377401d361da303e8020123188a93618ab88c2ca3e864989c1a310b5933f556f

Sharing

Copy URL Twitter E-mail

General

Target

377401d361da303e8020123188a93618ab88c2ca3e864989c1a310b5933f556f
Size

724KB
MD5

72b48f41a6ea6d5fc4a072b4b0207b70
SHA1

90267f3ca825f1d0b8d305cd48447561945b5902
SHA256

377401d361da303e8020123188a93618ab88c2ca3e864989c1a310b5933f556f
SHA512

cf86f14342e4e6f67084beed537bb23f95f5e3247349b9a250efdd8ccdd8914b2fe46c023a171f31350a013133fad40e79fec57b5038307597edcec8f45c37d1
SSDEEP

12288:q215pUVLmcvQ9L/RMohItoorpvF5ZZKUYKaq8G1FP566Jg1TyxwZ:q218acY9L5Moh63dFbZDaqdlj4TBZ

Score

N/A

Malware Config

Signatures

Files

377401d361da303e8020123188a93618ab88c2ca3e864989c1a310b5933f556f
.exe windows x86

5e468cbc8ea6272b1cadbbff95d4096d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetStockObject
CreateEllipticRgn
GetTextCharsetInfo
GetDeviceCaps
SetStretchBltMode
SelectClipRgn
SetFontEnumeration
GetEnhMetaFileBits
GetCharWidthW
CreateRectRgnIndirect

advapi32

RegDeleteValueW
LogonUserW
CryptHashSessionKey
ReportEventA
RegEnumValueW
ReportEventW
RegQueryMultipleValuesW
CryptDeriveKey
CryptVerifySignatureA
RegSetKeySecurity
RegQueryValueExA
RegCreateKeyA
RegDeleteKeyW
LookupSecurityDescriptorPartsA
RegEnumValueA
CryptSignHashW
LookupSecurityDescriptorPartsW

user32

RealChildWindowFromPoint
LoadKeyboardLayoutW
EndDeferWindowPos
GetWindowContextHelpId
ShowWindow
MessageBoxW
DrawStateA
GetMenuInfo
MessageBoxIndirectA
DefWindowProcW
CharPrevA
EnableWindow
EnumPropsA
UnloadKeyboardLayout
SwapMouseButton
SetThreadDesktop
IsCharAlphaNumericA
DeferWindowPos
FlashWindow
SetUserObjectInformationA
SetWinEventHook
FindWindowW
CreateWindowExW
GetScrollBarInfo
GetTitleBarInfo
PostMessageA
CallMsgFilterW
LoadCursorW
WindowFromDC
GetCaretPos
FindWindowExW
FillRect
EnumWindowStationsA
GetKeyboardState
DestroyCursor
InvertRect
SetTimer
FreeDDElParam
RegisterClassA
CreateIconFromResource
DdeDisconnectList
CascadeWindows
RegisterClassExW
DestroyWindow
RegisterClassExA
GetInputDesktop
SendInput

wininet

HttpSendRequestExW
InternetTimeFromSystemTimeW
InternetCombineUrlW
FtpDeleteFileW
InternetUnlockRequestFile
FtpGetFileSize
HttpQueryInfoW
InternetCreateUrlW
RegisterUrlCacheNotification

kernel32

GetStringTypeA
GetComputerNameW
SetLastError
FreeEnvironmentStringsW
ReleaseSemaphore
CompareStringW
GetCurrentProcessId
WriteConsoleA
TlsAlloc
lstrcmpA
CreateMutexA
lstrcmpiW
HeapCreate
WriteFile
WaitForSingleObjectEx
EnumSystemCodePagesW
ResumeThread
LeaveCriticalSection
LoadLibraryA
SetTimeZoneInformation
SuspendThread
GetVersionExW
UnhandledExceptionFilter
SetFilePointer
CreateNamedPipeA
GlobalAlloc
ExitProcess
ReadFile
CreateWaitableTimerW
HeapFree
WideCharToMultiByte
GetSystemTimeAsFileTime
HeapReAlloc
TlsGetValue
GetSystemTime
OpenSemaphoreW
DeleteFileA
WriteConsoleInputA
VirtualFree
FindNextFileW
GetStdHandle
GetLogicalDriveStringsA
GetVolumeInformationW
GetCurrentThreadId
InitializeCriticalSection
WaitForSingleObject
GetEnvironmentStrings
SetThreadAffinityMask
LCMapStringA
CopyFileExA
GetModuleHandleA
GetFileType
WriteConsoleOutputW
GetCPInfo
EnterCriticalSection
GetProcAddress
OpenMutexA
TlsSetValue
CompareStringA
GetStringTypeExA
FlushInstructionCache
GetFileAttributesExA
LCMapStringW
TerminateProcess
GetStartupInfoA
GetLastError
SetEnvironmentVariableA
WaitCommEvent
GetAtomNameA
FreeEnvironmentStringsA
GetCurrentProcess
GetThreadLocale
GetStringTypeW
VirtualAlloc
InterlockedIncrement
SetConsoleTitleW
GetLocalTime
GetOEMCP
RtlUnwind
IsBadWritePtr
DeleteCriticalSection
HeapDestroy
QueryPerformanceCounter
TlsFree
SetVolumeLabelA
lstrcpynW
GetACP
GetProfileIntW
LockResource
SetStdHandle
GetPrivateProfileStringA
GetCommandLineA
GetTickCount
GetTimeZoneInformation
OutputDebugStringW
FillConsoleOutputCharacterA
GetSystemDirectoryW
InterlockedExchange
WriteConsoleW
GetUserDefaultLangID
FlushFileBuffers
HeapAlloc
SetHandleCount
InterlockedDecrement
GetModuleFileNameA
GetEnvironmentStringsW
GetVersion
VirtualQuery
SetConsoleTextAttribute
GetCurrentThread
CloseHandle
MultiByteToWideChar

comctl32

ImageList_GetImageInfo
ImageList_AddMasked
DrawInsert
ImageList_GetImageRect
DrawStatusTextA
CreatePropertySheetPageA
InitCommonControlsEx
ImageList_Draw
ImageList_Duplicate
CreateStatusWindowW
ImageList_SetOverlayImage
CreateStatusWindow
CreateStatusWindowA
ImageList_SetBkColor
ImageList_SetImageCount
ImageList_AddIcon
ImageList_DrawEx
ImageList_LoadImageA
ImageList_SetFlags
ImageList_SetFilter
InitMUILanguage
ImageList_ReplaceIcon

comdlg32

GetFileTitleW

Sections

.text
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 392KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e468cbc8ea6272b1cadbbff95d4096d

Headers

File Characteristics

Imports

gdi32

advapi32

user32

wininet

kernel32

comctl32

comdlg32

Sections

.text Size: 172KB - Virtual size: 170KB

.rdata Size: 392KB - Virtual size: 388KB

.data Size: 144KB - Virtual size: 140KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 172KB - Virtual size: 170KB

.rdata
Size: 392KB - Virtual size: 388KB

.data
Size: 144KB - Virtual size: 140KB

.rsrc
Size: 12KB - Virtual size: 11KB