3aa05a4686a3929d489bbdd09978b94997d0ad0ad6bb4bfd06c5de27d62d1711

Sharing

Copy URL

Twitter E-mail

General

Target

3aa05a4686a3929d489bbdd09978b94997d0ad0ad6bb4bfd06c5de27d62d1711
Size

796KB
MD5

8f7b9f6836d847839ae958bf09aab3c1
SHA1

a6263264b5abe263b98abac5690c0be5462f6c55
SHA256

3aa05a4686a3929d489bbdd09978b94997d0ad0ad6bb4bfd06c5de27d62d1711
SHA512

b126b2d7b66f8ecd3ebdd5d35097f06e4d9437459d9fc0b9734499f32bef3be243a5a9063ef21f1c5741347f7f3ed763ba99fe9a6e892de0be8e3acf2996f889
SSDEEP

24576:K70QSjmtVhRHVb7xPweDeWx4JFdRAGQS4yM:9cVh/b7Zw0eWWFd27S

Score

N/A

Malware Config

Signatures

Files

3aa05a4686a3929d489bbdd09978b94997d0ad0ad6bb4bfd06c5de27d62d1711
.exe windows x86

f84c5caf58404f85f2ec0ee0503c0997

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
InitializeCriticalSection
QueryPerformanceCounter
CompareStringA
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetStdHandle
Sleep
SetLastError
HeapFree
DeleteCriticalSection
GetLocaleInfoW
OpenMutexA
GetProcessHeap
HeapAlloc
GetStringTypeW
CloseHandle
HeapSize
EnumCalendarInfoW
GetConsoleOutputCP
ReadFile
GetModuleHandleA
SetHandleCount
GetProcAddress
GetConsoleCP
GetConsoleMode
ExitProcess
GetModuleFileNameA
VirtualQuery
GetCurrentProcessId
FreeEnvironmentStringsW
CompareStringW
SetFilePointer
GetStringTypeA
InterlockedDecrement
SetVolumeLabelA
GetLocaleInfoA
GetTimeZoneInformation
EnterCriticalSection
GetCurrentProcess
InterlockedIncrement
RtlUnwind
GetUserDefaultLCID
GetCommandLineA
GetTickCount
GetLastError
GetDateFormatA
GetOEMCP
GetVersionExA
SetEnvironmentVariableA
SetEvent
LCMapStringW
GetPrivateProfileSectionA
WriteConsoleW
HeapReAlloc
TerminateProcess
VirtualAlloc
MultiByteToWideChar
GetACP
TlsSetValue
CreateMutexA
TlsGetValue
VirtualFree
SetStdHandle
IsValidLocale
WriteFile
GetFileType
GetTimeFormatA
IsValidCodePage
TlsAlloc
LeaveCriticalSection
IsDebuggerPresent
GetStartupInfoA
HeapDestroy
WideCharToMultiByte
WriteConsoleA
LCMapStringA
TlsFree
UnhandledExceptionFilter
FlushFileBuffers
LoadLibraryA
FreeLibrary
HeapCreate
InterlockedExchange
GetCPInfo
EnumSystemLocalesA
GetEnvironmentStrings
CreateFileA
GetCurrentThreadId

advapi32

RegSetValueW
LookupPrivilegeNameW
RegEnumKeyExA
CryptSetHashParam
CryptReleaseContext
RegDeleteValueW

comctl32

ImageList_GetIconSize
ImageList_Remove
DrawStatusTextA
ImageList_AddIcon
ImageList_ReplaceIcon
MakeDragList
ImageList_SetImageCount
ImageList_DragShowNolock
GetEffectiveClientRect
ImageList_GetImageCount
ImageList_SetOverlayImage
_TrackMouseEvent
ImageList_EndDrag
ImageList_Write
InitCommonControlsEx
ImageList_LoadImage
ImageList_DrawEx
CreateUpDownControl
ImageList_Copy
ImageList_Destroy
ImageList_DrawIndirect
CreatePropertySheetPageA
ImageList_DragMove
ImageList_DragEnter

wininet

SetUrlCacheGroupAttributeA
InternetTimeFromSystemTimeA
GopherOpenFileW
InternetUnlockRequestFile
InternetSecurityProtocolToStringW
IncrementUrlCacheHeaderData
FtpRemoveDirectoryW
RegisterUrlCacheNotification

user32

MessageBeep
GetWindowRgn
OpenIcon
GetMenuBarInfo
CopyAcceleratorTableA
BroadcastSystemMessage
WINNLSEnableIME
DestroyWindow
GrayStringA
DefWindowProcW
RegisterClipboardFormatA
EnableMenuItem
BeginPaint
PostThreadMessageW
DialogBoxParamW
SetProcessWindowStation
FindWindowExA
CharNextW
OemToCharW
DdeSetQualityOfService
FillRect
LoadCursorFromFileW
SendNotifyMessageW
DefDlgProcW
LoadIconA
EnumDisplaySettingsA
DefWindowProcA
GetDC
CopyRect
EnumThreadWindows
IsClipboardFormatAvailable
RegisterClassA
LoadMenuIndirectA
SetWindowTextA
RegisterClassExA
DdeQueryStringW
SetMenu
ChildWindowFromPointEx
CreateWindowExW
CloseClipboard
GetKeyboardLayoutNameA
WinHelpA
SetMenuItemBitmaps
ReleaseDC
LoadCursorA
IsWindowEnabled
SetSystemCursor
MenuItemFromPoint
DdeCreateDataHandle
DdeDisconnectList
GetCursorPos
DispatchMessageW
AttachThreadInput
FreeDDElParam
SetWindowContextHelpId
ShowWindow
SetMenuInfo
CallNextHookEx
MessageBoxW
DlgDirSelectComboBoxExA
DrawIconEx
InsertMenuItemW
SubtractRect
SetLastErrorEx
ExcludeUpdateRgn
GetClassInfoA
SendIMEMessageExA
GetListBoxInfo
EnumClipboardFormats
EnumDesktopWindows
LookupIconIdFromDirectory
WindowFromDC

shell32

SHEmptyRecycleBinW
ExtractAssociatedIconExW
SHGetDataFromIDListW
ShellExecuteW
SHBrowseForFolder

gdi32

PolylineTo
CreateEnhMetaFileW
GetFontLanguageInfo
PolyBezier
GetTextExtentExPointA
SetDIBits
SetBkMode
CreateEllipticRgn
CreateFontW
CloseMetaFile

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f84c5caf58404f85f2ec0ee0503c0997

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

wininet

user32

shell32

gdi32

Sections

.text Size: 168KB - Virtual size: 164KB

.rdata Size: 404KB - Virtual size: 402KB

.data Size: 140KB - Virtual size: 165KB

.rsrc Size: 80KB - Virtual size: 77KB

.text
Size: 168KB - Virtual size: 164KB

.rdata
Size: 404KB - Virtual size: 402KB

.data
Size: 140KB - Virtual size: 165KB

.rsrc
Size: 80KB - Virtual size: 77KB