7b8256a4e4621e241e9720cf8b5d2674557ae3590eb774ffd50d801eb9cb7653

Sharing

Copy URL Twitter E-mail

General

Target

7b8256a4e4621e241e9720cf8b5d2674557ae3590eb774ffd50d801eb9cb7653
Size

256KB
MD5

73d9dcf5c7a8a4e352f8db7f0d722210
SHA1

f50a2afa67df592c4dc57d53539dd9eca33efc5e
SHA256

7b8256a4e4621e241e9720cf8b5d2674557ae3590eb774ffd50d801eb9cb7653
SHA512

019b6e7943d29399102ec28b66d5d069cbc3f37abbe0af917d4ab3520725cd1851f8b8094c6a3a6b8a92b7664fc9a2ed8b09aed179cbbf813162cdb43e1200f5
SSDEEP

6144:vY6mc1oP995lM3kLLQpEZgPngab8LOjCuuITezBTuL1ob6g:Fo17S0vQpEZgPIOnuYUBTuL1ob6g

Score

N/A

Malware Config

Signatures

Files

7b8256a4e4621e241e9720cf8b5d2674557ae3590eb774ffd50d801eb9cb7653
.exe windows x86

ae4f0490686146695e5ab3da8abb8671

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

shlwapi

PathFileExistsW
PathRemoveFileSpecW
PathCombineW

kernel32

InterlockedIncrement
lstrcmpiW
SetLastError
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
LocalFree
GetCommandLineW
LoadLibraryW
GetProcAddress
lstrcpyW
CompareStringW
GetEnvironmentVariableW
OutputDebugStringW
WideCharToMultiByte
WriteFile
CloseHandle
SetFilePointer
ReadFile
GetFileSize
CreateFileW
DeleteFileW
MoveFileExA
DeleteFileA
GetACP
HeapFree
GetProcessHeap
CreateFileA
HeapAlloc
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
RaiseException
TlsFree
GetLastError
TlsAlloc
TlsGetValue
HeapSize
HeapReAlloc
HeapCreate
ExitProcess
Sleep
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
SetEndOfFile
RtlUnwind
GetSystemTimeAsFileTime
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetOEMCP
IsValidCodePage
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoA
GetCurrentThreadId
lstrlenW
InterlockedDecrement
InterlockedExchange
GetConsoleMode
SetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetCurrentProcess
FlushInstructionCache
FreeLibrary
GetFileAttributesW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
TlsSetValue
EnterCriticalSection
GetModuleHandleA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount

user32

BeginPaint
GetSysColor
GetFocus
GetCapture
ReleaseCapture
GetCursorPos
PtInRect
SetCursor
CallWindowProcW
DrawFocusRect
FillRect
SetFocus
SetCapture
IsWindowEnabled
InvalidateRect
UpdateWindow
ScreenToClient
GetClassNameW
CreateCursor
DestroyCursor
SetRectEmpty
OffsetRect
ReleaseDC
GetDC
GetWindow
GetWindowRect
EndPaint
MapWindowPoints
SetWindowPos
IsWindow
GetDlgItem
GetParent
IsDlgButtonChecked
CheckDlgButton
EnableWindow
KillTimer
SetTimer
ShowWindow
GetClientRect
DrawTextW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetWindowLongW
CreateWindowExW
SendMessageW
EndDialog
DefWindowProcW
GetActiveWindow
DialogBoxParamW
DestroyWindow
CharNextW
LoadStringW
SetWindowLongW
SetDlgItemTextW
LoadIconW
SystemParametersInfoW
UnregisterClassA
MessageBoxW
GetDlgCtrlID

gdi32

DeleteDC
GetStockObject
GetObjectW
DeleteObject
SetBkMode
SelectObject
CreateFontIndirectW
SetTextColor

advapi32

RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyW

shell32

ShellExecuteW
CommandLineToArgvW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx
_TrackMouseEvent

wininet

HttpOpenRequestA
HttpAddRequestHeadersA
InternetSetCookieA
HttpSendRequestA
InternetOpenA
HttpEndRequestW
InternetAttemptConnect
InternetWriteFile
InternetReadFile
InternetCloseHandle
HttpSendRequestExA
InternetConnectA

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ae4f0490686146695e5ab3da8abb8671

Headers

DLL Characteristics

File Characteristics

Imports

version

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 16KB - Virtual size: 23KB

.rsrc Size: 83KB - Virtual size: 84KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 16KB - Virtual size: 23KB

.rsrc
Size: 83KB - Virtual size: 84KB