b4c05e0e065058ae79d3ce9d51a470946aae036d2b163f85adcef10a6343246a_unpacked

Sharing

Copy URL

Twitter E-mail

General

Target

b4c05e0e065058ae79d3ce9d51a470946aae036d2b163f85adcef10a6343246a_unpacked
Size

362KB
MD5

3921543c211364b4827c55aeeef5260c
SHA1

4b7f71b8e7f228dbb0d296120b6f6f455d22248c
SHA256

d828981e90be2089e64c4a72961e9bbe2522709c242a8839c36cc9e45818e08d
SHA512

e50ca28538254b535256c1b2542a8d894b9177f3037508c3331197b5338fba609818e4a756c3fa9135c11df7c12aa22302d0e4336ba6b78858d10bb0e845221e
SSDEEP

6144:5vUC68qdnE8dF49BpAoWvcUZUq1XvNWgTO3x5N22vWvLRKKAX5l++SyVI:pxCRE8dQvWBZU6/1T85I2vCMX5l+Zn

Score

N/A

Malware Config

Signatures

Files

b4c05e0e065058ae79d3ce9d51a470946aae036d2b163f85adcef10a6343246a_unpacked
.exe windows x86

70d0d9811eab7982004ecc8b0c9cc4ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
memcpy
memmove
_vsnprintf
_vsnwprintf
_purecall
memset

kernel32

MultiByteToWideChar
lstrcmpA
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
FormatMessageW
CreateMutexW
ReleaseMutex
FindResourceExW
LoadResource
SizeofResource
LockResource
CreateProcessW
CreateThread
ResumeThread
SystemTimeToFileTime
FileTimeToSystemTime
GetFileTime
FileTimeToLocalFileTime
GetSystemTime
GetNativeSystemInfo
GetVersionExW
GetCurrentThreadId
GetProcAddress
ActivateActCtx
DeactivateActCtx
ReleaseActCtx
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
GetEnvironmentVariableW
CopyFileExW
GetUserDefaultUILanguage
SetLastError
GetFileSizeEx
FlushFileBuffers
ReadFile
WriteFile
SetFileTime
SetFilePointerEx
WideCharToMultiByte
FreeLibrary
LoadLibraryW
GetVolumeNameForVolumeMountPointW
DeviceIoControl
GetCurrentProcess
FindNextFileW
FindClose
FindFirstFileW
CreateActCtxW
DeleteFileW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
QueryPerformanceCounter
SetFileAttributesW
CreateFileW
GetFileAttributesW
Sleep
MoveFileExW
ExpandEnvironmentStringsW
GetVolumeInformationW
GetDiskFreeSpaceExW
WaitForMultipleObjects
ResetEvent
GetTempPathW
GetTickCount
GetLogicalDrives
GetDriveTypeW
LocalFree
CloseHandle
CreateEventW
GetLastError
GetHandleInformation
SetThreadPriority
GetModuleFileNameW
GetTimeFormatW
GetCurrentThread
GetModuleHandleW
SetEvent
GetComputerNameW
WaitForSingleObject
SetErrorMode
GetDateFormatW
GetCommandLineW
ExitProcess

user32

IsDialogMessageW
MessageBoxW
MessageBoxIndirectW
InSendMessage
ClientToScreen
GetWindowLongW
GetClassNameW
GetCaretPos
TrackPopupMenu
AppendMenuW
GetCursorPos
CreatePopupMenu
SetMenuDefaultItem
DestroyMenu
LoadIconW
EmptyClipboard
OpenClipboard
SetClipboardData
GetScrollInfo
SystemParametersInfoW
ScrollWindowEx
GetForegroundWindow
UpdateWindow
ReplyMessage
InvalidateRect
SetForegroundWindow
UnregisterClassW
MonitorFromPoint
SetScrollInfo
GetKeyState
EndPaint
ScreenToClient
GetWindowRect
DrawTextW
GetParent
GetClientRect
BeginPaint
DrawFocusRect
IntersectRect
GetDlgItem
SendMessageW
GetDlgCtrlID
SetWindowTextW
MoveWindow
GetDC
ReleaseDC
CharLowerW
CreateDialogParamW
EndDialog
SetWindowLongW
DialogBoxParamW
DefWindowProcW
GetMonitorInfoW
IsWindowVisible
AdjustWindowRectEx
CreateWindowExW
ShowWindow
SetWindowPos
MonitorFromWindow
DestroyWindow
GetWindowTextW
SetTimer
PostMessageW
KillTimer
SetFocus
RegisterClassExW
FlashWindowEx
GetSystemMetrics
PostQuitMessage
MsgWaitForMultipleObjects
TranslateMessage
PeekMessageW
DispatchMessageW
CloseClipboard
GetWindowTextLengthW

advapi32

CryptDecrypt
CryptSetKeyParam
CryptGetKeyParam
CryptReleaseContext
CryptExportKey
CryptGetHashParam
CryptCreateHash
CryptDestroyHash
CryptHashData
RegCreateKeyExW
RegCloseKey
OpenProcessToken
GetTokenInformation
DuplicateToken
CheckTokenMembership
CreateWellKnownSid
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegOpenKeyExW
RegFlushKey
RegEnumKeyExW
CryptDestroyKey
RegSetValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
CryptGenKey
CryptEncrypt
CryptImportKey
CryptAcquireContextW

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetFileInfoW
ShellExecuteExW

uxtheme

SetWindowTheme

gdi32

GetDeviceCaps
CreateSolidBrush
GetObjectW
CreateCompatibleDC
SelectObject
DeleteObject
SetBkMode
SetBkColor
DeleteDC
SetTextColor
GetObjectA
CreateFontIndirectW

comctl32

InitCommonControlsEx
ord413
ord410

shlwapi

PathFindFileNameW
ord12
StrCmpNW
PathRemoveFileSpecW
StrCmpW
StrChrW
StrCmpIW
PathMatchSpecW
PathRemoveBackslashW
PathAddBackslashW
PathGetArgsW
PathUnquoteSpacesW
PathQuoteSpacesW
PathAddExtensionW

msimg32

AlphaBlend

wininet

InternetWriteFile
InternetReadFile
HttpEndRequestA
HttpAddRequestHeadersA
InternetOpenA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestExA
HttpQueryInfoA
InternetConnectA

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneImage
GdiplusStartup
GdipDeleteBrush
GdipCloneBrush
GdipCreateFontFromLogfontA
GdipSetStringFormatLineAlign
GdipDeleteFont
GdipDeleteGraphics
GdipDrawImageRectI
GdipSetStringFormatAlign
GdipGetImageEncoders
GdipDrawString
GdipCreateFromHDC
GdipSetStringFormatHotkeyPrefix
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateFontFromDC
GdipCloneBitmapAreaI
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCreateLineBrushFromRectI
GdipCreateBitmapFromHICON
GdipSetTextRenderingHint
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipSetSmoothingMode
GdipFlush
GdipDeleteFontFamily
GdipCreateFont
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipFillRectangleI
GdiplusShutdown
GdipSaveImageToStream
GdipDisposeImage
GdipGetImageEncodersSize
GdipAlloc
GdipCreateBitmapFromStream
GdipFree
GdipCreateSolidFill

ole32

CoUninitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoInitializeEx

crypt32

CryptImportPublicKeyInfo
CryptDecodeObjectEx
CryptStringToBinaryA

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70d0d9811eab7982004ecc8b0c9cc4ad

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

uxtheme

gdi32

comctl32

shlwapi

msimg32

wininet

gdiplus

ole32

crypt32

Sections

.text Size: 93KB - Virtual size: 92KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: - Virtual size: 4KB

.rsrc Size: 230KB - Virtual size: 230KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: - Virtual size: 4KB

.rsrc
Size: 230KB - Virtual size: 230KB

.reloc
Size: 7KB - Virtual size: 6KB