b227f7644f973b791cd5bc5fa46a3c01696e59b6149ab3ff6fb314d297ad8d11

Sharing

Copy URL Twitter E-mail

General

Target

b227f7644f973b791cd5bc5fa46a3c01696e59b6149ab3ff6fb314d297ad8d11
Size

960KB
MD5

808344565d6e154ab243e3da6ec66010
SHA1

3219dc55c0d0671f2f9584737712c19a595b56df
SHA256

b227f7644f973b791cd5bc5fa46a3c01696e59b6149ab3ff6fb314d297ad8d11
SHA512

b55f9c205d84f90ccdb239be2ceaffc774281de9d619965012c52e9b7675dc81dbbad210d896bb2c297b175ecf1cfefa288f35cbf28d9fd27acc94b9843af8c8
SSDEEP

24576:DWUT7ctPY2SN2WWO2Pq9s3PCJ+484tlkht:3Tw7WWBC96+84tlk

Score

N/A

Malware Config

Signatures

Files

b227f7644f973b791cd5bc5fa46a3c01696e59b6149ab3ff6fb314d297ad8d11
.exe windows x86

443d64a3ea4f74b9ce0ef1988a38cc73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleInitialize
OleUninitialize
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid

shlwapi

SHDeleteKeyA
PathFileExistsA

wininet

InternetCanonicalizeUrlA
InternetReadFile
InternetGetLastResponseInfoA
InternetCrackUrlA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetTimeToSystemTime
InternetSetOptionA
InternetGetConnectedState
InternetConnectA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA

user32

GetAsyncKeyState
SendDlgItemMessageA
GetClientRect
FillRect
GetDlgItemTextA
GetClassInfoExA
LoadCursorA
RegisterClassExA
GetSystemMetrics
CreateWindowExA
SetWindowLongA
UpdateWindow
CharUpperA
CharLowerA
CharNextA
GetClassNameA
SetTimer
RedrawWindow
GetMessageA
TranslateMessage
DispatchMessageA
DialogBoxParamA
SetWindowRgn
DestroyWindow
CharPrevA
GetWindowTextA
EnableWindow
GetWindowLongA
ClientToScreen
GetFocus
DefWindowProcA
GetForegroundWindow
GetCursorPos
PtInRect
InvalidateRect
BeginPaint
EndPaint
SetWindowTextA
LoadIconA
SendMessageA
GetSystemMenu
EnableMenuItem
SetDlgItemTextA
GetDlgItem
SetForegroundWindow
SetActiveWindow
SetFocus
ShowWindow
GetWindowRect
ScreenToClient
SetWindowPos
EndDialog
LoadStringA
GetDC
ReleaseDC
DrawTextW
MessageBoxA
EnumWindows

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocStringLen
SysAllocString
SysStringLen

gdi32

CreatePatternBrush
GetDeviceCaps
CreateBitmap
GetObjectA
BitBlt
StretchBlt
SetBkMode
CombineRgn
CreateCompatibleDC
SelectObject
DeleteDC
GetTextExtentPointW
CreateFontW
DeleteObject
GetPixel
CreateRectRgn
TextOutW
GetTextExtentPoint32A
SetPixel
GetStockObject
SetTextColor

advapi32

ConvertSidToStringSidA
IsValidSid
GetLengthSid
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
RegOpenKeyA
InitializeSecurityDescriptor
RegSetValueA
RegQueryValueExA
OpenProcessToken
GetTokenInformation
EqualSid
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
FreeSid
GetUserNameA
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
LookupAccountNameA
AllocateAndInitializeSid

shell32

SHGetSpecialFolderPathA
SHGetFolderPathW
ShellExecuteExA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

msimg32

TransparentBlt

kernel32

RtlUnwind
TerminateProcess
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
UnhandledExceptionFilter
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetCurrentDirectoryA
GetSystemInfo
GetFileAttributesA
GetDriveTypeA
GetTempPathA
GetTempFileNameA
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
FileTimeToLocalFileTime
GetModuleHandleW
ExitProcess
GetCommandLineA
GetStartupInfoA
GetFileType
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetEnvironmentVariableA
GetFullPathNameA
SetEndOfFile
GetTimeZoneInformation
VirtualFree
HeapCreate
VirtualAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
SetHandleCount
GetStdHandle
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
FlushFileBuffers
LCMapStringA
LCMapStringW
CompareStringA
HeapDestroy
CreateMutexA
FreeResource
CopyFileA
GetLocaleInfoA
GetSystemTime
GetSystemTimeAsFileTime
GetFileSizeEx
RaiseException
GetLastError
lstrcpyA
lstrlenA
CloseHandle
CompareStringW
OpenMutexA
ReadFile
PeekNamedPipe
WriteFile
ConnectNamedPipe
CreateNamedPipeA
Process32Next
OpenProcess
Process32First
CreateToolhelp32Snapshot
GetVersionExA
FreeLibrary
GetProcAddress
LoadLibraryA
WideCharToMultiByte
RemoveDirectoryA
FindClose
DeleteFileA
FindNextFileA
FindFirstFileA
GetModuleFileNameA
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetCurrentProcess
GetModuleHandleA
ExpandEnvironmentStringsA
MultiByteToWideChar
GetFileSize
CreateFileA
Sleep
CreateDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
LocalFree
CompareFileTime
SystemTimeToFileTime
GetFileTime
GetTickCount
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
SetFileAttributesA
SetFilePointer
FileTimeToSystemTime
GetFileInformationByHandle

rpcrt4

UuidToStringA
RpcStringFreeA

crypt32

CertFreeCertificateContext
CertFindCertificateInStore
CryptMsgGetParam
CryptQueryObject
CryptMsgClose
CertCloseStore
CertGetNameStringW

Sections

.text
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 508KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

443d64a3ea4f74b9ce0ef1988a38cc73

Headers

DLL Characteristics

File Characteristics

Imports

ole32

shlwapi

wininet

user32

oleaut32

gdi32

advapi32

shell32

version

msimg32

kernel32

rpcrt4

crypt32

Sections

.text Size: 355KB - Virtual size: 354KB

.rdata Size: 49KB - Virtual size: 49KB

.data Size: 10KB - Virtual size: 102KB

.rsrc Size: 36KB - Virtual size: 36KB

.vmp0 Size: 508KB - Virtual size: 1.6MB

.text
Size: 355KB - Virtual size: 354KB

.rdata
Size: 49KB - Virtual size: 49KB

.data
Size: 10KB - Virtual size: 102KB

.rsrc
Size: 36KB - Virtual size: 36KB

.vmp0
Size: 508KB - Virtual size: 1.6MB