991fbc885e50cdc4c3b6a2daf83acf46228cbf7455102db679f99414063b2371

Sharing

Copy URL Twitter E-mail

General

Target

991fbc885e50cdc4c3b6a2daf83acf46228cbf7455102db679f99414063b2371
Size

809KB
MD5

50b4e61ce03416d4646d2bdbcfd59580
SHA1

2b2f04fd1e7d5187ad6773ddeae57cd98c6dc3cf
SHA256

991fbc885e50cdc4c3b6a2daf83acf46228cbf7455102db679f99414063b2371
SHA512

2918b041b658d065f97340aad025aee9c6d186ad3f1aa51ab0d1e66ad73c4b71e1851d66d3c428d4a1467c900668f8ae00ad04b5372f39d8ac3b0907401390c2
SSDEEP

12288:YD6IszoP601AjS/nwdaq9eqdlVUViNP7zDwWCDwosBeNkedO5dpHfC6HI2MRcFvE:YD0oPcS/3qvlVUJW2sBSROvFm

Score

N/A

Malware Config

Signatures

Files

991fbc885e50cdc4c3b6a2daf83acf46228cbf7455102db679f99414063b2371
.exe windows x86

c833b1477c0caa2ab016de0e56eeb9c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
UnhandledExceptionFilter
GlobalAddAtomA
FreeEnvironmentStringsA
GlobalGetAtomNameA
CreateFileA
GetStringTypeA
IsValidCodePage
GetEnvironmentStringsW
GetFileAttributesA
WriteConsoleW
GetFileTime
SetErrorMode
CreateDirectoryA
GetLastError
RtlUnwind
SetCurrentDirectoryA
SetEnvironmentVariableA
TerminateProcess
LoadResource
ConvertDefaultLocale
GetCurrentThreadId
lstrcmpW
GetConsoleOutputCP
GetCurrentProcessId
GetPrivateProfileStringA
SetFilePointer
EnumResourceLanguagesA
GetThreadLocale
SetEndOfFile
EnterCriticalSection
TlsAlloc
GetFileSize
LockFile
FormatMessageA
WriteConsoleA
WriteFile
SetStdHandle
GetVersionExA
FileTimeToLocalFileTime
InterlockedDecrement
LCMapStringA
GetConsoleCP
LocalAlloc
lstrlenA
GlobalAlloc
RaiseException
SetHandleCount
HeapReAlloc
QueryPerformanceCounter
TlsSetValue
IsDebuggerPresent
GetSystemInfo
MulDiv
lstrcmpA
DeleteCriticalSection
FreeResource
InitializeCriticalSection
GetTimeZoneInformation
GlobalFindAtomA
WideCharToMultiByte
TlsFree
FileTimeToSystemTime
CreateThread
HeapAlloc
GetModuleFileNameA
CompareStringA
SetLastError
GlobalReAlloc
GetFileSizeEx
WritePrivateProfileStringA
VirtualProtect
GlobalHandle
CopyFileA
GlobalFlags
GetACP
InterlockedExchange
SizeofResource
InterlockedIncrement
LeaveCriticalSection
Sleep
DeleteFileA
GetLocaleInfoA
GetSystemTimeAsFileTime
TlsGetValue
GlobalLock
HeapCreate
GetTickCount
WinExec
LocalFree
FreeEnvironmentStringsW
FindClose
FindResourceA
GetFullPathNameA
WaitForSingleObject
GetStringTypeW
GetCurrentThread
VirtualQuery
SetUnhandledExceptionFilter
LocalReAlloc
InitializeCriticalSectionAndSpinCount
DuplicateHandle
GetProcessHeap
GetModuleHandleW
FreeLibrary
ReadFile
VirtualAlloc
LCMapStringW
HeapSize
GetCPInfo
GetOEMCP
GetFileType
GetVolumeInformationA
VirtualFree
GetModuleFileNameW
GlobalDeleteAtom
LockResource
MultiByteToWideChar
CompareStringW
HeapFree
GlobalUnlock
FindFirstFileA
FlushFileBuffers
UnlockFile
CloseHandle
GlobalFree
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetStdHandle
GetStartupInfoA
GetConsoleMode
GetCurrentProcess
ReadConsoleA
GetCommandLineA
ExitProcess

user32

GetCapture
RemovePropA
CheckMenuItem
SetWindowContextHelpId
SendMessageA
GetTopWindow
GetSystemMetrics
GetMenuCheckMarkDimensions
GetMessagePos
CopyRect
SetPropA
IsWindowEnabled
IsRectEmpty
IsWindow
SetMenu
UpdateWindow
MoveWindow
GetWindowTextA
SetCapture
DestroyWindow
GetWindow
CreateDialogIndirectParamA
SetWindowPos
ShowWindow
GetSysColorBrush
SetFocus
GetClassLongA
UnhookWindowsHookEx
EndPaint
GetMenuItemCount
DrawTextExA
CallWindowProcA
GetCursorPos
DispatchMessageA
PostMessageA
GetPropA
GetForegroundWindow
GetWindowRect
GetDesktopWindow
IsChild
EqualRect
CharNextA
TabbedTextOutA
SetActiveWindow
GetLastActivePopup
GetSubMenu
RegisterWindowMessageA
GetNextDlgGroupItem
GetMenuItemID
SetForegroundWindow
AdjustWindowRectEx
CallNextHookEx
WinHelpA
BeginPaint
GrayStringA
PtInRect
GetClientRect
GetClassInfoExA
LoadBitmapA
InvalidateRgn
GetMenuState
GetWindowPlacement
GetNextDlgTabItem
SetWindowLongA
PostThreadMessageA
SetCursor
GetMessageTime
GetKeyState
GetParent
InvalidateRect
GetClassNameA
IsWindowVisible
GetClassInfoA
GetSysColor
LoadIconA
CopyAcceleratorTableA
OffsetRect
ValidateRect
ClientToScreen
GetDC
IsIconic
EnableMenuItem
ReleaseDC
CharUpperA
MapWindowPoints
LoadCursorA
PeekMessageA
ModifyMenuA
GetWindowDC
SetWindowTextA
ReleaseCapture
IsDialogMessageA
GetWindowThreadProcessId
GetDlgCtrlID
IntersectRect
SystemParametersInfoA
CreateWindowExA
RegisterClassA
GetMenu
SetWindowsHookExA
DrawTextA
TranslateMessage
SendDlgItemMessageA
EndDialog
MapDialogRect
GetDlgItem
GetMessageA
UnregisterClassA
SetRect
SetMenuItemBitmaps
RegisterClipboardFormatA
PostQuitMessage
GetWindowLongA
MessageBeep
EnableWindow
DefWindowProcA
GetFocus
GetActiveWindow
MessageBoxA
DestroyMenu

gdi32

CreateRectRgnIndirect
GetMapMode
SetBkColor
DeleteDC
TextOutA
SetTextColor
GetDeviceCaps
Escape
SetViewportOrgEx
SetMapMode
RestoreDC
RectVisible
ScaleWindowExtEx
GetViewportExtEx
SelectObject
GetObjectA
GetRgnBox
ExtSelectClipRgn
CreateICA
CreateBitmap
SetWindowExtEx
DeleteObject
PtVisible
SaveDC
ScaleViewportExtEx
OffsetViewportOrgEx
GetTextColor
SetViewportExtEx
GetWindowExtEx
GetClipBox
ExtTextOutA
GetStockObject
GetBkColor

comdlg32

GetFileTitleA

advapi32

RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegOpenKeyA
RegCloseKey

shell32

SHGetFileInfoA

ole32

CreateILockBytesOnHGlobal
CLSIDFromString
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
OleInitialize
CoTaskMemFree
CoFreeUnusedLibraries
CoTaskMemAlloc
CoGetClassObject
CoRevokeClassObject
CLSIDFromProgID
StgOpenStorageOnILockBytes
OleFlushClipboard
CoRegisterMessageFilter
OleUninitialize

oleaut32

VariantChangeType
SysAllocStringByteLen
SysStringLen
VariantTimeToSystemTime
SafeArrayDestroy
VariantClear
SysAllocStringLen
SysFreeString
VariantCopy
OleCreateFontIndirect
SystemTimeToVariantTime
VariantInit
SysAllocString

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

wininet

InternetGetLastResponseInfoA
InternetSetStatusCallback
InternetConnectA
InternetCloseHandle
FtpSetCurrentDirectoryA
FtpGetFileA
InternetOpenA

oledlg

ord8

Sections

.text
Size: 777KB - Virtual size: 776KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c833b1477c0caa2ab016de0e56eeb9c1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

wininet

oledlg

Sections

.text Size: 777KB - Virtual size: 776KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 5.2MB

.CRT Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 101B

.rsrc Size: 11KB - Virtual size: 11KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 777KB - Virtual size: 776KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 5.2MB

.CRT
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 101B

.rsrc
Size: 11KB - Virtual size: 11KB

.reloc
Size: 9KB - Virtual size: 8KB