470ecd6cf31076d88b9b69193feb054208f1bc5475c62ccd4d51565cd8d4839a

Sharing

Copy URL Twitter E-mail

General

Target

470ecd6cf31076d88b9b69193feb054208f1bc5475c62ccd4d51565cd8d4839a
Size

249KB
MD5

e334a647be6ca61bda660fc33339c87d
SHA1

011627773039f3decb432c48ef86dcafd8f32c83
SHA256

470ecd6cf31076d88b9b69193feb054208f1bc5475c62ccd4d51565cd8d4839a
SHA512

a1ce71caa2cad5f507e911684ab9f18c74e60d21b7060829f8ccba7b2b0dc11b46229e7559fd3eb39816aa797b879b358ac94547def5c5b0f368be5003d0ad30
SSDEEP

3072:HNeTiC80Ue1RisFfv2QUymrnkiv6IB/J2tVPSOz3q+UXYReuJnezRd93jwk:Hr0lYAfv/UVDjvjUakq+UX7MezRnjV

Score

N/A

Malware Config

Signatures

Files

470ecd6cf31076d88b9b69193feb054208f1bc5475c62ccd4d51565cd8d4839a
.exe windows x86

7ba1b5c718731fa83d049501a16c2bdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
MulDiv
SetLastError
GlobalUnlock
GlobalLock
FreeLibrary
SizeofResource
LoadResource
LoadLibraryExA
GetModuleHandleA
GlobalFree
GlobalHandle
LockResource
DeleteFileA
lstrcpyA
lstrcpynA
Module32First
CreateToolhelp32Snapshot
CopyFileA
GetSystemDirectoryA
RemoveDirectoryA
CreateDirectoryA
GlobalAddAtomA
SetEndOfFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
Sleep
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetConsoleMode
WriteFile
GetFileType
SetHandleCount
SetFilePointer
ReadFile
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStdHandle
HeapCreate
RtlUnwind
GetStartupInfoA
GetCommandLineA
CreateThread
ExitThread
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualProtect
LocalFree
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
IsDBCSLeadByte
lstrcmpiA
InterlockedDecrement
InterlockedIncrement
lstrlenW
GetCurrentThreadId
SetPriorityClass
InterlockedExchange
GetCurrentThread
SetThreadPriority
ExitProcess
lstrcmpA
lstrcatA
GetModuleFileNameA
lstrlenA
TerminateThread
GetConsoleCP
CloseHandle
FindResourceA
GlobalAlloc
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetEnvironmentStrings

user32

GetFocus
GetActiveWindow
DialogBoxParamA
UnregisterClassA
SetWindowLongA
GetWindowLongA
ShowWindow
SetForegroundWindow
FindWindowA
GetClassNameA
IsWindowEnabled
GetWindowThreadProcessId
DefWindowProcA
UnregisterHotKey
GetSystemMetrics
CharNextA
LoadImageA
RegisterHotKey
GetDlgCtrlID
GetSysColorBrush
MapDialogRect
UnloadKeyboardLayout
GetKeyboardLayout
SetWindowContextHelpId
MessageBoxA
SendDlgItemMessageA
EnableWindow
KillTimer
SetTimer
DialogBoxIndirectParamA
RegisterWindowMessageA
GetWindowTextLengthA
DestroyWindow
SetWindowTextA
CreateAcceleratorTableA
CreateWindowExA
RegisterClassExA
LoadCursorA
GetClassInfoExA
IsWindow
GetDesktopWindow
SetFocus
GetWindowTextA
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
FillRect
ReleaseCapture
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
MoveWindow
GetSysColor
SendMessageA
EndDialog
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
GetDlgItem
GetParent

gdi32

CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
GetStockObject
SetBkMode
SetTextColor
CreateFontA
GetObjectA

shell32

SHChangeNotify
ShellExecuteA

imm32

ImmIsIME
ImmInstallIMEA

advapi32

RegDeleteKeyA
ControlService
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
OpenServiceA
StartServiceA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
OleUninitialize
OleInitialize

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
DispCallFunc
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysStringByteLen
VarUI4FromStr
SysStringLen

comctl32

InitCommonControlsEx

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ba1b5c718731fa83d049501a16c2bdc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

imm32

advapi32

version

ole32

oleaut32

comctl32

wininet

Sections

.text Size: 127KB - Virtual size: 127KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 9KB - Virtual size: 16KB

.rsrc Size: 86KB - Virtual size: 86KB

.text
Size: 127KB - Virtual size: 127KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 9KB - Virtual size: 16KB

.rsrc
Size: 86KB - Virtual size: 86KB