d92447d273b5be44425952c8fd90ab68d4f96858b54500a6bf67f0085751f9ec

Sharing

Copy URL

Twitter E-mail

General

Target

d92447d273b5be44425952c8fd90ab68d4f96858b54500a6bf67f0085751f9ec
Size

712KB
MD5

a0054639bdee26bd296fa17eeec70eb0
SHA1

1f0bb5e69ac1da28a7c2e0c34492e1e6df249f42
SHA256

d92447d273b5be44425952c8fd90ab68d4f96858b54500a6bf67f0085751f9ec
SHA512

b41e474b23af45f72fd985a80bd70b2e12960b9647c08fe03e3c4a1632c7b854827c55a89c0e6fe7ed532b3491226d8b72fb21139817b5378db7f2a3a911644d
SSDEEP

12288:MDQNFEyqo3PlzYKXpdqUVTaRGisvrkEZu3lpjbLiTV+W+QW/:MDQNqo3PlzNoUVTacbvrkWCrOT7u

Score

N/A

Malware Config

Signatures

Files

d92447d273b5be44425952c8fd90ab68d4f96858b54500a6bf67f0085751f9ec
.exe windows x86

dc0ff02c162a0587740fee88a18c8433

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileSize
GetFileTime
WriteFile
LocalFileTimeToFileTime
DosDateTimeToFileTime
FreeLibrary
GetProcAddress
LoadLibraryExA
WaitForSingleObject
CreateProcessA
SystemTimeToFileTime
GetSystemTime
GetWindowsDirectoryA
GetTickCount
SetEvent
OpenEventA
GetPrivateProfileStringA
GetCurrentProcess
GetVersionExA
GetShortPathNameA
GetSystemDirectoryA
WinExec
ReadFile
SetFileTime
SetFileAttributesA
LoadLibraryA
FindNextFileA
IsBadWritePtr
IsBadReadPtr
GetPrivateProfileSectionNamesA
WritePrivateProfileSectionA
WritePrivateProfileStringA
RemoveDirectoryA
GlobalFree
GlobalUnlock
lstrcmpA
FindFirstFileA
GetModuleHandleA
GetVersion
CreateThread
lstrcpynA
Sleep
lstrcmpiA
GetCurrentThreadId
GetCommandLineA
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcatA
GetCurrentProcessId
CreateFileW
GetLocaleInfoA
LockResource
LoadResource
FindResourceA
FindClose
CreateEventA
QueryPerformanceFrequency
CreateFileA
CloseHandle
GetDiskFreeSpaceA
EnterCriticalSection
LeaveCriticalSection
lstrlenW
InterlockedDecrement
LocalFree
InterlockedIncrement
FormatMessageA
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
GetLastError
SetLastError
MoveFileA
DeleteFileA
CopyFileA
GlobalAlloc
GlobalLock
lstrcpyA
GetFileAttributesA
CreateDirectoryA
GetPrivateProfileSectionA
MoveFileExA
GetModuleFileNameA
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
LCMapStringW
MapViewOfFile
UnmapViewOfFile
SearchPathA
VirtualProtect
VirtualQuery
InterlockedExchange
ResetEvent
QueryPerformanceCounter
GetCurrentThread
RtlUnwind
RaiseException
TlsSetValue
ExitThread
HeapAlloc
HeapFree
GetStartupInfoA
ExitProcess
TlsAlloc
TlsGetValue
FlushFileBuffers
SetStdHandle
GetOEMCP
GetStringTypeW
GetStringTypeA
SetFilePointer
IsBadCodePtr
GetFileType
GetCPInfo
LCMapStringA
TerminateProcess
HeapReAlloc
HeapSize
UnhandledExceptionFilter
GetEnvironmentVariableA
HeapCreate
VirtualFree
VirtualAlloc
FreeEnvironmentStringsA
FreeEnvironmentStringsW
CreateFileMappingA
SetUnhandledExceptionFilter
GetACP
GetEnvironmentStrings

user32

CreateDialogIndirectParamA
CharLowerBuffA
wsprintfA
GetDesktopWindow
PostThreadMessageA
DispatchMessageA
TranslateMessage
GetMessageA
CharUpperA
ExitWindowsEx
DestroyWindow
LoadStringA
CharNextA
WaitForInputIdle
MessageBoxA
MsgWaitForMultipleObjects
PeekMessageA
GetDlgItem
SendMessageA
SetDlgItemTextA
IsDialogMessageA

gdi32

GetObjectA
CreateFontIndirectA
DeleteObject
TranslateCharsetInfo

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegConnectRegistryA
RegCloseKey
RegDeleteKeyA
RegOpenKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExA
RegQueryInfoKeyA
RegDeleteValueA
OpenThreadToken
RegEnumKeyExA
RegEnumValueA
AllocateAndInitializeSid
RegQueryValueA
FreeSid
EqualSid
GetTokenInformation

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

ole32

OleLoadFromStream
CoUnmarshalInterface
CoMarshalInterface
CoReleaseMarshalData
CreateFileMoniker
CLSIDFromString
CoCreateGuid
CoRegisterClassObject
StringFromCLSID
CreateItemMoniker
GetRunningObjectTable
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
ProgIDFromCLSID
CoTaskMemFree
CoGetInterfaceAndReleaseStream
CoInitialize
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoUninitialize
StgOpenStorage
StgCreateDocfile
CoRevokeClassObject

oleaut32

RegisterTypeLi
SysStringByteLen
SafeArrayCreate
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SetErrorInfo
CreateErrorInfo
SafeArrayDestroy
SafeArrayPutElement
VariantCopy
VariantChangeType
VariantInit
LoadRegTypeLi
SysAllocStringLen
SysStringLen
SysReAllocStringLen
SysFreeString
SysAllocStringByteLen
SafeArrayGetDim
LoadTypeLi
SafeArrayCopy
SysAllocString
VariantClear
VariantCopyInd

msi

ord87
ord189
ord18
ord144
ord46
ord136
ord67
ord141
ord168
ord7
ord93
ord91
ord95
ord120
ord17
ord124
ord49
ord75
ord79
ord116
ord73
ord112
ord31
ord159
ord8
ord160
ord117
ord146
ord103
ord33

rpcrt4

RpcRaiseException
NdrConformantStringUnmarshall
RpcServerUseProtseqEpA
RpcServerUnregisterIf
RpcMgmtStopServerListening
NdrPointerBufferSize
NdrPointerMarshall
NdrPointerFree
NdrServerInitializeNew
NdrConvert
I_RpcGetBuffer
RpcServerRegisterIf
RpcServerListen

comctl32

ord17

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 412KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dc0ff02c162a0587740fee88a18c8433

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msi

rpcrt4

comctl32

version

Sections

.text Size: 412KB - Virtual size: 408KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 36KB - Virtual size: 121KB

.rsrc Size: 184KB - Virtual size: 200KB

.text
Size: 412KB - Virtual size: 408KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 36KB - Virtual size: 121KB

.rsrc
Size: 184KB - Virtual size: 200KB