d958880e410f72f5c6074427ebf4e52f5ebd7459518a4727b822be13b9bbedf1

Sharing

Copy URL Twitter E-mail

General

Target

d958880e410f72f5c6074427ebf4e52f5ebd7459518a4727b822be13b9bbedf1
Size

488KB
MD5

a048d122587a949c36aa68e4da62e2c0
SHA1

b0c526f5e0219d1a81a90e3a9e9dbc47c4be6bec
SHA256

d958880e410f72f5c6074427ebf4e52f5ebd7459518a4727b822be13b9bbedf1
SHA512

25bdd74341f56bf3e655ac79a05212a0c64a93f431a46140f88b772389beadf5b6082e8ec9df86dc8a58265636447a04417bf1c7a9833546b692ffb50c41b0db
SSDEEP

6144:cKH+zCB/4SusIn5M+dASOmUGudQO+1g3gElkRoMpRa8/aRWuPBJNsF4ks+C:cC+awSVInO+dMjI9EgMRWNP

Score

N/A

Malware Config

Signatures

Files

d958880e410f72f5c6074427ebf4e52f5ebd7459518a4727b822be13b9bbedf1
.exe windows x86

ddfdc51491f415602d9cbcd89ee19b1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteValueW
StrStrIA
SHSetValueW
StrTrimW
PathStripPathW
PathRemoveFileSpecW
PathFileExistsW
PathFindFileNameW
PathIsUNCW
PathSetDlgItemPathW
StrCatW
PathStripToRootW
StrTrimA

user32

SetCursor
GetSystemMetrics
PostThreadMessageW
PeekMessageW
CallWindowProcW
ModifyMenuW
LoadIconW
GetDC
IsChild
FrameRect
GetMenuItemCount
GetMonitorInfoW
MessageBoxW
BringWindowToTop
SetClipboardData
LoadStringW
GetWindowTextW
RegisterClassExW
DrawFocusRect
SetWindowTextW
GetWindowLongW
GetNextDlgTabItem
wsprintfW
CheckDlgButton
CreateWindowExW
DestroyWindow
LoadBitmapW
DestroyAcceleratorTable
GetScrollInfo
CharUpperW
InvalidateRgn
ClientToScreen
IsWindow
OpenClipboard
RegisterWindowMessageW
ShowWindow
OffsetRect
EmptyClipboard
SetMenuDefaultItem
DispatchMessageW
LoadAcceleratorsW
CharNextW
SetClassLongW
ReleaseCapture
GetNextDlgGroupItem
GetKeyState
UnregisterClassA
GetDlgCtrlID
CopyRect
RegisterClassW
GetSubMenu
GetDlgItem
DeferWindowPos
WindowFromPoint
EnumChildWindows
DefWindowProcW

winmm

PlaySoundA
waveInGetNumDevs
mmioOpenA
waveOutPause
mmioClose
waveInGetDevCapsA

advapi32

RegOpenKeyExA
RegEnumKeyA
RegQueryInfoKeyA
FreeSid
RegSetValueExA
RegDeleteValueA
OpenThreadToken
AllocateAndInitializeSid
RegQueryValueA

gdi32

CreateBitmap
SelectObject
IntersectClipRect
GetTextMetricsA
TextOutW
LineTo
BeginPath
SetROP2
GetPixel
GetTextExtentPoint32W
EndPage
GetTextColor
GetTextMetricsW
OffsetViewportOrgEx
CreateFontIndirectW
SaveDC
CreateDCW
GetStockObject
GetWindowExtEx
StartPage
SetBkColor
EndPath
Polygon
GetDIBits
GetTextCharsetInfo
CreateRectRgn
GetPaletteEntries
MoveToEx
GetDeviceCaps
BitBlt
SetMapMode
CreatePen
StretchBlt
GetObjectW
RectVisible
StretchDIBits
GdiFlush
Polyline
SetWindowOrgEx
Escape
CombineRgn
Ellipse
CreatePalette
CreateCompatibleBitmap
AbortDoc
ExtTextOutW
SetStretchBltMode
CreateRectRgnIndirect
ExcludeClipRect
EnumFontFamiliesExW
CreateSolidBrush
SetViewportOrgEx
EqualRgn
DPtoLP
SetWindowExtEx
CreateCompatibleDC
CreateEllipticRgn
RestoreDC
SetTextAlign
PtVisible
RealizePalette
RectInRegion
SetViewportExtEx
DeleteDC
DeleteObject
SetBkMode
PolyBezier
SetTextColor
SetAbortProc
OffsetRgn
CreateDIBSection
Rectangle
GetViewportExtEx
EndDoc
SetPolyFillMode

comctl32

ImageList_Replace
ImageList_EndDrag
ImageList_DragShowNolock
ImageList_GetImageInfo
CreatePropertySheetPageA
ImageList_DragEnter
ImageList_BeginDrag
ImageList_AddMasked
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_Add
ImageList_Draw
ImageList_DragMove
ImageList_Write
ImageList_Read
ImageList_GetBkColor
DestroyPropertySheetPage

kernel32

OutputDebugStringA
GetProcAddress
GetVersionExA
CloseHandle
GetCommandLineW
SetFilePointer
GetACP
SetEnvironmentVariableA
UnhandledExceptionFilter
IsBadWritePtr
GetModuleHandleA
FreeEnvironmentStringsA
HeapReAlloc
InterlockedDecrement
GetDateFormatA
MultiByteToWideChar
TlsGetValue
FlushFileBuffers
EnterCriticalSection
ExitProcess
GetOEMCP
GetStringTypeW
GetCommandLineA
VirtualAlloc
GetCurrentProcessId
VirtualProtect
GetSystemTimeAsFileTime
GetFileType
GetEnvironmentStrings
DebugBreak
GetTimeZoneInformation
GetStdHandle
GetModuleFileNameA
VirtualQuery
InterlockedIncrement
GetStartupInfoW
GetSystemInfo
QueryPerformanceCounter
HeapFree
TlsSetValue
CompareStringA
GetStringTypeA
DeleteCriticalSection
TlsAlloc
WriteFile
RtlUnwind
GetTickCount
LoadLibraryW
IsBadReadPtr
CompareStringW
InitializeCriticalSection
HeapAlloc
GetModuleHandleW
TlsFree
GetModuleFileNameW
SetLastError
LeaveCriticalSection
GetLocaleInfoA
HeapDestroy
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
SetStdHandle
GetCurrentThreadId
RaiseException
ReadFile
LoadLibraryA
IsBadCodePtr
VirtualFree
GetCPInfo
LCMapStringW
CreateMutexW
GetCurrentProcess
GetTimeFormatA
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
LCMapStringA
GetStartupInfoA
SetHandleCount
GetLastError
HeapValidate
TerminateProcess
InterlockedExchange

shell32

SHGetSpecialFolderLocation
ord155
DragQueryFileW
CommandLineToArgvW
DragFinish
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddfdc51491f415602d9cbcd89ee19b1a

Headers

File Characteristics

Imports

shlwapi

user32

winmm

advapi32

gdi32

comctl32

kernel32

shell32

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 264KB - Virtual size: 262KB

.data Size: 76KB - Virtual size: 81KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 264KB - Virtual size: 262KB

.data
Size: 76KB - Virtual size: 81KB

.rsrc
Size: 20KB - Virtual size: 17KB