e759d3ceeb381bbcce4c93c0c997c26733e8cce4e0694260fb05bf64f34154ed

Sharing

Copy URL Twitter E-mail

General

Target

e759d3ceeb381bbcce4c93c0c997c26733e8cce4e0694260fb05bf64f34154ed
Size

2.0MB
MD5

95bd12c5af458876ba17b866badc0177
SHA1

03a874756b6644baec5be9043fc7708da2d47f2d
SHA256

e759d3ceeb381bbcce4c93c0c997c26733e8cce4e0694260fb05bf64f34154ed
SHA512

eef4a42f7f69420aafd781d5f73ab0778a555fd153421690bc26b1d3b8cfa15d1f584da1441f8a4d1b40b32ef81f3f9b5482e6ae3349278a2533d4b6bf8fed8b
SSDEEP

49152:RDAPqlwAkJdOG2+gTcqmLewWU5+ylde+Tne:R0PqFXG27ce1yc

Score

N/A

Malware Config

Signatures

Files

e759d3ceeb381bbcce4c93c0c997c26733e8cce4e0694260fb05bf64f34154ed
.exe windows x86

6e67dc744527058bb7766985eac05b1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
InternetSetOptionA
InternetOpenUrlW
InternetOpenUrlA
InternetCloseHandle
InternetOpenW
InternetOpenA
InternetSetOptionW
HttpQueryInfoW

ws2_32

select
setsockopt
recv
socket
gethostbyname
send
htons
inet_ntoa
WSAStartup
closesocket
WSAGetLastError
inet_addr
connect

user32

OffsetRect
CharNextA
ShowCaret
SetCaretPos
ClientToScreen
GetSysColor
HideCaret
CreateCaret
DrawTextW
DrawIconEx
FillRect
CharPrevW
IsRectEmpty
IntersectRect
SetCursor
DrawFocusRect
CharNextW
LoadBitmapW
GetClassInfoExW
SetPropW
GetPropW
LoadCursorW
CallWindowProcW
DefWindowProcW
RegisterClassW
EnableWindow
DestroyIcon
MonitorFromWindow
TranslateAcceleratorW
GetUpdateRect
UpdateLayeredWindow
TranslateMessage
SetWindowRgn
GetKeyState
ScreenToClient
GetFocus
InvalidateRect
IsWindow
SetFocus
GetMonitorInfoW
CreateWindowExW
GetMessageW
BeginPaint
PtInRect
ReleaseCapture
EndPaint
MoveWindow
RedrawWindow
GetAsyncKeyState
CreateAcceleratorTableW
DestroyAcceleratorTable
InvalidateRgn
RegisterClassExW
GetWindowTextW
RegisterWindowMessageW
SetWindowTextW
KillTimer
GetWindowLongW
PostQuitMessage
IsWindowVisible
SetWindowLongW
FindWindowW
GetWindowThreadProcessId
SetTimer
SendMessageW
DestroyWindow
IsChild
DispatchMessageW
ReleaseDC
SetCapture
GetWindowTextLengthW
GetForegroundWindow
GetWindowRect
AttachThreadInput
GetWindow
MapWindowPoints
IsIconic
SystemParametersInfoW
GetClientRect
IsZoomed
ExitWindowsEx
GetDC
GetParent
LoadStringW
GetSystemMetrics
SetForegroundWindow
ShowWindow
LoadImageW
SetWindowPos
GetCursorPos
PostMessageW

riched20

ord4

msimg32

AlphaBlend

comctl32

_TrackMouseEvent

shlwapi

PathFileExistsW
PathSkipRootW
PathCombineW

kernel32

LCMapStringW
LCMapStringA
RtlUnwind
RaiseException
HeapReAlloc
GetSystemTimeAsFileTime
GetStartupInfoW
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedExchange
GetCPInfo
GetExitCodeThread
TerminateThread
CreateThread
WaitForMultipleObjects
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetStdHandle
GetModuleFileNameA
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoA
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
QueryPerformanceCounter
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LoadLibraryA
GetLocaleInfoW
DeleteCriticalSection
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetThreadLocale
InterlockedIncrement
ExitThread
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree
MulDiv
FindResourceW
FindFirstFileW
FindNextFileW
CreateSemaphoreW
InterlockedDecrement
FreeResource
SizeofResource
LockResource
LoadResource
lstrcmpiW
lstrlenW
GetDiskFreeSpaceExW
GetLogicalDriveStringsW
GetDriveTypeW
GetVolumeInformationW
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetTickCount
CloseHandle
WritePrivateProfileStringW
FreeLibrary
Module32FirstW
WaitForSingleObject
CreateToolhelp32Snapshot
CreateProcessW
GetPrivateProfileStringW
GetCurrentProcessId
LoadLibraryW
GetLastError
Module32NextW
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
ReadFile
CreateFileW
SetFileTime
WriteFile
SetFilePointer
SetEndOfFile
GetFileSize
SetFileAttributesW
ExpandEnvironmentStringsW
GetFileAttributesW
DeleteFileW
RemoveDirectoryW
CreateDirectoryW
Sleep
SetEvent
ResetEvent
CreateEventW
GetExitCodeProcess
SuspendThread
ResumeThread
TerminateProcess
EnterCriticalSection
FindClose
InitializeCriticalSection
LeaveCriticalSection
GetDiskFreeSpaceW
GetCurrentProcess
GetCurrentThreadId
GetCurrentDirectoryW
MoveFileW
GetFullPathNameW
MoveFileExW
SetCurrentDirectoryW
ReleaseSemaphore

gdi32

SelectClipRgn
SetBkColor
SetBkMode
StretchBlt
GetTextExtentPoint32W
TextOutW
ExtSelectClipRgn
GetCharABCWidthsW
SetBitmapBits
ExtTextOutW
CreateSolidBrush
GetBitmapBits
GetClipBox
GetDeviceCaps
CreateCompatibleBitmap
SetStretchBltMode
SetTextColor
DeleteObject
SelectObject
GetStockObject
BitBlt
GetObjectW
CreateRectRgnIndirect
CombineRgn
CreateRoundRectRgn
DeleteDC
CreateDIBSection
CreateFontIndirectW
Rectangle
CreateRectRgn
GetTextMetricsW
CreatePen
CreateEllipticRgn
RoundRect
CreateCompatibleDC

advapi32

OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegEnumValueW

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
SHGetFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
ShellExecuteW

ole32

OleLockRunning
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CoInitializeEx
CoCreateInstance
OleInitialize
CreateStreamOnHGlobal

oleaut32

SysAllocString
SysFreeString
OleLoadPicture
VariantClear

Sections

.text
Size: 892KB - Virtual size: 891KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e67dc744527058bb7766985eac05b1c

Headers

File Characteristics

Imports

wininet

ws2_32

user32

riched20

msimg32

comctl32

shlwapi

kernel32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 892KB - Virtual size: 891KB

.rdata Size: 144KB - Virtual size: 143KB

.data Size: 20KB - Virtual size: 27KB

.tls Size: 4KB - Virtual size: 9B

.rsrc Size: 140KB - Virtual size: 139KB

.text
Size: 892KB - Virtual size: 891KB

.rdata
Size: 144KB - Virtual size: 143KB

.data
Size: 20KB - Virtual size: 27KB

.tls
Size: 4KB - Virtual size: 9B

.rsrc
Size: 140KB - Virtual size: 139KB