7bad5d51c8ea1779ce26ab994fbb5aecd

Sharing

Copy URL Twitter E-mail

General

Target

79e160b918ae04513dd84fa2fff8f0f7bad5d51c8ea1779ce26ab994fbb5aecd
Size

843KB
MD5

4257d5883cf051a1dd5df110adb48ce0
SHA1

c699a6d8cf9199d865e6b3b6cbbe28223c12fdaa
SHA256

79e160b918ae04513dd84fa2fff8f0f7bad5d51c8ea1779ce26ab994fbb5aecd
SHA512

c02200bc2a532404548c8eb0ff9e23f9124f665f900f0db51123c65cade9e7a04041dbc8740e617a9949dce6d5f1bba76bf50ebfd1f0b6fdf44546d0fc16fcc7
SSDEEP

12288:CCCNsC4087gYN3TeplElPZxlSD7SANlslqYTdKEd5S:CCC6X7dNSUPZ2em6dBjS

Score

N/A

Malware Config

Signatures

Files

79e160b918ae04513dd84fa2fff8f0f7bad5d51c8ea1779ce26ab994fbb5aecd
.exe windows x86

1055dcd48817744818c8e1ae22b63002

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
CreateFileW
FindClose
FindNextFileW
GetDiskFreeSpaceExW
FindFirstFileW
GetSystemTime
CompareStringW
GetModuleHandleW
DeleteFileW
CloseHandle
CreateFileA
HeapAlloc
HeapFree
GetProcessHeap
LocalAlloc
LocalFree
SetLastError
MapViewOfFile
UnmapViewOfFile
GetLastError
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
GetCurrentProcess
GetModuleFileNameW
GetTempPathW
GetProcAddress
GetCurrentProcessId
InterlockedIncrement
InterlockedCompareExchange
SetFilePointer
CreateProcessW
WriteFile
GlobalAlloc
FormatMessageW
ExitThread
GlobalFree
CreateEventW
WaitForMultipleObjects
GetCurrentThreadId
DuplicateHandle
CreateThread
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FreeLibrary
LoadLibraryW
MoveFileExW
CreateDirectoryW
WaitForSingleObject
CopyFileW
FileTimeToSystemTime
SetFileAttributesW
GetSystemDirectoryW
RemoveDirectoryW
GetFileSize
Sleep
ReadFile
FlushFileBuffers
CreateMutexW
OpenMutexW
ReleaseMutex
OutputDebugStringW
LCMapStringW
HeapReAlloc
GetStartupInfoW
FileTimeToLocalFileTime
GetDriveTypeW
GetSystemTimeAsFileTime
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetFullPathNameW
GetCurrentDirectoryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
GetTimeFormatA
GetDateFormatA
GetModuleHandleA
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
GetFileAttributesW

user32

CreateDialogParamW
SetWindowLongW
BeginPaint
DialogBoxParamW
DestroyWindow
EndPaint
ShowWindow
GetWindowLongW
CheckDlgButton
GetSystemMenu
GetSystemMetrics
GetWindowRect
PostMessageW
GetFocus
GetClientRect
LoadIconW
EnableMenuItem
GetDlgItem
EndDialog
LoadBitmapW
MessageBoxW
GetDlgItemTextW
SetDlgItemTextW
EnableWindow
SetWindowTextW
MoveWindow
SendMessageW
IsIconic
SetForegroundWindow
FindWindowW
ScreenToClient

gdi32

DeleteObject
CreateFontIndirectW
StretchBlt
GetObjectW
CreateCompatibleDC
SelectObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

SHFileOperationW
SHGetSpecialFolderPathW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

imm32

ImmDisableIME

advapi32

RegQueryValueExW
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSidLengthRequired
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegCreateKeyExW
LookupAccountSidW
GetTokenInformation
OpenProcessToken
RegSetValueExW
RegCloseKey
RegOpenKeyExW

comctl32

InitCommonControlsEx

Sections

.text
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 681KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1055dcd48817744818c8e1ae22b63002

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

version

imm32

advapi32

comctl32

Sections

.text Size: 376KB - Virtual size: 375KB

.rdata Size: 208KB - Virtual size: 208KB

.data Size: 32KB - Virtual size: 681KB

.rsrc Size: 220KB - Virtual size: 220KB

.text
Size: 376KB - Virtual size: 375KB

.rdata
Size: 208KB - Virtual size: 208KB

.data
Size: 32KB - Virtual size: 681KB

.rsrc
Size: 220KB - Virtual size: 220KB