3a252ac37d78baad0a81242c0cb2bd68208c12267aa87d3cd3c5d594f1de27a5

Sharing

Copy URL

Twitter E-mail

General

Target

3a252ac37d78baad0a81242c0cb2bd68208c12267aa87d3cd3c5d594f1de27a5
Size

418KB
MD5

b8ea5cdd085bea860fb94bef2fecb6d9
SHA1

3788cec204c0f2f6fe674fba85895f99f48a1f23
SHA256

3a252ac37d78baad0a81242c0cb2bd68208c12267aa87d3cd3c5d594f1de27a5
SHA512

45dabd78a10f66209abef6446b96f4782ff7b6a20380282a5be6380f3d7e50020d171478226752659f0808f5d1ce870f617add30d132f981bbcb26347ff6a632
SSDEEP

12288:4r7ox3gdRAAzI+L7sCcDIg54qlcepleY:43ox3ghzHsIg2yvU

Score

N/A

Malware Config

Signatures

Files

3a252ac37d78baad0a81242c0cb2bd68208c12267aa87d3cd3c5d594f1de27a5
.exe windows x86

f51d4035041b14a85022ee8104d3ed5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CloseHandle
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
ReadFile
GetModuleFileNameA
WriteFile
ExitProcess
HeapSize
VirtualAlloc
VirtualFree
HeapCreate
GetPrivateProfileStringA
GetStdHandle
SetHandleCount
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
SetEndOfFile
GetProcessHeap
LocalFileTimeToFileTime
GetCurrentProcessId
lstrcpyA
GetModuleHandleA
HeapReAlloc
LoadLibraryA
GlobalFree
GetProcAddress
lstrcmpiA
HeapAlloc
GetLastError
GlobalUnlock
SetConsoleTitleA
Sleep
GlobalAlloc
GetConsoleTitleA
GetACP
GetCPInfo
LCMapStringW
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
RaiseException
RtlUnwind
GetStartupInfoA
GetTickCount
GetModuleHandleW
GetCommandLineA
IsDebuggerPresent
GlobalLock
GlobalSize
SystemTimeToFileTime
GetFileType
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection

user32

FindWindowA
EnableWindow
SetDlgItemTextA
LoadCursorA
EndPaint
SetWindowPlacement
GetMessageA
CloseClipboard
GetClassNameA
GetWindowRect
RegisterClassExA
GetWindowDC
DrawIconEx
LoadStringA
LoadBitmapA
LoadIconA
wsprintfA
DrawIcon
GetClientRect
SendMessageA
GetSystemMetrics
GetIconInfo
GetDC
TranslateMessage
GetForegroundWindow
SetDlgItemInt
GetMenu
GetWindowPlacement
OffsetRect
GetCursorInfo
GetAsyncKeyState
GetScrollInfo
GetWindowLongA
GetClipboardData
CreateWindowExA
ReleaseDC
GetDlgItem
DefWindowProcA
GetDesktopWindow
GetCursorPos
ShowWindow
GetTabbedTextExtentA
IsWindow
PostMessageA
DispatchMessageA
OpenClipboard
BeginPaint

gdi32

PatBlt
GetTextExtentPoint32A
SetTextColor
DeleteDC
CreateDIBSection
CreateFontIndirectA
SetBrushOrgEx
SetBkColor
CreateBitmap
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
CreatePatternBrush
CreatePen
GetObjectA
CreateSolidBrush
EnumFontsA
TextOutA
BitBlt

comdlg32

GetOpenFileNameA

advapi32

CryptAcquireContextA
CryptDeriveKey
CryptReleaseContext
ImpersonateLoggedOnUser
CryptCreateHash
CryptDecrypt
CryptHashData
CryptDestroyHash
LogonUserW

shell32

Shell_NotifyIconA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

odbc32

ord49
ord48

avicap32

capGetDriverDescriptionA

shlwapi

PathUnquoteSpacesA

comctl32

ImageList_Create
ImageList_Add
ord17

winhttp

WinHttpGetIEProxyConfigForCurrentUser

rasapi32

RasSetEapUserDataA

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 238KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f51d4035041b14a85022ee8104d3ed5c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

odbc32

avicap32

shlwapi

comctl32

winhttp

rasapi32

Sections

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 238KB - Virtual size: 245KB

.rsrc Size: 58KB - Virtual size: 57KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 238KB - Virtual size: 245KB

.rsrc
Size: 58KB - Virtual size: 57KB

.reloc
Size: 12KB - Virtual size: 11KB