ed7aa458efe1c4e3727895342d6e6b3daba7d268ac2fb3cbeb3ffcff80462821

Sharing

Copy URL Twitter E-mail

General

Target

ed7aa458efe1c4e3727895342d6e6b3daba7d268ac2fb3cbeb3ffcff80462821
Size

720KB
MD5

78f18f4d05a438db4898b805de0c3e11
SHA1

9ef68325ec7a5fd030a926073e49f995eabc3bd6
SHA256

ed7aa458efe1c4e3727895342d6e6b3daba7d268ac2fb3cbeb3ffcff80462821
SHA512

bbfc48d5f6ea5aa2342bb1c0caea751bd0cf0ca7244847d8921362e72998e70f9d988ffd426f2bec66aba48fab9e3b7523285434326f2315b19afccd43ff98ce
SSDEEP

12288:PN86GMRN2rEjIkOxN3OO28J4YLKL9FvvAOZu+yhelxjolJURfSSF8W+0S4k:BRNZ0hxxLJtu7vvACu+yhelVolCRfiD

Score

N/A

Malware Config

Signatures

Files

ed7aa458efe1c4e3727895342d6e6b3daba7d268ac2fb3cbeb3ffcff80462821
.exe windows x86

4766abd38e77fd43ac3c96ff8b489732

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetConsoleOutputCP
GetStartupInfoA
GetCurrentProcess
FlushFileBuffers
LoadLibraryA
OutputDebugStringW
HeapCreate
QueryPerformanceCounter
GetStdHandle
IsValidLocale
GetACP
ReadFile
GlobalLock
GetCurrentThreadId
GetVersionExW
EnterCriticalSection
SetEndOfFile
TlsFree
TlsSetValue
Sleep
WriteFile
GetLastError
DeleteFileW
LeaveCriticalSection
CompareStringA
InterlockedExchange
GetCurrentProcessId
GetCommandLineA
LCMapStringA
GetEnvironmentStringsW
InitializeCriticalSection
GetModuleHandleA
GetProcessHeap
HeapReAlloc
VirtualQuery
GetCPInfo
InterlockedDecrement
ExitProcess
FatalAppExitA
SetUnhandledExceptionFilter
InterlockedIncrement
CompareStringW
CreateFileW
SetFilePointer
GlobalUnlock
IsDebuggerPresent
GetFileSize
WriteConsoleW
SetHandleCount
IsValidCodePage
GetCommandLineW
CloseHandle
GetFileType
GetTimeZoneInformation
GetDateFormatA
GetLocaleInfoA
TlsAlloc
HeapFree
SetConsoleCtrlHandler
GetStartupInfoW
GetProcAddress
FreeEnvironmentStringsW
GetFullPathNameW
CreateFileA
GetModuleFileNameA
DeleteCriticalSection
TerminateProcess
HeapAlloc
LCMapStringW
GetStringTypeW
FindClose
HeapSize
RtlUnwind
FindFirstFileW
VirtualFree
CreateDirectoryW
FreeEnvironmentStringsA
GetTickCount
SetLastError
GetOEMCP
MultiByteToWideChar
FindNextFileW
GlobalAlloc
GetUserDefaultLCID
GetModuleHandleW
WriteConsoleA
HeapDestroy
GetModuleFileNameW
GetVersionExA
UnhandledExceptionFilter
WideCharToMultiByte
CreateProcessW
GetEnvironmentStrings
FreeLibrary
GetTimeFormatA
CreateMutexW
GetConsoleCP
SetStdHandle
SetEnvironmentVariableA
GetCurrentThread
RaiseException
GlobalFree
GetLocaleInfoW
OpenMutexW
GetStringTypeA
VirtualAlloc
GetSystemTimeAsFileTime
GetConsoleMode
WaitForSingleObject

winmm

mmioAscend
waveOutOpen
mixerClose
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetNumDevs
mixerGetLineInfoA
PlaySoundA
waveOutGetDevCapsA
waveOutUnprepareHeader
mmioClose
waveOutRestart
waveOutClose
mixerOpen
waveOutReset
mixerGetLineControlsA
mmioOpenA

advapi32

RegQueryValueExA
RegEnumKeyA
LookupPrivilegeValueA
RegOpenKeyA
RegQueryValueA
SetSecurityDescriptorDacl
OpenThreadToken

user32

SetForegroundWindow
DrawFocusRect
DrawIconEx
DestroyWindow
SetParent
RegisterClassW
GetWindow
DefWindowProcW
GetNextDlgGroupItem
CallWindowProcW
GetPropW
RegisterClassExW
ShowWindow
DestroyMenu
SetWindowPos
LockWindowUpdate
IsZoomed
RemovePropW
GetSysColor
SetPropW
FillRect
IsRectEmpty
MessageBoxW
CreateWindowExW

shell32

ExtractIconA
SHAppBarMessage
Shell_NotifyIconA
SHGetFileInfoA
DragAcceptFiles
DragFinish
ord155
SHBrowseForFolderA
SHGetSpecialFolderLocation
DragQueryFileA
ShellExecuteA
SHGetPathFromIDListA
SHGetMalloc
SHGetDesktopFolder

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathIsUNCA

comdlg32

GetOpenFileNameA
GetFileTitleA

gdi32

GetCurrentPositionEx
GetGlyphOutlineA
StartDocA
SetTextCharacterExtra
FillPath
SetMapMode
SetViewportOrgEx
GetBitmapBits
SetTextColor
SetPixelV
FloodFill
SetBitmapBits
DeleteObject
SetROP2
BeginPath
UpdateColors
TextOutA
GetViewportExtEx
SetWindowOrgEx
EndPath
CreateCompatibleDC
FillRgn
SetBkColor
CreateSolidBrush
PolyPolygon
LineTo
GetTextMetricsA

comctl32

ImageList_GetImageInfo
InitCommonControlsEx
ImageList_Create
_TrackMouseEvent

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 460KB - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4766abd38e77fd43ac3c96ff8b489732

Headers

File Characteristics

Imports

kernel32

winmm

advapi32

user32

shell32

shlwapi

comdlg32

gdi32

comctl32

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 460KB - Virtual size: 458KB

.data Size: 108KB - Virtual size: 106KB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 460KB - Virtual size: 458KB

.data
Size: 108KB - Virtual size: 106KB

.rsrc
Size: 32KB - Virtual size: 28KB