5fd22c20d28a5cef07e7cde82c45d35db7f21a73eec287c4db24b8aff10dc33b

Sharing

Copy URL Twitter E-mail

General

Target

5fd22c20d28a5cef07e7cde82c45d35db7f21a73eec287c4db24b8aff10dc33b
Size

889KB
MD5

46ebf55c3ec8e673e1dbc59c1a758440
SHA1

5b0a531807f72a8d5cfe6d81e31d7415cdd8d56f
SHA256

5fd22c20d28a5cef07e7cde82c45d35db7f21a73eec287c4db24b8aff10dc33b
SHA512

31f1c5043d9f69aadf9ec79ec79311b8eca53eabac69187a4eecda31483c7edc2395f03e090b3804af7941fbbc4d0eb94bc3075d1e8e5bb56125bc5cc0660b39
SSDEEP

24576:ezLiyystXqYPKYIVIA//hXzHVwLsa21X26:rOvIZ3JVwLsb

Score

N/A

Malware Config

Signatures

Files

5fd22c20d28a5cef07e7cde82c45d35db7f21a73eec287c4db24b8aff10dc33b
.exe windows x86

749c2214df9318006521a8e6cecd687c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExW
InterlockedDecrement
lstrlenW
GetCurrentThreadId
CreateProcessW
WritePrivateProfileStringW
GetPrivateProfileStringW
InterlockedIncrement
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
GetCurrentProcessId
GetTickCount
GetDriveTypeW
LoadLibraryW
GetWindowsDirectoryW
GetFileSize
TlsFree
GetCurrentProcess
GetModuleHandleA
LoadLibraryA
ProcessIdToSessionId
FindClose
FindFirstFileW
Thread32Next
SuspendThread
OpenThread
Thread32First
CreateToolhelp32Snapshot
ResumeThread
GlobalMemoryStatus
SystemTimeToFileTime
FileTimeToSystemTime
SetEnvironmentVariableW
OpenProcess
WritePrivateProfileSectionW
GetDiskFreeSpaceExW
GetLogicalDriveStringsW
QueryDosDeviceW
WideCharToMultiByte
AreFileApisANSI
ReadProcessMemory
Module32NextW
Module32FirstW
Process32NextW
Process32FirstW
GetPrivateProfileIntW
FindNextFileW
InterlockedCompareExchange
CreateDirectoryW
lstrlenA
DebugBreak
OutputDebugStringW
TlsSetValue
TlsGetValue
GetLongPathNameW
GetTempPathW
GetACP
GetExitCodeProcess
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
ExpandEnvironmentStringsW
GetCommandLineW
lstrcmpW
CreateMutexW
TerminateProcess
MoveFileExW
GetPrivateProfileSectionW
GetTimeZoneInformation
DeleteFileW
DeviceIoControl
InterlockedExchange
GetHandleInformation
CreateEventA
DeleteAtom
FindAtomW
AddAtomW
GetAtomNameW
GetProcessHeap
GetSystemTime
LocalFree
GetLocalTime
FormatMessageW
GetFileSizeEx
SetFilePointerEx
SetEndOfFile
LocalFileTimeToFileTime
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
DeleteCriticalSection
MoveFileW
CopyFileW
GetVersionExW
GetVersion
GetModuleHandleW
GetProcAddress
CreateMutexA
GetLastError
ReleaseMutex
RaiseException
CreateThread
CreateNamedPipeW
ConnectNamedPipe
EnterCriticalSection
LeaveCriticalSection
WriteFile
SetEvent
Sleep
WaitNamedPipeW
CreateFileW
ReadFile
InitializeCriticalSection
OutputDebugStringA
CloseHandle
DisconnectNamedPipe
WaitForSingleObject
GetTimeFormatA
SetConsoleCtrlHandler
GetStringTypeA
GetLocaleInfoA
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetModuleFileNameA
GetStdHandle
ExitProcess
VirtualAlloc
FatalAppExitA
VirtualFree
HeapDestroy
HeapCreate
IsValidCodePage
GetOEMCP
GetCurrentThread
SetLastError
TlsAlloc
GetStringTypeW
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoA
GetCommandLineA
ExitThread
HeapReAlloc
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
TerminateThread
SetFilePointer
UnhandledExceptionFilter

user32

MessageBoxW
SendMessageTimeoutW
DispatchMessageW
TranslateMessage
PeekMessageW
LoadStringW
FindWindowW
CharNextW
SetTimer
DestroyWindow
CreateWindowExW
RegisterClassExW
PostQuitMessage
DefWindowProcW
FindWindowExW
CharLowerBuffW
EnumThreadWindows
CharLowerW
ShowWindow
GetWindowRect
BringWindowToTop
SetForegroundWindow
SwitchToThisWindow
SetWindowPos
SystemParametersInfoW
GetSystemMetrics
WindowFromPoint
WaitForInputIdle
wvsprintfW
LoadIconW

advapi32

RegQueryValueExA
SetSecurityDescriptorDacl
LookupPrivilegeValueW
AdjustTokenPrivileges
GetUserNameW
OpenProcessToken
GetTokenInformation
IsValidSid
EqualSid
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
AllocateAndInitializeSid
SetEntriesInAclW
InitializeSecurityDescriptor
FreeSid

shell32

ShellExecuteW
SHChangeNotify
ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW
SHGetSpecialFolderPathW
Shell_NotifyIconW

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysFreeString
VarUI4FromStr
SysAllocString

shlwapi

StrCmpNIW
SHDeleteKeyW
SHDeleteValueW
StrCmpNW
SHSetValueW
StrStrIW
PathAppendW
StrStrIA
PathAddBackslashW
SHGetValueW
PathRemoveFileSpecW
PathFileExistsW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

wintrust

WTHelperProvDataFromStateData
WinVerifyTrust

crypt32

CertGetNameStringW

ws2_32

select

Sections

.text
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 359KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

749c2214df9318006521a8e6cecd687c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

version

wintrust

crypt32

ws2_32

Sections

.text Size: 444KB - Virtual size: 443KB

.rdata Size: 65KB - Virtual size: 64KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 359KB - Virtual size: 360KB

.text
Size: 444KB - Virtual size: 443KB

.rdata
Size: 65KB - Virtual size: 64KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 359KB - Virtual size: 360KB