06afbf7650fa80beea1d68b536124d34dba6cbc51c266fa222c8a41b8c61e47d

Sharing

Copy URL Twitter E-mail

General

Target

06afbf7650fa80beea1d68b536124d34dba6cbc51c266fa222c8a41b8c61e47d
Size

453KB
MD5

6d5d5be76f074e8b1b9d02f0f2bffacf
SHA1

39a19f7ab166f55a3dba1942c07037fcd4f68631
SHA256

06afbf7650fa80beea1d68b536124d34dba6cbc51c266fa222c8a41b8c61e47d
SHA512

a372d73197a8c7bd7247ca8f0e7e2f7760f0db19460a36bc12c8180d06ef4f7fca7c52592830ddef99916d83ae8e5a82151023a85c04347dd32ddcdd3071f9ea
SSDEEP

6144:bMeWJvxAaHeM1zTh4BwSY82QSAXv574Fn:YjAueM1JOY8gOvR49

Score

N/A

Malware Config

Signatures

Files

06afbf7650fa80beea1d68b536124d34dba6cbc51c266fa222c8a41b8c61e47d
.exe windows x86

f67f536eebc66723743576123a687345

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExA
RegEnumKeyA
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptAcquireContextA

crypt32

CertGetNameStringW
CertFindCertificateInStore
CryptMsgGetParam
CryptQueryObject
CryptMsgClose
CertCloseStore

version

VerQueryValueA
GetFileVersionInfoA

user32

IsWindowUnicode
ReleaseCapture
SetCapture
FillRect
GetClientRect
MapDialogRect
SetWindowContextHelpId
GetWindowRect
PtInRect
SetCursor
GetDlgCtrlID
LoadBitmapA
EnableWindow
EndDialog
RegisterClassA
ShowWindow
PostQuitMessage
CreatePopupMenu
AppendMenuA
GetCursorPos
SetForegroundWindow
TrackPopupMenu
PostMessageA
GetSystemMetrics
LoadImageA
DialogBoxIndirectParamA
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
RegisterClassExA
GetDC
UnregisterClassA
MessageBoxA
LoadStringA
CharNextA
wsprintfA
GetDesktopWindow
PeekMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageA
GetMessageW
GetSysColor
MsgWaitForMultipleObjects
ReleaseDC
SetWindowLongA
InvalidateRect
InvalidateRgn
CallWindowProcA
EndPaint
BeginPaint
SetFocus
GetWindow
IsChild
GetFocus
DestroyAcceleratorTable
GetWindowLongA
DefWindowProcA
GetClassInfoExA
LoadCursorA
CreateWindowExA
CreateAcceleratorTableA
GetParent
GetClassNameA
SetWindowPos
DestroyWindow
RedrawWindow
GetDlgItem
IsWindow
SendMessageA

gdi32

StretchBlt
SetTextColor
SaveDC
SetGraphicsMode
ModifyWorldTransform
SetViewportOrgEx
SetWindowOrgEx
DPtoLP
CreateFontIndirectA
RestoreDC
CreateSolidBrush
GetStockObject
GetObjectA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
SetBkMode

comctl32

ord17

wintrust

WinVerifyTrust

wininet

InternetErrorDlg
InternetTimeToSystemTime
InternetReadFile
HttpAddRequestHeadersA
InternetOpenA
InternetCrackUrlA
InternetConnectA
HttpOpenRequestA
InternetTimeFromSystemTime
InternetGetConnectedState
InternetCloseHandle
HttpQueryInfoA
HttpSendRequestA

urlmon

URLDownloadToFileA

shell32

ShellExecuteA
Shell_NotifyIconA

kernel32

FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetCPInfo
GetOEMCP
GetTimeZoneInformation
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
HeapSize
CompareStringW
IsBadWritePtr
HeapCreate
HeapDestroy
ExitProcess
GetStartupInfoA
GetSystemTimeAsFileTime
HeapReAlloc
VirtualQuery
SetEnvironmentVariableA
RtlUnwind
GetEnvironmentStrings
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
CreatePipe
SetHandleInformation
ReadFile
GetCurrentProcessId
GetTickCount
SystemTimeToTzSpecificLocalTime
LocalFree
GetEnvironmentVariableA
GetTempPathA
GetSystemInfo
LoadLibraryA
GetProcAddress
OpenEventA
GetSystemTime
CreateEventA
CreateThread
ResetEvent
WaitForMultipleObjects
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
CompareStringA
VirtualProtect
TerminateProcess
SetEvent
LockResource
GlobalHandle
GlobalFree
SetLastError
GlobalLock
GlobalUnlock
MulDiv
GetCurrentThreadId
FormatMessageA
DeleteFileA
CreateProcessA
GetExitCodeProcess
GlobalAlloc
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
lstrcpyA
lstrcatA
CreateFileA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
GetLastError
CreateMutexA
lstrcmpiA
GetCommandLineA
InterlockedIncrement
InterlockedDecrement
lstrlenW
GetModuleHandleA
MultiByteToWideChar
lstrlenA
GetModuleFileNameA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
lstrcmpA
WriteFile
WaitForSingleObject
SetEndOfFile
SetFilePointer
CompareFileTime
SystemTimeToFileTime
Sleep
FileTimeToSystemTime
GetFileTime
GetFileSize

ole32

OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
StringFromCLSID
CoInitializeSecurity
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
StringFromGUID2

oleaut32

VarUI4FromStr
SysAllocStringLen
LoadTypeLi
LoadRegTypeLi
VariantInit
VariantClear
OleCreateFontIndirect
SysStringByteLen
SysStringLen
SysAllocString
SysFreeString

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.krdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f67f536eebc66723743576123a687345

Headers

File Characteristics

Imports

advapi32

crypt32

version

user32

gdi32

comctl32

wintrust

wininet

urlmon

shell32

kernel32

ole32

oleaut32

Sections

.text Size: 124KB - Virtual size: 121KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 204KB - Virtual size: 203KB

.krdata Size: 76KB - Virtual size: 76KB

.text
Size: 124KB - Virtual size: 121KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 204KB - Virtual size: 203KB

.krdata
Size: 76KB - Virtual size: 76KB