2f16e1687afad4aa5a491c3ff45f7c63921f732c556e2ef277cc8322e45b1130

Sharing

Copy URL Twitter E-mail

General

Target

2f16e1687afad4aa5a491c3ff45f7c63921f732c556e2ef277cc8322e45b1130
Size

820KB
MD5

d2ca7ed1de5d1226cbba075c9f69d8d2
SHA1

00afecc1115aacb7ba783841552031eb9db6c8bb
SHA256

2f16e1687afad4aa5a491c3ff45f7c63921f732c556e2ef277cc8322e45b1130
SHA512

06963c3f2d7dfa33a5401df6a587876417cccd1c87f2268fb2b81388c93a6c14e13f23a6845b42e963cbac58686ddfd99feacca9744cf39560fd395087f67388
SSDEEP

24576:dZ4ddoauQi4xjteF37PA8qzI0WGhVes9R:nNStedsLzWy

Score

N/A

Malware Config

Signatures

Files

2f16e1687afad4aa5a491c3ff45f7c63921f732c556e2ef277cc8322e45b1130
.exe windows x86

910edd55010a6bb7924b4ba7d7d07eca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupAccountNameA
LogonUserA
CryptGetProvParam
CryptCreateHash
RegOpenKeyW
CryptVerifySignatureW

kernel32

GetCurrentProcess
GlobalLock
CompareStringW
FreeEnvironmentStringsW
HeapAlloc
GetModuleFileNameA
SetLocalTime
GetOEMCP
AddAtomW
GlobalUnlock
WriteProfileStringW
lstrcmpiW
TlsAlloc
GetTimeFormatA
InterlockedExchange
OpenEventW
GetModuleFileNameW
ReadFile
SetEvent
UnhandledExceptionFilter
SetThreadPriority
SetFilePointer
HeapValidate
GetTickCount
GetProfileIntA
HeapDestroy
GetProfileSectionW
FileTimeToDosDateTime
GetCommandLineW
GetProcessAffinityMask
GetProfileStringW
GetCPInfo
DebugBreak
WaitForMultipleObjects
VirtualQuery
GetPrivateProfileSectionNamesW
GetCurrentThread
CompareStringA
LCMapStringA
GetStartupInfoW
GetCurrentProcessId
GetVersionExA
WideCharToMultiByte
GetDateFormatA
GetFileType
GetEnvironmentVariableW
InitializeCriticalSection
SetConsoleCursorPosition
VirtualFree
GetACP
RtlUnwind
WriteProfileSectionW
OpenMutexW
CreateEventA
WritePrivateProfileStringW
GetStartupInfoA
VirtualProtect
InterlockedDecrement
FreeLibraryAndExitThread
FlushFileBuffers
GetLastError
GetConsoleMode
GetCompressedFileSizeA
IsValidCodePage
SetLastError
ExitProcess
UnlockFileEx
LoadLibraryA
GetThreadTimes
OpenFileMappingW
WriteFile
OutputDebugStringA
GetSystemDirectoryW
HeapSize
LCMapStringW
FoldStringW
TlsFree
DeleteCriticalSection
GetEnvironmentStrings
SetHandleCount
GetStringTypeW
IsBadWritePtr
SetEnvironmentVariableA
FlushViewOfFile
SetConsoleCtrlHandler
InterlockedIncrement
GetLocaleInfoA
CreateEventW
QueryPerformanceCounter
GetDriveTypeW
CloseHandle
GetSystemInfo
GetFileAttributesA
GetSystemTimeAsFileTime
GetCommandLineA
VirtualAlloc
lstrcpyW
SetConsoleCP
OpenMutexA
WriteConsoleW
SetCriticalSectionSpinCount
SetThreadIdealProcessor
GetDriveTypeA
SetVolumeLabelA
WritePrivateProfileStructA
VirtualQueryEx
FreeEnvironmentStringsA
EnumCalendarInfoW
EnumSystemLocalesA
MultiByteToWideChar
GetConsoleCP
CreateProcessW
SetStdHandle
GetDiskFreeSpaceW
CommConfigDialogA
LocalCompact
HeapReAlloc
ResumeThread
GetLocaleInfoW
GlobalAlloc
TlsSetValue
CreateMutexA
LeaveCriticalSection
CreateDirectoryExA
EnumSystemLocalesW
TerminateProcess
HeapCreate
VirtualUnlock
GetPrivateProfileSectionW
IsValidLocale
ConvertDefaultLocale
GetEnvironmentStringsW
GetStringTypeA
HeapFree
TlsGetValue
LoadLibraryW
ReadConsoleOutputA
GlobalReAlloc
Sleep
GetUserDefaultLCID
GetModuleHandleA
EnterCriticalSection
EnumResourceLanguagesW
GetPrivateProfileIntA
lstrcmp
GetStdHandle
UnlockFile
GetTimeZoneInformation
GetPrivateProfileStructW
GetCurrentThreadId
GetProcAddress
IsBadReadPtr
GetCurrencyFormatW

shell32

SheChangeDirExW
SHEmptyRecycleBinA
RealShellExecuteA
SHGetSettings
DragQueryFileW

user32

SetDlgItemTextA
ScrollWindowEx
wsprintfW
GetClassNameW
RegisterClassExA
RegisterClassA
GetMessageW
WINNLSGetEnableStatus
ChangeMenuW
MessageBoxW
MsgWaitForMultipleObjects
ValidateRgn
DialogBoxIndirectParamW
InsertMenuA
CreateWindowExA
CharLowerA
DdeInitializeA
GetKeyboardLayout
CheckDlgButton
TranslateAccelerator
WinHelpW
FlashWindowEx
DlgDirSelectComboBoxExA
IsCharLowerA
GetMenuContextHelpId
BroadcastSystemMessage
CloseClipboard
DefWindowProcW
MapVirtualKeyExW
DestroyWindow
IsChild
ShowWindow

comctl32

CreateMappedBitmap
ImageList_LoadImage
ImageList_Create
InitCommonControlsEx
ImageList_Read
ImageList_GetFlags
ImageList_LoadImageW
ImageList_SetDragCursorImage
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_DrawIndirect
CreatePropertySheetPage
ImageList_DragMove
ImageList_GetImageRect
ImageList_AddMasked
ImageList_Write
CreatePropertySheetPageA
ImageList_BeginDrag
CreateStatusWindowA
ImageList_Destroy
CreatePropertySheetPageW
MakeDragList
ImageList_Remove
ImageList_Merge

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

910edd55010a6bb7924b4ba7d7d07eca

Headers

File Characteristics

Imports

advapi32

kernel32

shell32

user32

comctl32

Sections

.text Size: 224KB - Virtual size: 223KB

.rdata Size: 404KB - Virtual size: 401KB

.data Size: 140KB - Virtual size: 137KB

.rsrc Size: 48KB - Virtual size: 44KB

.text
Size: 224KB - Virtual size: 223KB

.rdata
Size: 404KB - Virtual size: 401KB

.data
Size: 140KB - Virtual size: 137KB

.rsrc
Size: 48KB - Virtual size: 44KB