aa1a5fe4cf72064f807965e8c96d19e96053afecadd9a08fb30be9459b1957d4

Sharing

Copy URL Twitter E-mail

General

Target

aa1a5fe4cf72064f807965e8c96d19e96053afecadd9a08fb30be9459b1957d4
Size

104KB
MD5

8198d8dc131827b5b7951c1343b717d0
SHA1

9b813f1312a7b13681cb2b7726a7feb0a4945ca2
SHA256

aa1a5fe4cf72064f807965e8c96d19e96053afecadd9a08fb30be9459b1957d4
SHA512

fc6a8ad80b7c84f456e4ab04ea42bc030bb4d18f1f7ab4a980aa19e2a62c0a40badfa5865bd596dfa8fc36f84f796c8a0b66cf6b091fb710554432d35472afd8
SSDEEP

3072:BpU9efV3zItskAes8pxxHBZujgZTOlcdy:E98V3zItxxRuUZThQ

Score

N/A

Malware Config

Signatures

Files

aa1a5fe4cf72064f807965e8c96d19e96053afecadd9a08fb30be9459b1957d4
.exe windows x86

47dd2060362f310d0fecf95fe0d8b061

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
ExitProcess
lstrcmpA
ExitThread
InterlockedExchangeAdd
InterlockedIncrement
DeleteFileA
GetTempPathA
CreateThread
InterlockedExchange
IsBadReadPtr
SystemTimeToFileTime
GetSystemTime
GetModuleFileNameA
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
LoadLibraryA
TerminateProcess
CloseHandle
WaitForDebugEvent
ContinueDebugEvent
DebugActiveProcess
OpenProcess
HeapReAlloc
lstrcmpiA
GetLastError
InitializeCriticalSection
GetSystemTimeAsFileTime
ReadFile
GetFileSize
CreateFileA
WriteFile
SetFilePointer
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcessId
MultiByteToWideChar
WideCharToMultiByte
CopyFileA
MoveFileA
GetSystemDirectoryA
InterlockedDecrement
Sleep
WaitForSingleObject
CreateMutexA
FindClose
FindNextFileA
FindFirstFileA
HeapDestroy
HeapCreate
GetCurrentProcess
GetEnvironmentVariableA
MapViewOfFile
CreateFileMappingA
RemoveDirectoryA
LocalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
GetVolumeInformationA
GetSystemInfo
GetTickCount
lstrlenA
lstrcatA
GetComputerNameA
HeapFree
IsBadCodePtr
RaiseException
SetUnhandledExceptionFilter
FlushFileBuffers
SetStdHandle
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetProcessHeap
HeapAlloc
HeapSize
IsBadWritePtr
VirtualAlloc
VirtualFree
GetVersionExA
GetVersion
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetTimeZoneInformation
RtlUnwind

user32

GetWindowTextA
GetActiveWindow
FindWindowExA
SetActiveWindow
wsprintfA
ShowWindow
GetWindowThreadProcessId
GetParent
SendMessageA
GetSystemMetrics
FindWindowA

advapi32

GetUserNameA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

ole32

CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SafeArrayCreateVector
VariantClear
SysAllocStringLen
VariantChangeType
SafeArrayDestroy
SafeArrayAccessData
SysAllocString

dnsapi

DnsRecordListFree
DnsQuery_A

ws2_32

inet_addr

wininet

FindCloseUrlCache
InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA
CommitUrlCacheEntryA
CreateUrlCacheEntryA
FindFirstUrlCacheEntryA
UnlockUrlCacheEntryFile
DeleteUrlCacheEntry
FindNextUrlCacheEntryA

winmm

mixerClose
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetNumDevs
mixerOpen
mixerGetDevCapsA
mixerGetLineInfoA

netapi32

NetScheduleJobAdd
NetScheduleJobEnum

userenv

GetProfilesDirectoryA

shlwapi

StrStrIA
StrChrA
StrCmpNIA
StrRChrA
StrDupA
StrStrA

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

47dd2060362f310d0fecf95fe0d8b061

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

dnsapi

ws2_32

wininet

winmm

netapi32

userenv

shlwapi

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 20KB - Virtual size: 27KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 20KB - Virtual size: 27KB