493b739e7b8bc336cfe783a2d2e36bd3699017b05d62aeb65868969fa1323ac0

Sharing

Copy URL

Twitter E-mail

General

Target

493b739e7b8bc336cfe783a2d2e36bd3699017b05d62aeb65868969fa1323ac0
Size

604KB
MD5

9657bab1e3afb217e16972315f4ea5c0
SHA1

d214e8ea2bd425ba0f367c28db97cc1e294211bb
SHA256

493b739e7b8bc336cfe783a2d2e36bd3699017b05d62aeb65868969fa1323ac0
SHA512

2acf25b8d12cbb5c17efffadc16448951aab4f8b72def2be004b15457ebfa00d28431a6d6c8aebb3b5bc1df05c0db01cc0daf52427047f09d1769b48cc345bc4
SSDEEP

6144:XLNMwb2UAcMX+0S50QbuErAS5iYDQqtKVuO2LC3eAhj3HHyplGoipSsQLH5Ada:bLbjAJX+0S50gtAXqtKVdt1SpYXSsPda

Score

N/A

Malware Config

Signatures

Files

493b739e7b8bc336cfe783a2d2e36bd3699017b05d62aeb65868969fa1323ac0
.exe windows x86

5be049d6bb4a54d97c25a773aa18c568

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

winmm

joyGetPosEx

kernel32

SetErrorMode
FindResourceExA
WritePrivateProfileStringA
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetFileSize
GetFileTime
HeapReAlloc
HeapAlloc
GetStartupInfoA
ExitProcess
RaiseException
TerminateProcess
SetStdHandle
GetFileType
HeapSize
TlsGetValue
GetCPInfo
GetFileAttributesA
LCMapStringW
GetOEMCP
HeapFree
GetLocalTime
GetProcessVersion
lstrcpyA
IsBadWritePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetDriveTypeA
GetDiskFreeSpaceA
GetACP
EnterCriticalSection
GetVolumeInformationA
GetTempPathA
GlobalMemoryStatus
CreateMutexA
GetUserDefaultLangID
GetCommandLineA
LocalReAlloc
TlsSetValue
TlsFree
GlobalReAlloc
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
SizeofResource
InitializeCriticalSection
LocalAlloc
GlobalFlags
FindNextFileA
lstrcmpA
GlobalAlloc
VirtualProtect
LocalFree
MulDiv
GetModuleFileNameA
GetFullPathNameA
FindClose
lstrcpynA
FindFirstFileA
SetEndOfFile
GetEnvironmentVariableA
FlushFileBuffers
GetProfileIntA
UnlockFile
LockFile
HeapDestroy
ReadFile
SetFilePointer
SearchPathA
WriteFile
DuplicateHandle
CreateFileA
GetCurrentProcess
InterlockedDecrement
MultiByteToWideChar
lstrlenA
lstrcatA
InterlockedIncrement
GetVersion
lstrcmpiA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
HeapCreate
GlobalLock
FreeLibrary
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
WideCharToMultiByte
CloseHandle
OpenProcess
GetModuleHandleA
Sleep
GetSystemInfo
OutputDebugStringA
GetVersionExA
SetThreadPriority
GetCurrentThread
GetTickCount
GetLogicalDriveStringsA
VirtualFree
VirtualAlloc
LCMapStringA
LoadLibraryA
GetProfileStringA
SetLastError
GetLastError
CreateProcessA
SetCurrentDirectoryA
GetSystemDirectoryA
GetCurrentDirectoryA
GetProcAddress

user32

GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
ModifyMenuA
CharUpperA
ClientToScreen
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetAsyncKeyState
MapDialogRect
PostQuitMessage
SetCursor
GetCursorPos
ValidateRect
GetMessageA
WaitMessage
KillTimer
SetTimer
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
DestroyMenu
LoadStringA
InflateRect
InvalidateRect
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetKeyboardType
GetDesktopWindow
EnumDisplaySettingsA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetWindowRect
LoadIconA
MessageBoxA
GetForegroundWindow
SetCapture
SetFocus
ReleaseCapture
SetActiveWindow
PeekMessageA
TranslateMessage
SetWindowTextA
IsDialogMessageA
DispatchMessageA
GetDC
LoadImageA
ShowWindow
GetTopWindow
SendMessageA
EnableWindow
GetKeyState
SetPropA
DrawFocusRect
DefDlgProcA
ExcludeUpdateRgn
HideCaret
UnregisterClassA
CharNextA
IsWindowUnicode
ShowCaret

gdi32

CreateDIBitmap
GetBitmapBits
GetDeviceCaps
GetBitmapDimensionEx
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
IntersectClipRect
DeleteObject
CreateSolidBrush
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
PatBlt
EnumFontFamiliesExA
BitBlt
CreateCompatibleDC
GetTextExtentPointA
SetBitmapBits

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumValueA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageA
PropertySheetA
ImageList_Destroy
ord17

ole32

CoUninitialize
CoCreateInstance
CoInitialize

wsock32

ntohs
inet_addr
WSAGetLastError
ioctlsocket
bind
gethostbyname
htonl
closesocket
WSASetLastError
recv
send
WSAAsyncSelect
inet_ntoa
socket
recvfrom
sendto
connect
WSAStartup
WSACleanup
select
accept
htons

Sections

.text
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5be049d6bb4a54d97c25a773aa18c568

Headers

File Characteristics

Imports

version

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

ole32

wsock32

Sections

.text Size: 220KB - Virtual size: 216KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 80KB - Virtual size: 274KB

.rsrc Size: 252KB - Virtual size: 249KB

.text
Size: 220KB - Virtual size: 216KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 80KB - Virtual size: 274KB

.rsrc
Size: 252KB - Virtual size: 249KB