ded0d7687d0f55c8b9b26808a855c4bb47b3641e0fca8cf5d6505c8d04d33c9a

Sharing

Copy URL Twitter E-mail

General

Target

ded0d7687d0f55c8b9b26808a855c4bb47b3641e0fca8cf5d6505c8d04d33c9a
Size

284KB
MD5

9043cc046944a16df6760546b1176930
SHA1

26d5b8c1ed2ff2e2ade01e210d3650e6157088ac
SHA256

ded0d7687d0f55c8b9b26808a855c4bb47b3641e0fca8cf5d6505c8d04d33c9a
SHA512

3670a49815d67d200a12fc4a19265cbc5cc3cebdf40cc14885f93c67f0314cb456feb306b7ce162c5cde3f329e8e296cd5747e0fac31f6297dee27a96c65f7ff
SSDEEP

6144:GaYuNrEJhO0ZhQEJ59+tSSpDAiVG5IvzI08uMg:5LrEJhQEJ59MSYVG56H8c

Score

N/A

Malware Config

Signatures

Files

ded0d7687d0f55c8b9b26808a855c4bb47b3641e0fca8cf5d6505c8d04d33c9a
.exe windows x86

ea66b8b3c18a79b27d12d7e1f30806f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

lz32

LZCopy
LZOpenFileA
LZClose

kernel32

GetConsoleCP
SetStdHandle
InitializeCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
LCMapStringW
WideCharToMultiByte
LCMapStringA
WriteFile
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetConsoleMode
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
ExitProcess
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedDecrement
InterlockedIncrement
CreateProcessA
WaitForSingleObject
OutputDebugStringA
GetCommandLineA
LoadLibraryA
FreeLibrary
Sleep
RemoveDirectoryA
GetShortPathNameA
GetFileAttributesA
WritePrivateProfileStringA
lstrcmpA
MulDiv
GetModuleFileNameA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
ReadFile
GetVersionExA
GetCurrentProcess
GetProcessHeap
HeapAlloc
HeapFree
GetSystemDirectoryA
GetTempPathA
GetTempFileNameA
CreateDirectoryA
SetFileAttributesA
DeleteFileA
FindNextFileA
MoveFileExA
FindFirstFileA
FindClose
CreateFileA
GetLastError
CloseHandle
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrcatA
GetWindowsDirectoryA
SetThreadLocale
lstrcpynA
lstrcpyA
lstrcmpiA
GetSystemDefaultLCID
lstrlenA
GetLocaleInfoA
GetModuleHandleA
GetProcAddress
FlushFileBuffers
SetFilePointer
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
IsValidCodePage

user32

TranslateMessage
IsDialogMessageA
DispatchMessageA
CreateWindowExA
LoadIconA
FindWindowA
PostQuitMessage
DefWindowProcA
GetSystemMenu
EnableMenuItem
PostMessageA
MessageBoxA
BeginPaint
EndPaint
GetUpdateRect
SetDlgItemTextA
DestroyWindow
CreateDialogParamA
ShowWindow
OffsetRect
DrawTextA
IsWindow
CopyRect
UpdateWindow
GetWindowDC
SystemParametersInfoA
LoadCursorA
RegisterClassA
ExitWindowsEx
GetSystemMetrics
FindWindowExA
SetWindowTextA
SetWindowPos
CharNextA
GetDC
GetClientRect
ReleaseDC
InvalidateRect
GetWindowLongA
GetWindowRect
SendMessageA
SetWindowLongA
wsprintfA
GetMessageA
GetSysColor

gdi32

CreateDIBSection
CreatePalette
SetBkMode
GetTextColor
CreateRectRgn
Polygon
ExtSelectClipRgn
CreateDIBitmap
CreatePatternBrush
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SetStretchBltMode
StretchBlt
SetBkColor
SetTextColor
BitBlt
CreateSolidBrush
GetDeviceCaps
GetObjectA
GetStockObject
SelectObject
DeleteObject
RealizePalette
SelectPalette
CreateFontA
SetBrushOrgEx

advapi32

RegOpenKeyExA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
RegCloseKey
FreeSid
RegEnumKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA

shell32

FindExecutableA

shlwapi

SHDeleteKeyA

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ea66b8b3c18a79b27d12d7e1f30806f5

Headers

File Characteristics

Imports

version

lz32

kernel32

user32

gdi32

advapi32

shell32

shlwapi

Sections

.text Size: 128KB - Virtual size: 125KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 96KB - Virtual size: 96KB

.text
Size: 128KB - Virtual size: 125KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 96KB - Virtual size: 96KB