3ed0cb5429c34870f12d36ed1e1233e2b6192c258645cf0c6f8b3246c3b3e6a2

Sharing

Copy URL Twitter E-mail

General

Target

3ed0cb5429c34870f12d36ed1e1233e2b6192c258645cf0c6f8b3246c3b3e6a2
Size

437KB
MD5

40e6ff775f794484e5e5cd1b4bf41bf0
SHA1

a7ce6145068d925e014b7298d8f7e6d60fe303e8
SHA256

3ed0cb5429c34870f12d36ed1e1233e2b6192c258645cf0c6f8b3246c3b3e6a2
SHA512

4c6b96298822bf3bf1d1b3167591b16230a004002019f987fb2fecc90cbd3183ea602be32b7b97ba80887c0d11d61454c995566af4bb91f4edf01b7c56eebc32
SSDEEP

6144:dkayNMg0KbJ/oJ9I/rFMsboaa+OSEHhETN4QCfDCUcC09FSy9g:+ayfJ+EFMscaa/S47Fcxp9g

Score

N/A

Malware Config

Signatures

Files

3ed0cb5429c34870f12d36ed1e1233e2b6192c258645cf0c6f8b3246c3b3e6a2
.exe windows x86

e576d253c22fd6e5df70fd004809c759

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingW
GetFileSize
MulDiv
DeviceIoControl
GetLogicalDrives
GetDriveTypeW
GetDiskFreeSpaceExW
CopyFileW
FindFirstFileW
FindClose
LocalFree
OpenMutexW
CreateMutexW
GetFullPathNameW
GetCPInfo
GetPrivateProfileIntW
GetPrivateProfileStringW
OpenFileMappingW
WaitForSingleObject
ReleaseMutex
MapViewOfFile
ProcessIdToSessionId
GlobalAlloc
GlobalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
GetDriveTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
IsValidLocale
MapViewOfFileEx
GetUserDefaultLCID
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentDirectoryA
GetStdHandle
HeapCreate
GetDateFormatA
GetTimeFormatA
IsValidCodePage
GetOEMCP
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetTimeZoneInformation
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoW
CreateDirectoryW
FileTimeToLocalFileTime
FileTimeToSystemTime
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
Sleep
GetThreadLocale
UnmapViewOfFile
SystemTimeToFileTime
GetLocalTime
GetCommandLineW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
FlushInstructionCache
ReadFile
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
RaiseException
SetLastError
SetUnhandledExceptionFilter
CloseHandle
GetCurrentThread
ReadProcessMemory
MultiByteToWideChar
LoadResource
GetProcAddress
GetCurrentThreadId
FreeLibrary
SizeofResource
GetLastError
FindResourceW
GetThreadSelectorEntry
FindResourceExW
CreateFileA
WriteFile
VirtualQuery
GetModuleFileNameA
GetCurrentProcess
GetVersionExW
VirtualQueryEx
SetFilePointer
CreateFileW
LoadLibraryW
GetCurrentProcessId
LockResource
DeleteFileW
WritePrivateProfileStringW
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetModuleFileNameW
EnumSystemLocalesA

user32

CreateWindowExW
InvalidateRect
BeginPaint
SetTimer
LoadBitmapW
DrawTextW
CreateDialogParamW
PtInRect
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
LoadCursorW
ShowWindow
FillRect
SendMessageW
ReleaseDC
LoadImageW
EndPaint
ScreenToClient
DestroyWindow
IsWindow
GetClientRect
MoveWindow
GetWindowRect
GetDlgItem
SetWindowLongW
GetDC
UpdateLayeredWindow
PostMessageW
DefWindowProcW
UpdateWindow
RegisterClassExW
GetClassInfoExW
UnregisterClassW
TrackMouseEvent
GetWindowLongW
GetSystemMetrics
RedrawWindow
GetParent
DispatchMessageW
TranslateMessage
GetMessageW
SetCursor
PostQuitMessage
IsWindowVisible
GetMonitorInfoW
KillTimer
MonitorFromPoint
SetWindowPos
GetCursorPos
UnregisterClassA

gdi32

GetDeviceCaps
CreateDIBSection
Rectangle
PatBlt
CreateFontIndirectW
GetObjectW
SetTextColor
GetTextExtentPointW
SetBkMode
DeleteDC
BitBlt
SelectObject
CreateFontW
CreateCompatibleDC
DeleteObject
CreateSolidBrush
SetBkColor

advapi32

GetSecurityInfo
RegQueryValueExA
LookupAccountSidW
ConvertSidToStringSidW
LookupAccountNameW
RegCreateKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
BuildExplicitAccessWithNameW
RegOpenKeyExW
GetTokenInformation
OpenProcessToken
GetSecurityDescriptorSacl
RegQueryValueExW
RegOpenKeyExA
RegCloseKey

shell32

SHGetFolderPathW
SHCreateDirectoryExW
ShellExecuteExW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoUninitialize
CreateBindCtx
CoCreateInstance
CoCreateGuid
CoInitialize

oleaut32

SysAllocString
SysFreeString

shlwapi

PathFileExistsW

comctl32

ord17

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

ws2_32

closesocket
WSACleanup
sendto
WSAStartup
socket
ntohl
htonl
htons
gethostbyname

urlmon

RegisterBindStatusCallback
CreateURLMoniker

netapi32

NetWkstaTransportEnum
NetApiBufferFree
Netbios

Sections

.text
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e576d253c22fd6e5df70fd004809c759

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

wtsapi32

version

ws2_32

urlmon

netapi32

Sections

.text Size: 220KB - Virtual size: 216KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 8KB - Virtual size: 17KB

Shared Size: 4KB - Virtual size: 4B

.rsrc Size: 140KB - Virtual size: 140KB

.text
Size: 220KB - Virtual size: 216KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 8KB - Virtual size: 17KB

Shared
Size: 4KB - Virtual size: 4B

.rsrc
Size: 140KB - Virtual size: 140KB