318b6389016856ae0499736a97c45e9fdea414b14f444814f30940e87eed4dbe

Sharing

Copy URL Twitter E-mail

General

Target

318b6389016856ae0499736a97c45e9fdea414b14f444814f30940e87eed4dbe
Size

661KB
MD5

83d53055a5d3092ffb5851718df52ded
SHA1

661a2dbef82f4367b89cfc530c710c3dfb5247fd
SHA256

318b6389016856ae0499736a97c45e9fdea414b14f444814f30940e87eed4dbe
SHA512

54eb86fd97bb2ea6b519a2ec9be5ad58966ea4e14d3291b4a0b3bab58e287c4c7f7f7bdb04c804aa4ff786d6aff269ac70c0fe1ddb04cb14473b61b4c35f22f7
SSDEEP

12288:wqdbNVzRMH4MNylc8MFx3xyrGTDpvpris06CF+V:waNVzRMH4MNl18iTDpvpriF6Cg

Score

N/A

Malware Config

Signatures

Files

318b6389016856ae0499736a97c45e9fdea414b14f444814f30940e87eed4dbe
.exe windows x86

08b7059869412d60d36fcd958a3f7bc3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetSetOptionA
InternetSetOptionExW
InternetSetOptionExA
HttpQueryInfoA
HttpSendRequestW
HttpOpenRequestA
InternetSetOptionW
HttpOpenRequestW
InternetConnectW
InternetCrackUrlW
InternetCloseHandle
InternetReadFile
InternetOpenA
HttpAddRequestHeadersA
InternetConnectA

psapi

GetModuleInformation
GetModuleBaseNameW
EnumProcesses
EnumProcessModules
GetModuleFileNameExW

kernel32

WideCharToMultiByte
CompareStringW
lstrlenW
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrlenA
GetCurrentThreadId
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpiW
SetLastError
GetLocalTime
GetModuleFileNameW
GlobalAddAtomW
CreateProcessW
GetCurrentProcessId
MoveFileW
DeleteFileW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetPrivateProfileStringW
SuspendThread
GetCommandLineW
Sleep
InitializeCriticalSection
OpenProcess
InterlockedIncrement
InterlockedDecrement
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GetTickCount
MulDiv
lstrcpyA
SetUnhandledExceptionFilter
GetFileSize
VirtualQuery
GetProcAddress
GetVersionExW
GetCurrentThread
lstrcatW
CreateDirectoryW
ExitThread
ExitProcess
LoadLibraryW
TerminateProcess
Thread32Next
Thread32First
CreateProcessA
lstrcmpiA
LoadLibraryA
lstrcpynW
ResetEvent
FileTimeToSystemTime
FileTimeToLocalFileTime
TerminateThread
FindClose
FindFirstFileW
WaitForMultipleObjects
lstrcpynA
VirtualProtect
GetModuleHandleA
GetStringTypeA
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
UnmapViewOfFile
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
HeapCreate
GetCPInfo
LCMapStringW
LCMapStringA
IsDebuggerPresent
UnhandledExceptionFilter
GetSystemTimeAsFileTime
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualFreeEx
VirtualQueryEx
VirtualAllocEx
CreateDirectoryA
CreateFileA
CopyFileW
CopyFileA
CopyFileExW
CopyFileExA
CreateMutexW
GetStartupInfoW
ReadProcessMemory
WriteProcessMemory
OpenEventW
SetThreadPriority
CreateThread
LoadLibraryExA
IsBadReadPtr
GetSystemTime
SetErrorMode
CreateJobObjectW
SetInformationJobObject
AssignProcessToJobObject
CreateFileMappingW
MapViewOfFile
GetSystemInfo
GlobalMemoryStatusEx
SetEnvironmentVariableA
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
RaiseException
QueryPerformanceFrequency
CreateFileW
ReadFile
GetCurrentProcess
FlushInstructionCache
MultiByteToWideChar
FlushFileBuffers
WriteFile
SetEvent
CreateEventW
CloseHandle
WaitForSingleObject
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
LeaveCriticalSection
GetLastError
EnterCriticalSection
GetStartupInfoA

user32

DispatchMessageW
EnumDesktopWindows
LoadImageW
RegisterWindowMessageW
SetForegroundWindow
GetActiveWindow
SetWindowsHookExW
ClientToScreen
CallNextHookEx
WindowFromPoint
DialogBoxParamW
CreateDialogParamW
TranslateMessage
GetMessageW
CreateDesktopW
GetThreadDesktop
PostThreadMessageW
FindWindowExW
CreateWindowExA
MessageBoxExA
MessageBoxExW
MessageBoxIndirectA
MessageBoxIndirectW
DialogBoxParamA
UnregisterClassA
PeekMessageW
GetDlgItemInt
MoveWindow
DestroyAcceleratorTable
CreateAcceleratorTableW
wsprintfW
SetDlgItemInt
CloseDesktop
GetSysColor
GetFocus
GetCapture
ReleaseCapture
CharLowerW
GetLastInputInfo
GetSystemMetrics
SetWindowLongW
CreateWindowExW
GetWindowLongW
PostMessageW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
SendMessageW
GetWindowRect
GetClientRect
ScreenToClient
ShowWindow
IsWindowVisible
RedrawWindow
SetTimer
KillTimer
EnableWindow
SetFocus
EndPaint
BeginPaint
GetCursorPos
SetCursor
DrawFocusRect
FillRect
PtInRect
CallWindowProcW
GetDlgCtrlID
SetCapture
IsWindowEnabled
InvalidateRect
UpdateWindow
UnhookWindowsHookEx
GetClassNameW
RegisterClassExW
SetRectEmpty
ExitWindowsEx
EndDialog
OffsetRect
ReleaseDC
GetDC
GetSubMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CharNextW
TrackPopupMenu
PostQuitMessage
DrawTextW
LoadCursorW
GetClassInfoExW
MonitorFromPoint
GetMonitorInfoW
DestroyMenu
SetMenuItemInfoW
LoadMenuW
DestroyWindow
GetWindow
SystemParametersInfoW
MapWindowPoints
SetWindowPos
UnregisterHotKey
RegisterHotKey
IsWindow
IsDialogMessageW
MessageBoxW
GetDlgItem
GetParent
DefWindowProcW
SetDlgItemTextW

gdi32

SetTextColor
GetStockObject
SaveDC
CreateFontIndirectW
SelectObject
DeleteObject
GetObjectW
RestoreDC
RoundRect
GetTextExtentPoint32W
ExtTextOutW
SetBkColor
CreateCompatibleDC
SetViewportOrgEx
CreateCompatibleBitmap
CreatePen
CreateSolidBrush
BitBlt
MoveToEx
LineTo
GetDeviceCaps
DeleteDC
SetBkMode

advapi32

RegCloseKey
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
InitiateSystemShutdownW
AdjustTokenPrivileges
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
OpenProcessToken
LookupPrivilegeValueW
RegOpenKeyExW

shell32

SHCreateDirectoryExW
SHFileOperationW
ShellExecuteExW
ShellExecuteExA
ShellExecuteA
SHGetFolderPathW
Shell_NotifyIconW
ShellExecuteW
SHGetFolderPathA
SHGetSpecialFolderPathW

ole32

CreateStreamOnHGlobal
CoGetClassObject
OleLockRunning
CoCreateGuid
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CLSIDFromString
OleInitialize
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CreateBindCtx
OleUninitialize

oleaut32

SysFreeString
SysAllocString
SysStringLen
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
SafeArrayGetVartype
VariantInit
VariantClear
VariantCopy
SysAllocStringLen
SafeArrayCopy
SafeArrayCreate
VariantChangeType
SysAllocStringByteLen
SysStringByteLen

shlwapi

PathFindFileNameW
StrStrIA
StrCmpNIW
PathFindExtensionW
StrChrIA
StrToIntA
StrCmpNIA
StrChrIW
PathRemoveFileSpecW
PathAppendW
StrStrIW
SHGetValueW
SHSetValueW
SHDeleteValueW
StrCatW
PathFileExistsW
StrCmpIW
StrCpyW
StrCpyNW
PathFileExistsA

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_Create

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winmm

PlaySoundA
PlaySoundW
waveOutWrite
SendDriverMessage
sndPlaySoundA
sndPlaySoundW
mciSendStringA
mciSendStringW
mciSendCommandA
mciSendCommandW

urlmon

CreateURLMoniker
CoInternetCreateSecurityManager

Sections

.text
Size: 420KB - Virtual size: 419KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

08b7059869412d60d36fcd958a3f7bc3

Headers

File Characteristics

Imports

wininet

psapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

version

winmm

urlmon

Sections

.text Size: 420KB - Virtual size: 419KB

.rdata Size: 106KB - Virtual size: 106KB

.data Size: 14KB - Virtual size: 31KB

.rsrc Size: 119KB - Virtual size: 120KB

.text
Size: 420KB - Virtual size: 419KB

.rdata
Size: 106KB - Virtual size: 106KB

.data
Size: 14KB - Virtual size: 31KB

.rsrc
Size: 119KB - Virtual size: 120KB