07658c673d6fef7c467c279eaacb5387b991cbdf82f0b5695a8d9117102db3fb

Sharing

Copy URL

Twitter E-mail

General

Target

07658c673d6fef7c467c279eaacb5387b991cbdf82f0b5695a8d9117102db3fb
Size

608KB
MD5

6a9c749802224cd413b2264931686f13
SHA1

3ec5a5fe4c8e6b884b2fb9f11f9995fdaa608218
SHA256

07658c673d6fef7c467c279eaacb5387b991cbdf82f0b5695a8d9117102db3fb
SHA512

d596d617cd7a5dc06954b8613c2493585fbbf51e5076b7ee465d31b395c61a031d7703026c4ccacdf25f6b48aac29f3e5f071bfefb7964c2388f63450185831d
SSDEEP

12288:3hIP/ejOS9U1BPUQEdFQkF3ouKo4ZdEnautariXUE1tObzWVKx/:3G/etU12QYFVod4NWgUStE5/

Score

N/A

Malware Config

Signatures

Files

07658c673d6fef7c467c279eaacb5387b991cbdf82f0b5695a8d9117102db3fb
.exe windows x86

63c2842f04ce76a9705ac37d6893e12d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
WriteFile
ExitProcess
VirtualAlloc
VirtualFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetCurrentThreadId
SetLastError
HeapSize
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileA
lstrcpyA
CloseHandle
GetModuleHandleA
CreateIoCompletionPort
GetModuleFileNameA
LockResource
SetConsoleOutputCP
LoadLibraryA
GetPrivateProfileStringA
CreateNamedPipeA
GetProcAddress
GetLastError
GetTimeZoneInformation
FileTimeToSystemTime
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
InterlockedIncrement
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RaiseException
GetStartupInfoA
GetCommandLineA
HeapAlloc
MultiByteToWideChar
GetProcessHeap
HeapFree
GetExitCodeProcess
HeapCreate
SetConsoleCP
CreateEventA
SizeofResource
Sleep
WideCharToMultiByte
GlobalAlloc
FindResourceExA
EnumResourceTypesA
GetModuleHandleW
ConnectNamedPipe
SetEvent
WaitForSingleObject
InterlockedDecrement
UpdateResourceA
SystemTimeToTzSpecificLocalTime
LoadResource
HeapReAlloc
FreeResource

user32

DialogBoxParamA
LoadCursorA
FindWindowA
ModifyMenuA
VkKeyScanA
DrawIcon
UpdateWindow
DispatchMessageA
CreateWindowExW
GetMenuItemCount
GetSysColorBrush
CreatePopupMenu
SetMenu
ShowWindow
GetMenuStringA
GetCursorPos
DefWindowProcA
CreateWindowExA
GetWindowLongA
InvalidateRect
GetKeyboardLayout
GetCursorInfo
GetMenu
GetMessageA
SetTimer
ScreenToClient
SetDlgItemInt
PostQuitMessage
SendDlgItemMessageA
SetCapture
KillTimer
LoadMenuA
LoadIconA
wsprintfA
RegisterClassExA
CreateMenu
SendMessageA
CreateIconIndirect
GetIconInfo
GetDC
TranslateMessage

gdi32

GetDeviceCaps
GetPixel
CreateCompatibleBitmap
BitBlt
CreateFontA
CreateFontIndirectA
CreateDCA
DeleteObject
SelectObject
CreateCompatibleDC
GetKerningPairsA

advapi32

SetServiceStatus
CryptAcquireContextA
RegisterServiceCtrlHandlerA

shell32

SHBrowseForFolderA

ole32

CoInitializeEx
StgOpenStorage
CoInitializeSecurity
StringFromGUID2
CoSetProxyBlanket
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
LoadTypeLibEx

odbc32

ord7
ord24
ord36
ord75
ord39

msvfw32

ICClose
ICOpen
ICGetInfo

avifil32

AVIStreamInfoA
AVIStreamLength
AVIStreamOpenFromFileA
AVIStreamRelease
CreateEditableStream
AVIStreamStart

winscard

g_rgSCardT1Pci
SCardConnectA
SCardCancel
SCardListReadersA
SCardIsValidContext
g_rgSCardT0Pci
SCardGetCardTypeProviderNameA
SCardFreeMemory
SCardEstablishContext
SCardTransmit

winmm

mciSendStringA

shlwapi

StrChrA
StrToIntA

comctl32

ord6
FlatSB_ShowScrollBar
InitCommonControlsEx
FlatSB_SetScrollRange

gdiplus

GdipFree
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipAlloc
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdiplusShutdown

imm32

ImmGetConversionStatus
ImmSetOpenStatus
ImmGetDescriptionA
ImmReleaseContext
ImmIsIME
ImmGetContext
ImmGetOpenStatus

tapi32

lineSetTollListA

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 435KB - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63c2842f04ce76a9705ac37d6893e12d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

odbc32

msvfw32

avifil32

winscard

winmm

shlwapi

comctl32

gdiplus

imm32

tapi32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 435KB - Virtual size: 441KB

.rsrc Size: 43KB - Virtual size: 43KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 435KB - Virtual size: 441KB

.rsrc
Size: 43KB - Virtual size: 43KB