79030d46903ea88a00bc7d90219ebb48392ccffd6ba99d6bcde6793f82b2dbf7

Sharing

Copy URL Twitter E-mail

General

Target

79030d46903ea88a00bc7d90219ebb48392ccffd6ba99d6bcde6793f82b2dbf7
Size

1.2MB
MD5

0f33ffdbdfb8a3c18f8829939127dbaf
SHA1

b439e75c31f667a279ab07115627d1f9eaca5d01
SHA256

79030d46903ea88a00bc7d90219ebb48392ccffd6ba99d6bcde6793f82b2dbf7
SHA512

ed7e3353e5abfe4ebb688b5138746f5672e9dd061186d640185a673816871de10ff4e4e1a58a016d112fabf42832ef936ba8464ea179d7283e023a9272ba0c00
SSDEEP

24576:auEjTBw0LdvygJkDUUtGxtw1VWFv9AjyGoDFAvgTgxzDTmmJoovbZwiq6l+JfA69:a9byEkQxWni+jGDFkgo3mm+XiqtxR

Score

N/A

Malware Config

Signatures

Files

79030d46903ea88a00bc7d90219ebb48392ccffd6ba99d6bcde6793f82b2dbf7
.exe windows x86

a962a2ccedeff4688a41b496a1c88781

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptSignHashA
StartServiceA
RegSaveKeyA
RegDeleteValueA
LookupPrivilegeNameA
CryptDuplicateHash
DuplicateTokenEx
AbortSystemShutdownW
RegRestoreKeyW
ReportEventA
RegNotifyChangeKeyValue
CryptSetProviderW
LookupAccountSidW
RegLoadKeyW
LookupPrivilegeDisplayNameA
RegCreateKeyA
RegQueryMultipleValuesW
CryptHashData
RegEnumValueA
CreateServiceA
RegEnumKeyExA

comdlg32

PrintDlgW

gdi32

ResizePalette
EnumFontFamiliesW
InvertRgn
FloodFill
GetWindowExtEx
CreateFontA
GetBkColor
UpdateICMRegKeyA
GetWorldTransform
EqualRgn
SetArcDirection
GetLayout
StartPage
PlayEnhMetaFileRecord
ExtTextOutW
GetPaletteEntries
GetTextMetricsW
GetSystemPaletteEntries
GetViewportOrgEx
CreatePen
CreateEllipticRgn

kernel32

FillConsoleOutputCharacterA
QueryPerformanceCounter
GetModuleFileNameW
CompareStringW
UnhandledExceptionFilter
InterlockedExchange
TerminateProcess
GetLocaleInfoA
EnumSystemLocalesA
VirtualProtect
HeapCreate
SetEnvironmentVariableA
GetOEMCP
GetSystemTimeAsFileTime
GetUserDefaultLCID
FlushFileBuffers
GetSystemInfo
FindResourceExW
TlsGetValue
TlsSetValue
EnterCriticalSection
GetStdHandle
GetCommandLineA
GetTimeFormatA
GetCurrentThread
CreateWaitableTimerA
GetCommandLineW
SetStdHandle
GetModuleFileNameA
GetTickCount
ReadFile
LeaveCriticalSection
HeapFree
VirtualQuery
InitializeCriticalSection
ExitProcess
Sleep
GetLastError
WaitNamedPipeA
TlsFree
GetEnvironmentStrings
SetLastError
MultiByteToWideChar
GetCurrentThreadId
CreateMailslotW
SetHandleCount
CreateMutexA
VirtualFree
IsValidLocale
GetACP
WriteFile
SetFilePointer
ReadConsoleOutputCharacterW
GetStringTypeW
FreeEnvironmentStringsA
GetCurrentProcessId
WideCharToMultiByte
VirtualAlloc
FreeEnvironmentStringsW
OpenMutexA
GetCurrentProcess
HeapReAlloc
HeapAlloc
RtlUnwind
GetDateFormatA
CompareStringA
LCMapStringW
LoadLibraryA
GetLocaleInfoW
CloseHandle
GetEnvironmentStringsW
GetStartupInfoA
HeapDestroy
GetVersionExA
OutputDebugStringW
GetStartupInfoW
GetModuleHandleA
DeleteCriticalSection
OpenEventW
MapViewOfFileEx
IsBadWritePtr
GetProcAddress
GetTimeZoneInformation
GetStringTypeExA
GetFileType
LCMapStringA
GetCPInfo
GetStringTypeA
IsValidCodePage
HeapSize
TlsAlloc

user32

CreateWindowExA
RegisterClassExA
GetQueueStatus
FreeDDElParam
SendNotifyMessageW
ShowWindow
RegisterClassA
DefWindowProcW
CharToOemBuffA
wvsprintfW
DestroyWindow
DrawEdge
MessageBoxA

comctl32

InitCommonControlsEx
ImageList_DragEnter
ImageList_DragLeave
ImageList_Merge
ImageList_GetIcon
MakeDragList
ImageList_DragShowNolock

wininet

FindCloseUrlCache
FtpRenameFileA
UnlockUrlCacheEntryFileA

Sections

.text
Size: 343KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 795KB - Virtual size: 794KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a962a2ccedeff4688a41b496a1c88781

Headers

File Characteristics

Imports

advapi32

comdlg32

gdi32

kernel32

user32

comctl32

wininet

Sections

.text Size: 343KB - Virtual size: 343KB

.rdata Size: 51KB - Virtual size: 69KB

.data Size: 795KB - Virtual size: 794KB

.rsrc Size: 53KB - Virtual size: 52KB

.text
Size: 343KB - Virtual size: 343KB

.rdata
Size: 51KB - Virtual size: 69KB

.data
Size: 795KB - Virtual size: 794KB

.rsrc
Size: 53KB - Virtual size: 52KB