f54d905b78edf147432d5b96f1f1e5dfd11a4b258b785e82a8aa8da451ea8bfe

Sharing

Copy URL

Twitter E-mail

General

Target

f54d905b78edf147432d5b96f1f1e5dfd11a4b258b785e82a8aa8da451ea8bfe
Size

375KB
MD5

810baa1865445d905d9a6d7350c4fd93
SHA1

4f3612ff4e0bce078c41cff3986c921b996bab96
SHA256

f54d905b78edf147432d5b96f1f1e5dfd11a4b258b785e82a8aa8da451ea8bfe
SHA512

fff57cccf34deff4f6d2e411c03a5376063c5ad80e8bab7d08bf89049f292599d194e95f75184b5a171d1283d24d8d1db8d3ab35e4ccf7a4720c0f8aac0166ce
SSDEEP

6144:7f4IowOarjNROB4jB0N9BLb2QMsAlfZZgDg5/bw:7f4IowN/XOB4jB0Nbv6fn

Score

N/A

Malware Config

Signatures

Files

f54d905b78edf147432d5b96f1f1e5dfd11a4b258b785e82a8aa8da451ea8bfe
.exe windows x86

b8be83b1d2cf9cd1c0071ee91dbf5b25

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenW
InternetSetOptionW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle

iphlpapi

GetAdaptersInfo

kernel32

CreateProcessW
WaitForSingleObject
GetExitCodeProcess
OpenProcess
FreeLibrary
GetCurrentThreadId
GetACP
Sleep
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
GetVersionExW
GetSystemWow64DirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
FindResourceW
LoadResource
SizeofResource
LockResource
GetFileSize
ReadFile
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetEvent
InitializeCriticalSection
ReleaseSemaphore
ResetEvent
InterlockedIncrement
InterlockedDecrement
lstrlenW
GetModuleFileNameW
RaiseException
SetLastError
FlushInstructionCache
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpW
GetTempFileNameW
FreeResource
LoadLibraryExW
lstrcmpiW
GetPrivateProfileIntW
GetSystemTime
SearchPathW
GetCurrentDirectoryA
ExitProcess
HeapCreate
GetStartupInfoA
SetHandleCount
GetConsoleMode
GetConsoleCP
GetModuleFileNameA
GetStdHandle
GetStartupInfoW
IsValidCodePage
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetSystemTimeAsFileTime
GetFileType
GetFullPathNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
InitializeCriticalSectionAndSpinCount
GetDriveTypeA
SetFileTime
CloseHandle
CreateFileW
GetModuleHandleW
GetProcAddress
GetCommandLineW
WideCharToMultiByte
GetCurrentProcessId
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetVolumeInformationW
VirtualFree
FlushFileBuffers
WriteFile
DeleteFileW
SetFileAttributesW
CreateDirectoryW
CopyFileW
GetLastError
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
MultiByteToWideChar
GetTempPathW
SetFilePointer
VirtualAlloc
SetEndOfFile
CreateFileA
SetStdHandle
LCMapStringW

user32

SetWindowPos
CharNextW
GetWindow
RedrawWindow
GetFocus
IsChild
EndPaint
MonitorFromWindow
GetMonitorInfoW
PostQuitMessage
RegisterWindowMessageW
GetWindowTextLengthW
GetClassInfoExW
BeginPaint
LoadCursorW
DefWindowProcW
CreateWindowExW
UnregisterClassA
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
RegisterClassExW
CreateAcceleratorTableW
ClientToScreen
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
FillRect
InvalidateRgn
CallWindowProcW
InvalidateRect
GetDesktopWindow
DestroyAcceleratorTable
ShowWindow
DestroyIcon
KillTimer
SendInput
SetTimer
MessageBeep
SetWindowTextW
LoadIconW
GetClassNameW
GetClientRect
SendMessageW
ReleaseDC
GetDC
IsWindow
DestroyWindow
MapWindowPoints
GetWindowRect
GetDlgItem
SetFocus
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
EnumWindows
LockSetForegroundWindow
SetWindowLongW
GetWindowTextW
GetWindowThreadProcessId
GetWindowLongW
GetParent
GetSysColor

gdi32

BitBlt
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
GetStockObject
GetObjectW
GetDeviceCaps
SelectObject
DeleteDC

advapi32

RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryInfoKeyW
RegDeleteValueW

shell32

ShellExecuteW
SHGetFolderPathW
Shell_NotifyIconW
SHGetSpecialFolderPathW

ole32

CoTaskMemRealloc
OleInitialize
OleUninitialize
CLSIDFromString
CoTaskMemFree
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoInitialize
CoUninitialize
CLSIDFromProgID

oleaut32

LoadTypeLi
VariantClear
SysAllocString
SysFreeString
VariantInit
VarUI4FromStr
DispCallFunc
SysAllocStringLen
LoadRegTypeLi
OleCreateFontIndirect
SysStringLen

shlwapi

StrCmpIW
PathFindExtensionW
PathRemoveBackslashW
StrStrIW
PathAddBackslashW
PathFindFileNameW
PathStripToRootW

urlmon

URLDownloadToFileW

psapi

GetProcessImageFileNameW
EnumProcessModules
GetModuleFileNameExW

Sections

.text
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b8be83b1d2cf9cd1c0071ee91dbf5b25

Headers

DLL Characteristics

File Characteristics

Imports

wininet

iphlpapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

urlmon

psapi

Sections

.text Size: 254KB - Virtual size: 254KB

.rdata Size: 46KB - Virtual size: 46KB

.data Size: 10KB - Virtual size: 17KB

.rsrc Size: 40KB - Virtual size: 40KB

.reloc Size: 23KB - Virtual size: 23KB

.text
Size: 254KB - Virtual size: 254KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 10KB - Virtual size: 17KB

.rsrc
Size: 40KB - Virtual size: 40KB

.reloc
Size: 23KB - Virtual size: 23KB