2a0c105d9b5a6384803c7d553e9cf5483a703748af32d265b90873a792439b58

Sharing

Copy URL Twitter E-mail

General

Target

2a0c105d9b5a6384803c7d553e9cf5483a703748af32d265b90873a792439b58
Size

1.1MB
MD5

a0067f9b7dd176a6387c3eff169cc8e0
SHA1

8ef4f845f6f7510692d2e943a0d976507b570e09
SHA256

2a0c105d9b5a6384803c7d553e9cf5483a703748af32d265b90873a792439b58
SHA512

a896c53fdb594c2d9afc626f2f1f18aca79ca7c00f3fac7c1a886e27bc978722838d16287d7b8936491bec3a3156ea69bb84dada680024244df9888f17dfadb6
SSDEEP

12288:8FYLpH2uC/Caxc4FzLgIoeoetBtGDNCHLwYZ4J81jM61/6WsgeqBzTkKkfHcOI5d:8niYonybNHLb5XknaR4G4pOTsFCGrO

Score

N/A

Malware Config

Signatures

Files

2a0c105d9b5a6384803c7d553e9cf5483a703748af32d265b90873a792439b58
.exe windows x86

dbe34a1de396bb71c99291ebe66de356

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetVersionExW
lstrlenA
MultiByteToWideChar
FindClose
FindFirstFileW
InterlockedDecrement
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
FreeResource
LockResource
CreateEventW
SetLastError
GetCurrentThreadId
Sleep
FlushInstructionCache
CloseHandle
CreateThread
WaitForSingleObject
SetEvent
FreeLibrary
ReleaseSemaphore
TlsSetValue
GetSystemTimeAsFileTime
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
SetStdHandle
SetConsoleCtrlHandler
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileType
SetHandleCount
GetLocaleInfoW
GetTimeZoneInformation
FatalAppExitA
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetConsoleMode
GetConsoleCP
lstrlenW
GetModuleHandleW
GetProcAddress
GetPrivateProfileStringW
DeleteFileW
MoveFileW
GetLastError
WriteFile
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileIntW
ReadFile
DeleteCriticalSection
InitializeCriticalSection
lstrcpyW
LocalFree
GetModuleFileNameW
GetCommandLineW
CreateSemaphoreW
GetStdHandle
ExitProcess
HeapDestroy
HeapCreate
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCurrentThread
TlsFree
LCMapStringW
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCPInfo
VirtualQuery
GetSystemInfo
VirtualProtect
GetSystemTime
LoadLibraryA
GetFullPathNameW
GetFullPathNameA
UnlockFile
LockFileEx
LockFile
GetFileSize
SetEndOfFile
FlushFileBuffers
SetFilePointer
GetTempPathW
GetTempPathA
GetFileAttributesW
DeleteFileA
GetFileAttributesA
IsDebuggerPresent
GetDateFormatA
GetTimeFormatA
RtlUnwind
DecodePointer
EncodePointer
GetStringTypeW
InterlockedExchange
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
CreateFileW
CreateFileA
TlsAlloc
AreFileApisANSI
TlsGetValue

user32

EndDialog
SetWindowLongW
PostThreadMessageW
DialogBoxParamW
GetDlgItem
TranslateMessage
GetMessageW
LoadIconW
SendDlgItemMessageW
SetDlgItemTextW
TrackPopupMenu
DispatchMessageW
GetWindowLongW
SetLayeredWindowAttributes
wsprintfW
CharNextW
UnregisterClassA
GetSysColor
SetCursor
LoadCursorW
PtInRect
GetWindowRect
GetSubMenu
LoadMenuW
SendMessageW
LoadBitmapW
GetClientRect

gdi32

CreateRoundRectRgn
FrameRgn
SetTextColor
SetBkColor
GetObjectW
CreateFontIndirectW
CreateSolidBrush
PaintRgn

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey

shell32

CommandLineToArgvW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoInitialize
CoUninitialize
StringFromGUID2
CoRegisterClassObject
CoRevokeClassObject
CoAddRefServerProcess
CoReleaseServerProcess
CLSIDFromProgID
CLSIDFromString
OleRun
CoTaskMemAlloc

oleaut32

SysStringByteLen
SysAllocStringByteLen
VariantChangeType
UnRegisterTypeLi
RegisterTypeLi
SysStringLen
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SysAllocStringLen
SysFreeString
VariantCopy
VariantClear
SysAllocString
VariantInit
GetErrorInfo
SetErrorInfo
CreateErrorInfo

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

secur32

GetUserNameExW

winhttp

WinHttpCloseHandle
WinHttpSetStatusCallback
WinHttpSetOption
WinHttpOpen
WinHttpOpenRequest
WinHttpConnect
WinHttpCrackUrl
WinHttpGetProxyForUrl
WinHttpQueryHeaders
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpReceiveResponse
WinHttpSendRequest

Sections

.text
Size: 741KB - Virtual size: 741KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbe34a1de396bb71c99291ebe66de356

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

secur32

winhttp

Sections

.text Size: 741KB - Virtual size: 741KB

.rdata Size: 99KB - Virtual size: 98KB

.data Size: 9KB - Virtual size: 19KB

.rsrc Size: 67KB - Virtual size: 67KB

.reloc Size: 25KB - Virtual size: 25KB

.text
Size: 741KB - Virtual size: 741KB

.rdata
Size: 99KB - Virtual size: 98KB

.data
Size: 9KB - Virtual size: 19KB

.rsrc
Size: 67KB - Virtual size: 67KB

.reloc
Size: 25KB - Virtual size: 25KB