85ccaa21ab2c2de9ae8b11824112bd1fbd79549776b939e81a9e8c590bdddb92

Sharing

Copy URL Twitter E-mail

General

Target

85ccaa21ab2c2de9ae8b11824112bd1fbd79549776b939e81a9e8c590bdddb92
Size

292KB
MD5

0b4266dd2855766dca4950f8c6d7eaa0
SHA1

f0898e9ba46922b2ed1aef5c6ea964bae5f38f7d
SHA256

85ccaa21ab2c2de9ae8b11824112bd1fbd79549776b939e81a9e8c590bdddb92
SHA512

19abdf231d15e4bf60e97ce3d4e48dbb670f0bffdc9018538f38d7f658e95361fcc589cadf41728b77d7f031969b1b8c2885becfe6cf20ca3daaa921d6324e05
SSDEEP

6144:5jAG5oqgrcrCk65jqN5bJI3pHwer8ZJGLTBGmyfViaj61:5jA8grE65jUJI31AJGLTlrr

Score

N/A

Malware Config

Signatures

Files

85ccaa21ab2c2de9ae8b11824112bd1fbd79549776b939e81a9e8c590bdddb92
.exe windows x86

378d69b44f0d5f2ba698fa2fa1e724ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
CreateProcessA
GetPrivateProfileStringA
WaitForSingleObject
CreateThread
GetLongPathNameA
LoadLibraryA
GetProcAddress
GetTickCount
lstrcmpA
Sleep
GetCurrentProcess
HeapFree
HeapAlloc
GetProcessHeap
WideCharToMultiByte
GetLocalTime
WinExec
ExitProcess
FindResourceA
SizeofResource
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
LoadResource
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetFilePointer
ReadFile
GetStringTypeW
GetStringTypeA
CreateFileA
SetStdHandle
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
FlushFileBuffers
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
SetUnhandledExceptionFilter
WriteFile
HeapSize
TerminateProcess
HeapReAlloc
GetVersion
GetCommandLineA
GetStartupInfoA
RaiseException
GetSystemTime
GetTimeZoneInformation
RtlUnwind
LockResource
FreeResource
GetModuleHandleA
GetModuleFileNameA
GlobalFree
GlobalAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetEnvironmentVariableA
InterlockedIncrement
InterlockedDecrement
lstrlenA
MultiByteToWideChar
LocalFree
OutputDebugStringA
CreateMutexA
GetLastError
ReleaseMutex
GetCPInfo
CloseHandle
DeleteCriticalSection
GetFileAttributesA

user32

SendMessageA
CallWindowProcW
GetPropA
CallNextHookEx
SetPropA
GetParent
GetClassNameA
RegisterWindowMessageA
SetTimer
KillTimer
UnhookWindowsHookEx
InvalidateRect
DefWindowProcW
GetWindowRect
EnumChildWindows
PostMessageA
GetDoubleClickTime
WindowFromPoint
GetAsyncKeyState
GetCursorPos
SystemParametersInfoA
GetWindowTextA
UnregisterClassA
DefWindowProcA
ReleaseDC
GetDC
CallWindowProcA
TrackMouseEvent
EndPaint
GetDesktopWindow
SetWindowLongW
BeginPaint
MapWindowPoints
GetClientRect
TranslateMessage
SetWindowsHookExA
SetWindowTextA
SetCursor
DestroyWindow
PostQuitMessage
IsZoomed
FillRect
GetWindowLongA
DrawTextA
DrawIconEx
IsWindowEnabled
OffsetRect
DestroyIcon
GetMessageA
ShowWindow
RemovePropA
LoadImageA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetMessageW
DispatchMessageA

gdi32

GetTextExtentPoint32A
CreateFontA
SetTextColor
StretchBlt
BitBlt
CreateSolidBrush
SetBkMode
CreateDIBSection
SelectObject
DeleteDC
DeleteObject
CreateCompatibleDC
GetBitmapBits
GetObjectA

advapi32

RegCreateKeyA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHChangeNotify

ole32

CoCreateInstance
StgCreateDocfile
OleCreate
OleInitialize
OleUninitialize
CoInitialize
CoUninitialize

oleaut32

SafeArrayDestroy
VariantInit
VariantCopy
SysStringByteLen
SafeArrayCreate
SafeArrayPutElement
VarCmp
SysAllocStringByteLen
VariantChangeType
SysStringLen
SysFreeString
SysAllocString
VariantClear

urlmon

URLDownloadToFileA

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA
DeleteUrlCacheEntry

msimg32

AlphaBlend

comctl32

InitCommonControlsEx

ws2_32

shutdown
send
ioctlsocket
connect
select
__WSAFDIsSet
inet_ntoa
gethostbyname
htons
recv
inet_addr
WSACleanup
setsockopt
WSAGetLastError
closesocket
WSAStartup
socket

shlwapi

UrlUnescapeA
StrStrIA

iphlpapi

GetPerAdapterInfo
GetIpAddrTable
GetAdaptersInfo

Sections

.text
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

378d69b44f0d5f2ba698fa2fa1e724ac

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

urlmon

wininet

msimg32

comctl32

ws2_32

shlwapi

iphlpapi

Sections

.text Size: 216KB - Virtual size: 214KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 28KB - Virtual size: 54KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 216KB - Virtual size: 214KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 28KB - Virtual size: 54KB

.rsrc
Size: 16KB - Virtual size: 15KB