8718bc27bafcb7a9c4c0c5e564b586f9e64fbcf67acafa1aac733d452bcd5704

Sharing

Copy URL Twitter E-mail

General

Target

8718bc27bafcb7a9c4c0c5e564b586f9e64fbcf67acafa1aac733d452bcd5704
Size

324KB
MD5

54040715efabee490ec1d051bfde3670
SHA1

0af8d0a516aa6543a556c81c152b3dd98db9c840
SHA256

8718bc27bafcb7a9c4c0c5e564b586f9e64fbcf67acafa1aac733d452bcd5704
SHA512

98a31c5a6c09578c0e2ef924871d8c8293361da35283818d461b8168a1c7d9df3ddf95d3884b082e0fb0060bc63fc9876b68acec8bea8a110e800f4c1f43478f
SSDEEP

3072:G6kh+7ywJqANrnp2eZPJJNjZgZ5q3uHJwwXqkjFU+JhCiYd+x1JktySNrBW9wirG:3kiylADPJnZEq+pXHZNFdjSP0zo0naGk

Score

N/A

Malware Config

Signatures

Files

8718bc27bafcb7a9c4c0c5e564b586f9e64fbcf67acafa1aac733d452bcd5704
.exe windows x86

868487a146e37f371b6ea57048022bc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
IsDBCSLeadByte
SetLastError
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
LockResource
FindResourceExA
lstrcatA
WritePrivateProfileStringA
LocalFree
FormatMessageA
CloseHandle
CreateEventA
GetTickCount
IsBadWritePtr
FlushFileBuffers
CreateFileA
ReadFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
QueryPerformanceCounter
FlushInstructionCache
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
Sleep
IsValidCodePage
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
WriteFile
ExitProcess
HeapCreate
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualProtect
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GlobalMemoryStatus
GetModuleFileNameA
GetCurrentDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcpynA
GetUserDefaultLangID
lstrcpyA
InterlockedExchange
lstrlenA
lstrcmpiA
lstrlenW
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetFileType

user32

GetSubMenu
GetWindowLongA
SetWindowLongA
GetClientRect
BeginPaint
LoadMenuA
DefWindowProcA
CallWindowProcA
wsprintfA
DestroyIcon
GetMenuItemInfoA
EndPaint
TrackPopupMenu
SetFocus
GetWindowTextA
MessageBoxA
LoadImageA
GetSystemMetrics
UpdateWindow
ShowWindow
SendMessageA
GetClassInfoExA
LoadCursorA
CharNextA
RegisterClassExA
CreateWindowExA
DispatchMessageA
TranslateMessage
GetMessageA
SystemParametersInfoA
MoveWindow
GetWindowRect
ScreenToClient
InvalidateRect
GetParent
IsWindow
IsChild
WindowFromPoint
GetCursorPos
InflateRect
CopyRect
GetDlgItem
ClientToScreen
SetWindowRgn
GetCapture
ReleaseDC
LoadIconA
AdjustWindowRect
GetIconInfo
DrawTextA
DrawIcon
EndDialog
GetWindow
MapWindowPoints
SetWindowPos
SendDlgItemMessageA
SetWindowTextA
GetActiveWindow
SetRectEmpty
DialogBoxParamA
PostQuitMessage
SetRect
PtInRect
DestroyWindow
SetCursor
SetActiveWindow
EnableWindow
KillTimer
SetTimer
IsZoomed
PostMessageA
GetDC
UnregisterClassA

gdi32

CreatePen
StretchBlt
CreateCompatibleBitmap
SelectObject
Rectangle
BitBlt
DeleteDC
GetObjectA
CreateFontIndirectA
DeleteObject
TextOutA
GetTextExtentPoint32A
SetTextColor
SetBkMode
GetStockObject
CreateCompatibleDC
CreateRoundRectRgn

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
CloseEventLog
RegEnumKeyExA

shell32

ShellExecuteA

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSetContainedObject
OleCreateStaticFromData
OleDuplicateData
ReleaseStgMedium
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoUninitialize
CoInitialize

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx
_TrackMouseEvent

gdiplus

GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDrawImageRectRectI
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCreateFromHDC

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

ws2_32

inet_addr
gethostbyname
htons
WSACleanup
socket
WSAGetLastError
WSAAsyncSelect
closesocket
send
WSAStartup
recv
connect

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

868487a146e37f371b6ea57048022bc7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

version

ws2_32

Sections

.text Size: 212KB - Virtual size: 211KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 64KB - Virtual size: 63KB

.text
Size: 212KB - Virtual size: 211KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 64KB - Virtual size: 63KB