689214ddca16c297fa6f7763f09d6917b3ec39d6240ec5355e1b47de92d49bc8

Sharing

Copy URL

Twitter E-mail

General

Target

689214ddca16c297fa6f7763f09d6917b3ec39d6240ec5355e1b47de92d49bc8
Size

540KB
MD5

70f571fe1a888c219e0ab33306ad01a9
SHA1

86ad76dddd080f63429864981a7e993b466eec82
SHA256

689214ddca16c297fa6f7763f09d6917b3ec39d6240ec5355e1b47de92d49bc8
SHA512

b2da5e87aa2fe821d33940effe95757fe9ce21485c946b17b8e140d7c3ff06c8a6c70f809aec3ede7b47a03a87b6af9fee2fc762c55e8d6dfd993beac2f400f7
SSDEEP

12288:qLKOxCi9KeQJvNRS945IGIZ6b3SyURkjm0XEBZSVsUo:qWOxCQKv5NRW4CGIwb3SyVv2

Score

N/A

Malware Config

Signatures

Files

689214ddca16c297fa6f7763f09d6917b3ec39d6240ec5355e1b47de92d49bc8
.exe windows x86

f7eb0a8dbd51e2064b2d8fdd8e709932

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AbortSystemShutdownA
CryptExportKey
RegEnumValueA
InitiateSystemShutdownA
GetUserNameA
RegEnumKeyExW
CryptGenKey
RegDeleteKeyA
CryptImportKey
CryptGetDefaultProviderA
RegSaveKeyA
RegOpenKeyW
LogonUserW
AbortSystemShutdownW

comctl32

ImageList_DragLeave
CreatePropertySheetPageA
ImageList_GetDragImage
ImageList_GetImageInfo
ImageList_DragShowNolock
CreateToolbar
ImageList_LoadImageW
_TrackMouseEvent
InitCommonControlsEx
ImageList_SetIconSize
ImageList_Merge

user32

GetMenuDefaultItem
GetCaretBlinkTime
ValidateRect
SetScrollRange
LoadKeyboardLayoutW
EnumPropsExA
CharPrevExA
AdjustWindowRectEx
GetUserObjectInformationW
ToUnicode
ShowWindow
GetMenuItemCount
SetWinEventHook
LoadStringW
OemToCharA
OpenWindowStationW
GetKeyboardLayoutNameW
DefWindowProcW
DrawStateA
CreateDesktopW
SetProcessWindowStation
LoadMenuIndirectW
CharPrevW
DestroyWindow
RegisterClipboardFormatW
CheckRadioButton
GetMenuItemInfoA
RegisterClassExA
DrawFrameControl
DefFrameProcA
SetParent
DdeCmpStringHandles
CreateIconFromResourceEx
SetDlgItemTextW
PostThreadMessageW
MessageBoxA
RegisterClassA
DefMDIChildProcA
TranslateMDISysAccel
CharUpperA
ToUnicodeEx
SwapMouseButton
LoadIconW
CascadeChildWindows
ModifyMenuW
GetMonitorInfoA
EditWndProc
DdeInitializeW
SetUserObjectInformationW
CreateMDIWindowA
CreateDialogParamA
GetClassInfoA
CallMsgFilterW
SetShellWindow
GetMenuCheckMarkDimensions
SendIMEMessageExW
GetWindowLongA
DdeAbandonTransaction
EnumDesktopWindows
IsRectEmpty
PeekMessageW
CreateWindowExA
ScrollDC

gdi32

PatBlt
GetMetaFileBitsEx
CreateRectRgnIndirect
EnumEnhMetaFile
GetRasterizerCaps
SetTextColor
GetDIBColorTable
UpdateColors
SetDeviceGammaRamp
DeleteObject
CreateDCA
GetGraphicsMode
CreateBitmap
GetOutlineTextMetricsW
DeleteDC
GetDeviceCaps
PlayMetaFile
GetBkColor
SetRectRgn
SetLayout
GetObjectA
GetMetaFileA
SetBrushOrgEx
GetRandomRgn
StartDocW
GdiFlush
Arc
RectInRegion

comdlg32

FindTextA

kernel32

GetProfileIntA
GetCurrentProcess
GetVolumeInformationA
GetStartupInfoW
MultiByteToWideChar
RemoveDirectoryW
WritePrivateProfileStringW
CreateNamedPipeW
QueryPerformanceCounter
VirtualAlloc
SetEnvironmentVariableA
lstrcpyn
TlsAlloc
SystemTimeToFileTime
UnhandledExceptionFilter
ResetEvent
HeapCreate
CompareStringA
GetSystemTime
WideCharToMultiByte
GetStdHandle
GetCurrentProcessId
TerminateThread
CommConfigDialogW
GetNumberFormatA
GetCurrentThreadId
CreateThread
SetStdHandle
GetTickCount
GetCurrentThread
OpenMutexA
WriteFile
GetCalendarInfoA
VirtualFree
RtlUnwind
ResumeThread
FlushFileBuffers
CreatePipe
LeaveCriticalSection
SetLastError
FreeEnvironmentStringsW
InterlockedIncrement
OpenFileMappingW
ReadFile
LoadLibraryA
GetModuleHandleA
WaitNamedPipeA
HeapDestroy
TryEnterCriticalSection
EnterCriticalSection
HeapAlloc
GetModuleFileNameW
DeleteCriticalSection
ReadConsoleOutputAttribute
InitializeCriticalSection
GlobalFix
GetCommandLineA
GetLastError
TlsSetValue
VirtualQuery
InterlockedDecrement
GetStringTypeW
InterlockedExchange
LocalSize
GetLogicalDriveStringsW
GetTempPathA
IsDebuggerPresent
GetProcAddress
GetLocalTime
LockFile
GetCommandLineW
GetSystemTimeAsFileTime
HeapFree
ConnectNamedPipe
GetEnvironmentStringsW
LCMapStringW
GetModuleFileNameA
GetProfileStringW
SetFilePointer
FillConsoleOutputCharacterA
GetCPInfo
LocalShrink
GetEnvironmentStrings
GetStringTypeA
GetStartupInfoA
HeapReAlloc
ExitProcess
SetThreadIdealProcessor
WaitForDebugEvent
WaitForMultipleObjectsEx
FreeEnvironmentStringsA
CreateMailslotW
TlsGetValue
LCMapStringA
LoadResource
CloseHandle
IsBadWritePtr
GetTimeZoneInformation
TlsFree
TerminateProcess
CreateMutexA
lstrcpy
VirtualAllocEx
GlobalUnfix
GetFileType
GetVersion
SetHandleCount
CompareStringW
GlobalReAlloc

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7eb0a8dbd51e2064b2d8fdd8e709932

Headers

File Characteristics

Imports

advapi32

comctl32

user32

gdi32

comdlg32

kernel32

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 264KB - Virtual size: 263KB

.data Size: 108KB - Virtual size: 111KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 264KB - Virtual size: 263KB

.data
Size: 108KB - Virtual size: 111KB

.rsrc
Size: 24KB - Virtual size: 23KB