5885ad3977d3d085404698ffb31f15420b11191ab3b4efe9fb853b1918316816

Sharing

Copy URL Twitter E-mail

General

Target

5885ad3977d3d085404698ffb31f15420b11191ab3b4efe9fb853b1918316816
Size

676KB
MD5

7669fbf07727493862ed283ed233b8f5
SHA1

0739529cbd2eb018685d1290ec73e5469ad81609
SHA256

5885ad3977d3d085404698ffb31f15420b11191ab3b4efe9fb853b1918316816
SHA512

e55c81bf958f8e4a260d0229c0d84880cddea87a1f8f1b3fbef59ed55a5be9d107e5b6ee4517bc1ffa3359da1d538be6d4002db1cc2b3a710faf737b6645ee04
SSDEEP

6144:LEGivITS4+L9J3eu4rqfTN9+w7RSmMaf2uEzSa5XnojeDpKpJK2ajVNR6lctbYMO:J/8+sVf2ppmKLRs9MziCPpS3p1vmNI

Score

N/A

Malware Config

Signatures

Files

5885ad3977d3d085404698ffb31f15420b11191ab3b4efe9fb853b1918316816
.exe windows x86

e45678bfef61a6e64548acd737aca950

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

lstrcmpA
FindFirstFileA
SystemTimeToFileTime
GetSystemTime
FileTimeToDosDateTime
FindNextFileA
FileTimeToLocalFileTime
GetFileSize
GetFileTime
WriteFile
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetDiskFreeSpaceA
GetTempPathA
GetWindowsDirectoryA
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryExA
WaitForSingleObject
CreateProcessA
LoadLibraryA
lstrcmpiA
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileSectionA
GetPrivateProfileStringA
SetEvent
CreateThread
Sleep
GetCurrentThreadId
CreateEventA
CreateDirectoryA
GetShortPathNameA
GetModuleHandleA
FindClose
HeapDestroy
DeleteCriticalSection
lstrcatA
OpenEventA
SetFilePointer
ReadFile
LockResource
LoadResource
SizeofResource
FindResourceA
SetFileAttributesA
GetCurrentProcess
GetVersionExA
WritePrivateProfileStringA
GetSystemDirectoryA
WinExec
SetFileTime
MoveFileExA
IsBadWritePtr
IsBadReadPtr
GetPrivateProfileSectionNamesA
WritePrivateProfileSectionA
RemoveDirectoryA
InitializeCriticalSection
QueryPerformanceFrequency
CreateFileA
CloseHandle
GetFileAttributesA
MoveFileA
DeleteFileA
CopyFileA
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
InterlockedDecrement
LocalFree
InterlockedIncrement
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
lstrlenW
WideCharToMultiByte
lstrcpyA
MultiByteToWideChar
lstrlenA
GetLastError
SetLastError
SetErrorMode
GetCommandLineA
GetACP
HeapSize
GetCPInfo
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadCodePtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
HeapCreate
LCMapStringW
UnhandledExceptionFilter
TerminateProcess
TlsGetValue
TlsAlloc
ExitProcess
GetVersion
GetStartupInfoA
HeapAlloc
HeapFree
ExitThread
TlsSetValue
RaiseException
RtlUnwind
HeapReAlloc
LCMapStringA
QueryPerformanceCounter
ResetEvent
GetCurrentThread
CreateFileMappingA
MapViewOfFile
lstrcpynA
VirtualQuery
GetOEMCP
InterlockedExchange
SearchPathA
UnmapViewOfFile
VirtualProtect

user32

GetDesktopWindow
PostThreadMessageA
wsprintfA
CharLowerBuffA
CharNextA
DispatchMessageA
GetMessageA
LoadStringA
TranslateMessage
ExitWindowsEx
CharUpperA

advapi32

RegCloseKey
GetFileSecurityA
IsValidSecurityDescriptor
SetFileSecurityA
RegEnumValueA
RegConnectRegistryA
RegDeleteValueA
RegQueryInfoKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCreateKeyA
RegSetValueA
RegOpenKeyA
RegQueryValueExA
RegQueryValueA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

ole32

StringFromCLSID
CoUninitialize
CoGetClassObject
ProgIDFromCLSID
OleSaveToStream
WriteClassStm
CLSIDFromString
CoTaskMemFree
CoTreatAsClass
CoInitialize
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
StgOpenStorage
StgCreateDocfile
CreateStreamOnHGlobal
StringFromGUID2
CoCreateGuid
OleLoadFromStream

oleaut32

LoadTypeLi
SafeArrayCopy
RegisterTypeLi
SafeArrayGetDim
SysAllocStringByteLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayDestroy
SafeArrayCreate
SafeArrayPutElement
VariantChangeType
LoadRegTypeLi
SysReAllocStringLen
CreateErrorInfo
SetErrorInfo
VariantInit
VariantCopyInd
VariantCopy
SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString
VariantClear
SafeArrayGetElement
SysStringByteLen

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 428KB - Virtual size: 426KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e45678bfef61a6e64548acd737aca950

Headers

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

shell32

ole32

oleaut32

version

Sections

.text Size: 428KB - Virtual size: 426KB

.rdata Size: 88KB - Virtual size: 85KB

.data Size: 16KB - Virtual size: 105KB

.rsrc Size: 140KB - Virtual size: 140KB

.text
Size: 428KB - Virtual size: 426KB

.rdata
Size: 88KB - Virtual size: 85KB

.data
Size: 16KB - Virtual size: 105KB

.rsrc
Size: 140KB - Virtual size: 140KB