113af20218b55b5ea476c9ea6a14b9f5ed76c2d0ebbbd2270aa5fe37e68ef3fe

Sharing

Copy URL Twitter E-mail

General

Target

113af20218b55b5ea476c9ea6a14b9f5ed76c2d0ebbbd2270aa5fe37e68ef3fe
Size

148KB
MD5

0ab2ff254484306465f4e631cd45e4c0
SHA1

015d6c0efa9df6b2e2ad83237ecf0adb9111d1b9
SHA256

113af20218b55b5ea476c9ea6a14b9f5ed76c2d0ebbbd2270aa5fe37e68ef3fe
SHA512

5c590420441b4bb80cb8966d2728597a9fefdec06fc4887d12b140ba700482e6347ff370946d513d3e20cfc14cd99e9e0d4fc7ea80a50754d6e61891825caea6
SSDEEP

3072:g3DDMy1CkrzQdlR2EWi6NXFokMxviUREYeVTSlrQW227iP7/pdb:gzDOkrsdlvWGKYeVTSlrAzHb

Score

N/A

Malware Config

Signatures

Files

113af20218b55b5ea476c9ea6a14b9f5ed76c2d0ebbbd2270aa5fe37e68ef3fe
.exe windows x86

9f819206817d59e569f13bac03a1a762

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegNotifyChangeKeyValue
RegDeleteKeyA
RegEnumKeyA

gdi32

GetStockObject

wininet

InternetReadFile
InternetTimeToSystemTime
InternetCloseHandle
HttpQueryInfoA
InternetErrorDlg
InternetTimeFromSystemTime
HttpSendRequestA
InternetConnectA
InternetOpenA
InternetCrackUrlA
HttpOpenRequestA

shell32

ShellExecuteA
Shell_NotifyIconA

kernel32

lstrlenW
GetEnvironmentVariableA
LocalFree
GetStartupInfoA
GetModuleHandleA
GetThreadLocale
GetSystemInfo
FreeLibrary
lstrcpynA
WideCharToMultiByte
MultiByteToWideChar
GetTempPathA
SetFilePointer
WriteFile
GetLastError
CloseHandle
lstrcatA
lstrcpyA
WaitForSingleObject
InterlockedIncrement
CreateEventA
WaitForMultipleObjects
lstrlenA
GetModuleFileNameA
CreateMutexA
GetCommandLineA
InterlockedDecrement
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
CreateFileA
DeleteFileA
GetCurrentProcess
GetProcAddress
LoadLibraryA
SetEvent
lstrcmpA
CreateThread
ReadFile
CreateProcessA
SetHandleInformation
CreatePipe
Sleep
ResetEvent
GetTickCount
GetCurrentProcessId
SystemTimeToTzSpecificLocalTime
CompareFileTime
SystemTimeToFileTime
GetSystemTime
GetVersionExA

user32

MsgWaitForMultipleObjects
GetWindowLongA
DefWindowProcA
PostQuitMessage
CreatePopupMenu
AppendMenuA
GetCursorPos
SetForegroundWindow
TrackPopupMenu
PostMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
RegisterClassA
CreateWindowExA
ShowWindow
SetWindowLongA
LoadImageA
DestroyWindow
LoadStringA
MessageBoxA
GetDesktopWindow
wsprintfA

ole32

CoUninitialize
CoInitialize
CLSIDFromString
CoTaskMemFree
StringFromCLSID

msvcrt

__p__commode
__p__fmode
_controlfp
__set_app_type
_XcptFilter
_strdup
_initterm
__getmainargs
_ftol
_strcmpi
_stricmp
_exit
iswspace
isspace
sprintf
strncmp
malloc
free
sscanf
rand
strtol
srand
strncat
??2@YAPAXI@Z
time
_purecall
_except_handler3
strstr
strncpy
strrchr
asctime
_EH_prolog
__CxxFrameHandler
_adjust_fdiv
__setusermatherr
localtime
_acmdln
exit
mktime
??3@YAXPAX@Z

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9f819206817d59e569f13bac03a1a762

Headers

File Characteristics

Imports

advapi32

gdi32

wininet

shell32

kernel32

user32

ole32

msvcrt

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 92KB - Virtual size: 92KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 92KB - Virtual size: 92KB