408647111334cb51154dbd73ea766711641c49a0a92a05b6d421dcaf41df8608

Sharing

Copy URL Twitter E-mail

General

Target

408647111334cb51154dbd73ea766711641c49a0a92a05b6d421dcaf41df8608
Size

404KB
MD5

7ade69138525a8d7cfca2f7e6aed714c
SHA1

329572465184d31291ae3d9bb835ba29b148d055
SHA256

408647111334cb51154dbd73ea766711641c49a0a92a05b6d421dcaf41df8608
SHA512

b5a632d14c4f65623bbd4e4cea42c005efa85a68e03e396d9aeb1f32387e125264d3aa279a5a064117767bd1f08a418e4ed7f6c6c09183338d8e92499ff54423
SSDEEP

12288:pQOSIx0yjokl+gH2AOxHNLiaPRobz4nZnsNuh:+RIx0c7zWhH4aPRov4nBsQ

Score

N/A

Malware Config

Signatures

Files

408647111334cb51154dbd73ea766711641c49a0a92a05b6d421dcaf41df8608
.exe windows x86

1da758ff68008356d44a58303bb6ddd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

inetcomm

MimeOleGetInternat
MimeOleSetCompatMode
MimeOleInetDateToFileTime
MimeOleGetPropertySchema
MimeOleCreateMessage

cfgmgr32

CM_Get_Version_Ex

urlmon

UrlMkSetSessionOption
CoInternetParseUrl
CoInternetGetSession
CopyBindInfo

user32

CallMsgFilterW
GetMessageA
PostThreadMessageA
TranslateMessage
RegisterWindowMessageA
CharNextA
DispatchMessageA

wininet

InternetCrackUrlA
InternetCombineUrlA

kernel32

Sleep
FormatMessageW
InterlockedDecrement
DisableThreadLibraryCalls
LeaveCriticalSection
VirtualProtect
DeleteCriticalSection
TlsGetValue
HeapDestroy
GetSystemTime
GlobalLock
SetUnhandledExceptionFilter
GetShortPathNameA
SetEvent
lstrcpynA
GetTempFileNameA
CloseHandle
GetLastError
CopyFileA
CreateEventA
lstrcmpiA
CreateFileW
FileTimeToSystemTime
WideCharToMultiByte
IsValidCodePage
IsBadReadPtr
GetCurrentThreadId
GetDateFormatA
GetVersionExA
IsDBCSLeadByteEx
lstrlenW
GetUserDefaultLCID
GetTimeFormatW
GetCurrentProcessId
UnhandledExceptionFilter
GetModuleFileNameA
InterlockedIncrement
GlobalHandle
GetACP
SizeofResource
LoadLibraryA
lstrcpyA
GetOverlappedResult
lstrlenA
TlsSetValue
GetTimeFormatA
FindFirstFileA
LoadResource
LoadLibraryExA
GetCPInfo
WaitForSingleObject
VirtualAlloc
SetFileAttributesA
ReadFile
GetStringTypeW
GetFileTime
IsBadWritePtr
GetCurrentProcess
GlobalUnlock
GetDateFormatW
ExitProcess
GetThreadLocale
InitializeCriticalSection
FindResourceA
FindClose
EnterCriticalSection
GlobalReAlloc
GetFileSize
TlsFree
GetTickCount
GetTimeZoneInformation
WriteFile
GlobalFree
HeapCreate
LocalFree
GetProcAddress
SetEndOfFile
SetFilePointer
InterlockedExchange
IsDBCSLeadByte
GetSystemInfo
HeapFree
VirtualFree
GlobalAlloc
GetModuleHandleA
GetCurrentThread
FormatMessageA
CompareFileTime
TlsAlloc
FindNextFileA
QueryPerformanceCounter
MultiByteToWideChar
FreeLibrary
SystemTimeToFileTime
ResetEvent
GetLocaleInfoW
GetSystemTimeAsFileTime
HeapAlloc
FlushFileBuffers
VirtualQuery
CreateFileA
lstrcatA
GetLocaleInfoA
GetSystemDefaultLangID
TerminateProcess

certmgr

DllGetClassObject

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shlwapi

StrCatBuffW

ole32

CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoUninitialize
CoCreateGuid
ProgIDFromCLSID
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
PropVariantClear

advapi32

RegSetValueExA
ImpersonateLoggedOnUser
RegQueryInfoKeyA
RegCloseKey
RegQueryValueExA
RegNotifyChangeKeyValue
RegEnumKeyExA
RegEnumValueA
RevertToSelf
RegOpenKeyExA
OpenThreadToken
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 110KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1da758ff68008356d44a58303bb6ddd8

Headers

DLL Characteristics

File Characteristics

Imports

inetcomm

cfgmgr32

urlmon

user32

wininet

kernel32

certmgr

version

shlwapi

ole32

advapi32

Sections

.text Size: 138KB - Virtual size: 137KB

.idata Size: 4KB - Virtual size: 4KB

.data Size: 110KB - Virtual size: 2.4MB

.reloc Size: 512B - Virtual size: 28B

.rdata Size: 125KB - Virtual size: 125KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 138KB - Virtual size: 137KB

.idata
Size: 4KB - Virtual size: 4KB

.data
Size: 110KB - Virtual size: 2.4MB

.reloc
Size: 512B - Virtual size: 28B

.rdata
Size: 125KB - Virtual size: 125KB

.rsrc
Size: 24KB - Virtual size: 24KB