7814c501b75aade4f74a1ca7f4e6292dd5ae7b48904be849a9039a975814048b

Sharing

Copy URL Twitter E-mail

General

Target

7814c501b75aade4f74a1ca7f4e6292dd5ae7b48904be849a9039a975814048b
Size

567KB
MD5

4e9a62b30474ad8960c0ab2623df3c56
SHA1

a1e2c299b7b2871e2f63d59eba776c6d13c28b21
SHA256

7814c501b75aade4f74a1ca7f4e6292dd5ae7b48904be849a9039a975814048b
SHA512

99ad2e05a057a5beb910cc36d6bf04ce4c49b25a90b2fc9133a2d166236d49c2fe850bc3f8427a9cd4c898f5499adbbeca6267c4d3cf3ee705a4e697f4221b03
SSDEEP

12288:/PFIT73jxUDicVk4A3X1+MD3zvCCuMLNgkgg5Uy9dEAaVRXNU3/q:/PFQ3i2N4WMYzvHuMN1gg5Uy9dNUR9Ui

Score

N/A

Malware Config

Signatures

Files

7814c501b75aade4f74a1ca7f4e6292dd5ae7b48904be849a9039a975814048b
.exe windows x86

3454c6b33c8338dd4970531529593093

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleInitialize
OleUninitialize
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid

shlwapi

PathFileExistsA
PathAppendA
SHDeleteKeyA

wininet

InternetOpenUrlA
InternetCloseHandle
InternetCanonicalizeUrlA
InternetReadFile
InternetGetLastResponseInfoA
InternetCrackUrlA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetTimeToSystemTime
InternetSetOptionA
InternetGetConnectedState
InternetOpenA

user32

CharLowerA
CharUpperA
SendDlgItemMessageA
GetClientRect
FillRect
GetDlgItemTextA
GetClassInfoExA
LoadCursorA
RegisterClassExA
GetSystemMetrics
CreateWindowExA
SetWindowLongA
UpdateWindow
SetTimer
RedrawWindow
CharNextA
GetWindowTextA
GetClassNameA
EnumWindows
TranslateMessage
DispatchMessageA
DialogBoxParamA
SetWindowRgn
DestroyWindow
GetWindowLongA
ClientToScreen
GetFocus
MessageBoxA
GetMessageA
CharPrevA
DefWindowProcA
GetCursorPos
PtInRect
InvalidateRect
BeginPaint
EndPaint
SetWindowTextA
LoadIconA
SendMessageA
GetSystemMenu
EnableMenuItem
SetDlgItemTextA
GetDlgItem
SetForegroundWindow
SetActiveWindow
SetFocus
ShowWindow
GetWindowRect
ScreenToClient
SetWindowPos
EndDialog
LoadStringA
GetDC
ReleaseDC
DrawTextW
GetForegroundWindow

oleaut32

VariantClear
SysFreeString
SysAllocString
VariantInit
SysAllocStringLen

gdi32

CreatePatternBrush
GetDeviceCaps
CreateBitmap
GetObjectA
BitBlt
StretchBlt
CombineRgn
SetTextColor
CreateCompatibleDC
SelectObject
DeleteDC
CreateFontW
DeleteObject
GetPixel
CreateRectRgn
TextOutW
GetTextExtentPoint32A
SetPixel
GetStockObject
SetBkMode
GetTextExtentPointW

advapi32

ConvertSidToStringSidA
IsValidSid
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
GetLengthSid
RegOpenKeyA
InitializeSecurityDescriptor
RegSetValueA
RegQueryValueExA
OpenProcessToken
GetTokenInformation
EqualSid
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
FreeSid
GetUserNameA
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
LookupAccountNameA
AllocateAndInitializeSid

shell32

SHGetSpecialFolderPathA
SHGetFolderPathW
ShellExecuteExA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

msimg32

TransparentBlt

msi

ord71
ord93
ord141
ord8

kernel32

RtlUnwind
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapReAlloc
FileTimeToLocalFileTime
HeapAlloc
HeapDestroy
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetCurrentDirectoryA
GetSystemInfo
GetFileAttributesA
TerminateProcess
UnhandledExceptionFilter
GetFullPathNameA
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
GetLocalTime
GetModuleHandleW
ExitProcess
GetCommandLineA
GetStartupInfoA
GetFileType
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetEnvironmentVariableA
SetEndOfFile
GetTimeZoneInformation
HeapCreate
VirtualFree
VirtualAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
SetHandleCount
GetStdHandle
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
FlushFileBuffers
LCMapStringA
LCMapStringW
CompareStringA
HeapFree
OpenMutexA
GetDriveTypeA
GetTempPathA
GetTempFileNameA
InterlockedDecrement
InterlockedIncrement
FreeResource
GetLocaleInfoA
GetSystemTime
GetSystemTimeAsFileTime
SetLastError
CopyFileA
GetFileSizeEx
RaiseException
GetLastError
lstrcpyA
lstrlenA
CloseHandle
CreateMutexA
CompareStringW
ReadFile
PeekNamedPipe
WriteFile
ConnectNamedPipe
CreateNamedPipeA
GetVersionExA
Process32Next
OpenProcess
Process32First
CreateToolhelp32Snapshot
FreeLibrary
GetProcAddress
LoadLibraryA
WideCharToMultiByte
RemoveDirectoryA
FindClose
DeleteFileA
FindNextFileA
MoveFileExA
FindFirstFileA
GetModuleFileNameA
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetCurrentProcess
GetModuleHandleA
LocalFree
FormatMessageA
Sleep
CreateFileA
ExpandEnvironmentStringsA
MultiByteToWideChar
GetFileSize
CreateDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
CompareFileTime
SystemTimeToFileTime
GetFileTime
GetTickCount
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
SetFileAttributesA
SetFilePointer
FileTimeToSystemTime
GetFileInformationByHandle

rpcrt4

UuidToStringA
RpcStringFreeA

crypt32

CryptMsgClose
CertGetNameStringW
CertFindCertificateInStore
CryptMsgGetParam
CryptQueryObject
CertCloseStore
CertFreeCertificateContext

Sections

.text
Size: 383KB - Virtual size: 382KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3454c6b33c8338dd4970531529593093

Headers

DLL Characteristics

File Characteristics

Imports

ole32

shlwapi

wininet

user32

oleaut32

gdi32

advapi32

shell32

version

msimg32

msi

kernel32

rpcrt4

crypt32

Sections

.text Size: 383KB - Virtual size: 382KB

.rdata Size: 54KB - Virtual size: 54KB

.data Size: 10KB - Virtual size: 102KB

.rsrc Size: 113KB - Virtual size: 116KB

.text
Size: 383KB - Virtual size: 382KB

.rdata
Size: 54KB - Virtual size: 54KB

.data
Size: 10KB - Virtual size: 102KB

.rsrc
Size: 113KB - Virtual size: 116KB