0544316fddb6690d7d1f6657d47870044f9dac69f1c5259d51d8007a4afd8a80

Sharing

Copy URL Twitter E-mail

General

Target

0544316fddb6690d7d1f6657d47870044f9dac69f1c5259d51d8007a4afd8a80
Size

432KB
MD5

9a06e16c04cf353b1567543b9c6ad5d1
SHA1

5b6a028b3ad86ac298759b0a6daf29469811aec2
SHA256

0544316fddb6690d7d1f6657d47870044f9dac69f1c5259d51d8007a4afd8a80
SHA512

ceb6bfa65bad323910d90101f2988467d4201dcc0500c5754e9cd7db93c867e538bd0873b05c670972bf01d2d3f4261a3c763e1d0dc2de94056e89d4a17ec25a
SSDEEP

6144:kptGv5CCN8YaJ6tDPfsZr5uzBEqnkRh2uy7Z5DGxIYtSm+jOJg6SZxXubGYgjU3:kbwCCNbK6lUcxnkfSvGNt0OaLsSYsU3

Score

N/A

Malware Config

Signatures

Files

0544316fddb6690d7d1f6657d47870044f9dac69f1c5259d51d8007a4afd8a80
.exe windows x86

5861ad1876754f88e0801365d2f31fea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
HeapCreate
GetProcAddress
GetACP
GetStringTypeA
IsValidCodePage
GetConsoleMode
SetHandleCount
GetCurrentThreadId
FreeEnvironmentStringsW
LoadLibraryA
CloseHandle
TlsGetValue
VirtualAlloc
VirtualFree
InterlockedIncrement
GetOEMCP
RtlUnwind
WriteConsoleA
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TlsAlloc
InterlockedDecrement
EnumResourceNamesA
GetModuleFileNameA
QueryPerformanceCounter
GetDateFormatA
GetCurrentThread
HeapDestroy
HeapSize
GetStartupInfoA
GetFileAttributesExA
IsValidLocale
WriteFile
EnterCriticalSection
GetTimeFormatA
FreeLibrary
GetCommandLineA
GetLocaleInfoW
TlsFree
HeapAlloc
SetFilePointer
LCMapStringA
WideCharToMultiByte
GetSystemTimeAdjustment
SetLastError
ExitProcess
GetTimeZoneInformation
GetStringTypeW
GetFileType
GetFileAttributesA
GetEnvironmentStringsW
GetConsoleOutputCP
GetLocaleInfoA
CreateFileA
MultiByteToWideChar
HeapFree
ReadFile
GetUserDefaultLCID
GetStdHandle
SetEnvironmentVariableA
GetConsoleCP
GetTickCount
EnumSystemLocalesA
WriteConsoleW
IsDebuggerPresent
GetCPInfo
InterlockedExchange
Sleep
LCMapStringW
FlushFileBuffers
HeapReAlloc
OpenMutexA
DeleteCriticalSection
TlsSetValue
CompareStringA
GetCurrentProcess
GetModuleHandleA
GetCurrentProcessId
LeaveCriticalSection
GetEnvironmentStrings
CompareStringW
SetStdHandle
CreateMutexA
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
VirtualQuery
SetUnhandledExceptionFilter
GetModuleHandleW
FreeEnvironmentStringsA
TerminateProcess
LocalReAlloc

comctl32

DrawInsert
ImageList_AddIcon
ImageList_SetImageCount
ImageList_Write
ImageList_Copy
ImageList_AddMasked
InitMUILanguage
ImageList_SetIconSize
CreateUpDownControl
InitCommonControlsEx
ImageList_SetFilter
ImageList_Read
ImageList_DragLeave
ImageList_Replace
ImageList_EndDrag
ImageList_DrawIndirect
DrawStatusText
ImageList_GetIconSize
ImageList_GetIcon

user32

SetSystemCursor
DlgDirListComboBoxA
RegisterClassA
CreateWindowExA
EmptyClipboard
TabbedTextOutA
GetCaretPos
RegisterClassExA
DefFrameProcA
GetComboBoxInfo
GetMenuItemInfoW
DefWindowProcA
DestroyWindow
CharNextW
MessageBoxW
ShowWindow
MapVirtualKeyW
CascadeWindows
PostThreadMessageA
GetClassInfoExW
SetCapture
RemoveMenu
SetKeyboardState
GetCapture
GetMenuDefaultItem
IsCharAlphaA
InSendMessage

comdlg32

PrintDlgW
ReplaceTextW
GetOpenFileNameA
PrintDlgA

shell32

SHFileOperation
ExtractAssociatedIconA
DoEnvironmentSubstA
SHLoadInProc

gdi32

GetOutlineTextMetricsW
GdiPlayScript
GetTextMetricsW
SetTextAlign
SetAbortProc
EnumFontFamiliesExW
GetPaletteEntries
SetViewportExtEx
CreateEnhMetaFileW
StartDocW
SetPixelFormat
StrokePath
GetAspectRatioFilterEx
SetBrushOrgEx
GetEnhMetaFileBits
CreateBrushIndirect
ExtCreatePen
EnumICMProfilesA

wininet

FtpCreateDirectoryW
InternetAlgIdToStringW
SetUrlCacheHeaderData
InternetShowSecurityInfoByURL
UrlZonesDetach
InternetOpenW
InternetGetLastResponseInfoW
SetUrlCacheEntryInfoW
HttpOpenRequestW

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5861ad1876754f88e0801365d2f31fea

Headers

File Characteristics

Imports

kernel32

comctl32

user32

comdlg32

shell32

gdi32

wininet

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 104KB - Virtual size: 100KB

.data Size: 92KB - Virtual size: 121KB

.rsrc Size: 72KB - Virtual size: 68KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 104KB - Virtual size: 100KB

.data
Size: 92KB - Virtual size: 121KB

.rsrc
Size: 72KB - Virtual size: 68KB