1de52dec13cc885cdd3535ae85dd81197b084a19cc7792fc7b906d3aebf48fb7

Sharing

Copy URL Twitter E-mail

General

Target

1de52dec13cc885cdd3535ae85dd81197b084a19cc7792fc7b906d3aebf48fb7
Size

1.3MB
MD5

48acfbd45b01f15688c43bbf19f37de0
SHA1

24405b7c1c84c58516442f4d498217560099c563
SHA256

1de52dec13cc885cdd3535ae85dd81197b084a19cc7792fc7b906d3aebf48fb7
SHA512

22791059793590065618fb133c18a307a027c17f04e3fd40a72bf6bc85378ae72af59c58428028d7007eceaedd4ed9a0dfee63bd6ccc3444bd6a3dccfd8eb160
SSDEEP

24576:Kt5RmGttOsaiSRqVBXKGs7Qy9EAZI6lK1FpHTBKVGJGayq3:imeanaKFQy9ECsJTBKVGJGan3

Score

N/A

Malware Config

Signatures

Files

1de52dec13cc885cdd3535ae85dd81197b084a19cc7792fc7b906d3aebf48fb7
.exe windows x86

db38b1343bb8addcc95590369702b85e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MiniDumpWriteDump

kernel32

GetModuleHandleA
CreateDirectoryA
GetProcAddress
LoadLibraryA
lstrcatA
FreeLibrary
GetSystemDirectoryA
GlobalFree
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileA
GetLocalTime
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GlobalAlloc
GetTempPathA
ExitProcess
ReleaseMutex
GetLastError
CreateMutexA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
OutputDebugStringA
LocalFree
FormatMessageA
GetLongPathNameA
DeviceIoControl
IsDebuggerPresent
VirtualQuery
SetFilePointer
lstrcpyA
WriteFile
lstrlenA
RaiseException
GetSystemInfo
GetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
GlobalMemoryStatus
GetSystemTimeAsFileTime
GetVersionExA
lstrcpynA
SetLastError
GetComputerNameA
ExpandEnvironmentStringsA
WideCharToMultiByte
ReadProcessMemory
FlushViewOfFile
OpenFileMappingA
GetPrivateProfileStringA
DeleteFileA
FindClose
FindFirstFileA
WaitForSingleObject
ReadFile
ResumeThread
CreateThread
InterlockedDecrement
lstrcmpA
InterlockedIncrement
lstrlenW
SetProcessWorkingSetSize
WriteConsoleA
SetStdHandle
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InterlockedExchange
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
FlushFileBuffers
HeapSize
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetTickCount
lstrcmpiA
GetModuleFileNameA
GetEnvironmentVariableA
MultiByteToWideChar
FindResourceA
SizeofResource
LoadResource
LockResource
FreeResource
CreateToolhelp32Snapshot
Process32First
Process32Next
GetCPInfo
GetStdHandle
HeapDestroy
HeapCreate
HeapReAlloc
VirtualFree
FatalAppExitA
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetCurrentThread
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineA
GetModuleHandleW
VirtualAlloc
VirtualProtect
FindNextFileA
FileTimeToSystemTime
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
Sleep
CreateProcessA
GetProcessHeap
HeapAlloc
HeapFree
OpenProcess
CloseHandle
QueryPerformanceCounter
GetConsoleOutputCP
CopyFileA
GetFileAttributesA
WriteConsoleW

user32

IsWindow
ShowWindow
GetForegroundWindow
GetSystemMetrics
SetWindowPos
SystemParametersInfoA
SendMessageA
PostThreadMessageA
DispatchMessageA
TranslateMessage
GetWindowTextA
wsprintfA
wvsprintfA
GetWindowRect
EnumChildWindows
PostMessageA
DefWindowProcA
EnumWindows
GetClassNameA
PostQuitMessage
RegisterClassA
CreateWindowExA
UpdateWindow
FindWindowExA
GetParent
IsWindowVisible
GetMessageA
GetWindowThreadProcessId
GetClientRect

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegCloseKey
GetUserNameA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AdjustTokenPrivileges
LookupPrivilegeValueA
RegQueryValueExA
OpenProcessToken

shell32

ShellExecuteExA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

StgCreateDocfile
OleCreate
OleInitialize
OleUninitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal

oleaut32

CreateErrorInfo
SetErrorInfo
GetErrorInfo
SysAllocString
SysFreeString
VariantInit
VariantClear
VariantCopy
VarCmp
SysStringLen
VariantChangeType
SysAllocStringByteLen
SysAllocStringLen
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
SysStringByteLen
SafeArrayAccessData

ws2_32

accept
listen
recvfrom
WSAStartup
WSACleanup
inet_ntoa
gethostbyname
gethostname
closesocket
WSAGetLastError
setsockopt
socket
inet_addr
recv
getpeername
send
htons
ntohs
WSAIoctl
bind
getsockname
__WSAFDIsSet
select
connect
ioctlsocket
shutdown
htonl
sendto

winmm

timeKillEvent

shlwapi

PathIsDirectoryA
StrStrIA
UrlUnescapeA

wininet

InternetOpenA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetGetConnectedState
HttpQueryInfoA
InternetOpenUrlA
HttpOpenRequestA
InternetSetOptionA
InternetConnectA
DeleteUrlCacheEntry
InternetReadFile
InternetCloseHandle
HttpSendRequestA

iphlpapi

GetBestRoute
CreateIpNetEntry
GetIfTable
GetUdpStatistics
GetTcpStatistics
GetIcmpStatistics
GetIpStatistics
GetAdaptersInfo
GetIpAddrTable
GetPerAdapterInfo

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

psapi

GetModuleFileNameExA
EnumProcessModules
EnumProcesses

Sections

.text
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 882KB - Virtual size: 881KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db38b1343bb8addcc95590369702b85e

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

kernel32

user32

advapi32

shell32

ole32

oleaut32

ws2_32

winmm

shlwapi

wininet

iphlpapi

version

psapi

Sections

.text Size: 364KB - Virtual size: 364KB

.rdata Size: 67KB - Virtual size: 66KB

.data Size: 13KB - Virtual size: 52KB

.rsrc Size: 882KB - Virtual size: 881KB

.text
Size: 364KB - Virtual size: 364KB

.rdata
Size: 67KB - Virtual size: 66KB

.data
Size: 13KB - Virtual size: 52KB

.rsrc
Size: 882KB - Virtual size: 881KB