11731ccbbae2d56d4cc3f2bb0f2b1fb815c7edd19e596f16d176c319313c3048

Sharing

Copy URL Twitter E-mail

General

Target

11731ccbbae2d56d4cc3f2bb0f2b1fb815c7edd19e596f16d176c319313c3048
Size

160KB
MD5

90197d4237f1b4311b534c311e2da432
SHA1

98ae747a3e4a8bf3701926c33ec12a8b54cfd78e
SHA256

11731ccbbae2d56d4cc3f2bb0f2b1fb815c7edd19e596f16d176c319313c3048
SHA512

25ac85eca97d2ee8daa10a953bee6c736fb26bd9afd40bd5074d276326133710b255af89c7796755882ed8d0824c2da686f20bb20fc5163a880e231763b6b02c
SSDEEP

3072:6LGWJm50fYLxndfaW1ttWCFptJytWpdvxHJY6TQwksMIl:F0wLhPJHRJy8HpS6/ksPl

Score

N/A

Malware Config

Signatures

Files

11731ccbbae2d56d4cc3f2bb0f2b1fb815c7edd19e596f16d176c319313c3048
.exe windows x86

115a65ceaad56a18f57b829c0a2ffd6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
GetProcessHeap
CreateMutexW
Sleep
TerminateProcess
IsDebuggerPresent
OpenProcess
GetCurrentThreadId
CreateProcessW
ExitProcess
CreateThread
HeapCreate
GetCurrentThreadId
GetCurrentProcess
SetPriorityClass
TerminateThread
GetFileSize
IsBadStringPtrA
SetEvent
GetVersionExW
LoadLibraryW
GetModuleHandleW
EnterCriticalSection
lstrcpynW
GetProcAddress
SetUnhandledExceptionFilter
RtlUnwind
CloseHandle
MapViewOfFile
lstrcatW
InitializeCriticalSectionAndSpinCount
CreateFileMappingW
UnmapViewOfFile
HeapDestroy
VirtualFree
CreateFileW
SetThreadPriority
HeapReAlloc
WaitForMultipleObjects
UnhandledExceptionFilter
HeapAlloc
SetCommConfig
SuspendThread
MulDiv
GetCommandLineW
lstrcmpW
lstrcpyW
ReleaseMutex
HeapFree
GetLastError
lstrlenW
GetSystemTimeAsFileTime
LeaveCriticalSection
DeleteCriticalSection
GetProcessTimes
WaitForSingleObject
GetModuleFileNameW
SetProcessWorkingSetSize
CreateEventW
ResumeThread

psapi

EnumProcessModules
GetProcessMemoryInfo
GetModuleFileNameExW

gdi32

SetMapMode
SetTextColor
GetDeviceCaps
RoundRect
StretchBlt
GetTextMetricsW
GetStockObject
CreateRectRgnIndirect
CreatePatternBrush
CreateCompatibleDC
DeleteObject
CombineRgn
SetGraphicsMode
SetWorldTransform
SetBkMode
GetRegionData
CreatePen
GetObjectW
SetStretchBltMode
SelectObject
CreateFontW
BitBlt
ExtCreateRegion
GetTextExtentExPointW
CreateSolidBrush
Polygon
CreateRectRgn
CreateCompatibleBitmap
DeleteDC

shell32

ShellExecuteW
ExtractIconExW
Shell_NotifyIconW
CommandLineToArgvW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

user32

RegisterWindowMessageW
GetWindow
GetShellWindow
GetSysColor
MessageBoxA
EnumDesktopWindows
TranslateMessage
KillTimer
GetWindowLongW
PostQuitMessage
DrawTextW
SendMessageW
RegisterClassExW
DispatchMessageW
ClientToScreen
GetWindowDC
DrawIconEx
CreateWindowExW
GetDC
SwitchToThisWindow
DefWindowProcW
DrawFrameControl
GetMessageW
CloseDesktop
FrameRect
PtInRect
GetClassNameW

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uwtmwa
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 114KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

115a65ceaad56a18f57b829c0a2ffd6c

Headers

File Characteristics

Imports

kernel32

psapi

gdi32

shell32

version

user32

advapi32

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 6KB - Virtual size: 132KB

.uwtmwa Size: 3KB - Virtual size: 3KB

.edata Size: 114KB - Virtual size: 243KB

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 6KB - Virtual size: 132KB

.uwtmwa
Size: 3KB - Virtual size: 3KB

.edata
Size: 114KB - Virtual size: 243KB