a012670008ec8091877bcc044624c03b8d9d6f1784f8e74cfedb6dc87035da36

Sharing

Copy URL

Twitter E-mail

General

Target

a012670008ec8091877bcc044624c03b8d9d6f1784f8e74cfedb6dc87035da36
Size

721KB
MD5

45a9865dfafff4c22070b81da0d80150
SHA1

eeb1a59d34ae8a064a6505bc68be18d5917bce5c
SHA256

a012670008ec8091877bcc044624c03b8d9d6f1784f8e74cfedb6dc87035da36
SHA512

9561a5e513526443169fde9f624e56e615e1e687f5b123ea7f7b5776d9054fef80115f5f9bbbb9881d93349f877aff4a41d8a805d80742fb7c27f7deb713f404
SSDEEP

12288:Z6ETd/o2EDrAnpxfgr3tgRKc6svHfP/K0Ie86tdyD9A+RtOkyiAsZBgQgUKD:ZFThp6sv/PC0Vte9XO55sZBAz

Score

N/A

Malware Config

Signatures

Files

a012670008ec8091877bcc044624c03b8d9d6f1784f8e74cfedb6dc87035da36
.exe windows x86

3c91adf9dbf078f266cd8079d7d3ccf9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
lstrcpyW
FlushInstructionCache
GetCurrentProcess
DebugBreak
OutputDebugStringW
lstrlenA
GetLastError
CreateMutexW
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
GetProcAddress
GetModuleHandleW
GetVersionExW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
ReadFile
GetFileSizeEx
GetPrivateProfileIntW
GetPrivateProfileStringW
GetExitCodeProcess
GetFileSize
TerminateProcess
GetSystemDirectoryW
CopyFileW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetTickCount
OpenProcess
LoadLibraryW
FreeLibrary
WideCharToMultiByte
GetVersion
MulDiv
WritePrivateProfileStringW
MultiByteToWideChar
GetModuleFileNameW
GetLongPathNameW
GetSystemTimeAsFileTime
GetExitCodeThread
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
CloseHandle
InterlockedIncrement
lstrlenW
TryEnterCriticalSection
CreateEventA
GetSystemDirectoryA
LocalAlloc
QueryPerformanceCounter
SetEnvironmentVariableA
GetOEMCP
GetACP
GetLocaleInfoW
SetEndOfFile
FindClose
LoadLibraryA
SetStdHandle
IsBadCodePtr
GetStringTypeW
GetStringTypeA
GetTempPathW
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
SetUnhandledExceptionFilter
GetStartupInfoA
GetStdHandle
SetHandleCount
GetCommandLineA
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
UnhandledExceptionFilter
HeapSize
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
RaiseException
ExitProcess
GetStartupInfoW
GetModuleHandleA
IsBadReadPtr
HeapReAlloc
RtlUnwind
GetTimeZoneInformation
ExitThread
OpenThread
GetEnvironmentVariableW
SetEnvironmentVariableW
TlsFree
FormatMessageW
GetSystemTime
GetFileType
InterlockedExchange
LocalFree
DuplicateHandle
GetProcessHeap
HeapAlloc
HeapFree
CreateThread
FindFirstFileW
GetFullPathNameW
SetLastError
FindNextFileW
FindResourceW
SizeofResource
LoadResource
CreateFileW
LockResource
WriteFile
ResumeThread
Sleep
GetCurrentProcessId
GetTempFileNameW
RemoveDirectoryW
DeleteFileW
TerminateThread
GetFileTime
FlushFileBuffers
TlsAlloc
TlsGetValue
TlsSetValue
GetLocalTime
CreateDirectoryW
ResetEvent
GetFileAttributesExW
MoveFileW
CreateFileA
MoveFileExW
CreateEventW
SetEvent
ReleaseMutex
GetFileAttributesW
SetFilePointer
WaitForSingleObject
SetProcessWorkingSetSize
GetUserDefaultLCID
InterlockedDecrement

user32

PostMessageW
SendMessageW
PeekMessageW
GetMessageW
SetWindowLongW
wvsprintfW
CharNextW
DestroyWindow
DefWindowProcW
EndDialog
TranslateMessage
DispatchMessageW
SetForegroundWindow
ShowWindow
GetActiveWindow
DialogBoxParamW
LoadStringW
MessageBoxW
BeginPaint
EndPaint
SetCursor
GetSysColor
GetDC
ReleaseDC
GetWindowTextW
InflateRect
GetScrollInfo
MoveWindow
GetScrollRange
GetScrollPos
SetScrollPos
SetFocus
SetScrollInfo
ShowScrollBar
GetCursorPos
ScreenToClient
DrawTextW
GetSystemMenu
EnableMenuItem
DestroyMenu
GetWindowPlacement
BringWindowToTop
LoadIconW
UpdateWindow
PostQuitMessage
IsDialogMessageW
KillTimer
SetTimer
CreateWindowExW
CallWindowProcW
InvalidateRect
RedrawWindow
GetClassInfoExW
LoadCursorW
wsprintfW
RegisterClassExW
IsWindow
IsWindowVisible
IsIconic
ExitWindowsEx
EnableWindow
OffsetRect
GetDlgItem
PtInRect
CopyRect
CharLowerW
SetDlgItemTextW
CharUpperW
GetSystemMetrics
LoadImageW
SetWindowTextW
GetParent
GetWindowLongW
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos

gdi32

BitBlt
GetDeviceCaps
SetBkColor
ExtTextOutW
CreateCompatibleDC
DeleteDC
SetBkMode
SelectObject
SetTextColor
CreateFontIndirectW
DeleteObject
CreateCompatibleBitmap

advapi32

RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegCreateKeyW
RegOpenKeyW

shell32

ShellExecuteW
SHGetSpecialFolderPathW
ShellExecuteExW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
Shell_NotifyIconW
SHBrowseForFolderW
ord165
SHCreateDirectoryExW

ole32

CLSIDFromProgID
CoTaskMemFree
CreateStreamOnHGlobal
CoInitialize
CLSIDFromString
CoCreateInstance
CoUninitialize

oleaut32

OleLoadPicture
SysAllocString
SysFreeString
VariantClear

shlwapi

PathIsRootW
PathFindFileNameW
PathIsDirectoryW
SHGetValueW
PathCombineW
PathRemoveFileSpecW
PathFileExistsW

version

VerQueryValueW
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA

comctl32

InitCommonControlsEx

msimg32

TransparentBlt

ws2_32

inet_ntoa
gethostname
gethostbyname
closesocket
select
recvfrom
inet_addr
sendto
WSAGetLastError
ioctlsocket
setsockopt
htonl
accept
htons
bind
listen
WSAStartup
WSACloseEvent
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSACreateEvent
__WSAFDIsSet
socket
ntohl
ntohs
send
connect
recv
WSAEventSelect
WSACleanup

setupapi

SetupIterateCabinetW

psapi

EnumProcessModules
GetModuleFileNameExW

Sections

.text
Size: 492KB - Virtual size: 488KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 40KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3c91adf9dbf078f266cd8079d7d3ccf9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

version

comctl32

msimg32

ws2_32

setupapi

psapi

Sections

.text Size: 492KB - Virtual size: 488KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 40KB - Virtual size: 51KB

.rsrc Size: 132KB - Virtual size: 132KB

.text
Size: 492KB - Virtual size: 488KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 40KB - Virtual size: 51KB

.rsrc
Size: 132KB - Virtual size: 132KB