675c3443f86c24b9116af1c57dcfd58bd6b072b0ae3ee912cefa802f6c463cae

Sharing

Copy URL Twitter E-mail

General

Target

675c3443f86c24b9116af1c57dcfd58bd6b072b0ae3ee912cefa802f6c463cae
Size

315KB
MD5

842e02ee47e4dcd2c12dc24ed1271ee0
SHA1

5bc9396bee7fcfb9b00c0a4b0b21156af6ac9634
SHA256

675c3443f86c24b9116af1c57dcfd58bd6b072b0ae3ee912cefa802f6c463cae
SHA512

8b84326cba4b2e6741650b75104dfc295e97d2e20d141df758b9ab48c1ae357adcef1a2779db91c8be2e0933377cb88e060fdf141659216cced48aba6b21fad0
SSDEEP

3072:bT6WsE+W/N7CAa8CeAtgqsXUVQ3evCG33AOnsRFXb7pfP32vO1IqOZcGwPAGMKTX:bT6WsEtN7CAal/sQpbVSFL7gmAygu/

Score

N/A

Malware Config

Signatures

Files

675c3443f86c24b9116af1c57dcfd58bd6b072b0ae3ee912cefa802f6c463cae
.exe windows x86

74572b4ca093a8833e2681e3a8da96c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

msvcrt

_mbsrchr
_mbslen
__lconv_init
setlocale
_mbsinc
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_strnicmp
_stricmp
_except_handler3
strtoul
_ftol
strncpy
strchr
strrchr
??2@YAPAXI@Z
_mbschr
_c_exit
??3@YAXPAX@Z
_wcsicmp
isleadbyte
memmove
towlower
atoi
isspace
free
wcsncpy
strncmp

advapi32

RegOpenKeyA
LookupPrivilegeValueA
OpenProcessToken
LookupAccountSidA
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
RegCloseKey
RegQueryValueExA
RegEnumKeyA
RegQueryValueA
RegEnumKeyExA
RegSetValueExA
AdjustTokenPrivileges
RegOpenKeyExA

kernel32

ExitProcess
SetFilePointer
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetErrorMode
SetCurrentDirectoryA
GetModuleFileNameA
CloseHandle
CreateThread
LocalFree
FormatMessageA
LocalAlloc
GetCurrentProcess
GetProcAddress
GetModuleHandleA
GetLastError
CreateMutexA
GetVersionExA
GetVersion
LoadLibraryA
DeleteCriticalSection
WaitForSingleObject
lstrlenA
lstrcmpiA
LeaveCriticalSection
GetFileAttributesA
CreateFileA
GetCurrentDirectoryA
InitializeCriticalSection
lstrcpyA
HeapFree
HeapAlloc
SetLastError
GetDiskFreeSpaceA
CopyFileA
CreateDirectoryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetEnvironmentVariableA
lstrcpynA
DeleteFileA
SetFileAttributesA
lstrcatA
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
GetDriveTypeA
ExpandEnvironmentStringsA
FreeLibrary
LoadLibraryExA
DeviceIoControl
TerminateProcess
OpenProcess
FindClose
FindNextFileA
FindFirstFileA
CreateProcessA
lstrcmpA
SetEvent
CreateEventA
ResetEvent
WriteFile
SetCommState
GetCommState
SetCommTimeouts
ReadFile
ExitThread
WaitForMultipleObjects
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
GetProcessHeap
DebugBreak
IsDBCSLeadByte
UnmapViewOfFile
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
GetTempFileNameA
GetTempPathA
EnterCriticalSection

gdi32

GetDeviceCaps
CreateFontIndirectA
AddFontResourceA

user32

CharLowerA
GetClientRect
CopyRect
IsWindow
InvalidateRect
GetSysColor
SendDlgItemMessageA
SetFocus
LoadIconA
SetWindowLongA
RedrawWindow
LoadImageA
EnumChildWindows
GetWindowLongA
GetWindowRect
ScreenToClient
SetWindowPos
ShowWindow
SystemParametersInfoA
GetDC
ReleaseDC
wsprintfA
GetParent
PostMessageA
DialogBoxParamA
EnableWindow
EndDialog
GetDlgItem
SetTimer
FindWindowA
RegisterClassExA
LoadStringA
MessageBoxA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
SendMessageA
SetForegroundWindow
EnumThreadWindows
PostQuitMessage
DefWindowProcA
ExitWindowsEx

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetDesktopFolder
SHGetFileInfoA
SHBrowseForFolderA
SHGetSpecialFolderLocation

ole32

OleUninitialize
OleInitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CoUninitialize

comdlg32

GetOpenFileNameA

comctl32

PropertySheetA
InitCommonControlsEx
CreatePropertySheetPageA

setupapi

SetupGetLineCountA
SetupGetStringFieldA
SetupFindNextLine
SetupCloseInfFile
SetupOpenInfFileA
SetupOpenAppendInfFileA
SetupFindFirstLineA

log

LogBegin
SuppressAllLogPopups
LogDeleteOnNextInit
LogEnd
LogA
LogReInitA

shlwapi

ord16
StrChrIA
SHGetValueA
PathIsDirectoryA
StrDupA
PathCombineA
StrCmpNIA
PathIsRootA
PathAppendA

cabinet

ord10
ord11
ord14
ord13

migisma

IsmSetRollbackJournalType
IsmDoesRollbackDataExist
IsmPreserveJournal
IsmCanWriteRollbackJournal
IsmTerminate
IsmSetCancel
IsmSave
IsmRollback
IsmLoad
IsmRemoveAllUserSuppliedComponents
IsmSelectMasterGroup
IsmEnumFirstComponent
IsmEnumNextComponent
IsmExecute
IsmRegisterTransport
IsmSelectTransport
IsmSetTransportStorage
IsmSendMessageToApp
IsmAddControlFile
IsmAppendEnvironmentMultiSz
IsmSetEnvironmentValue
IsmRegisterProgressBarCallback
IsmIsComponentSelected
IsmSelectComponent
IsmAddComponentAlias
IsmStartEtmModules
IsmSetEnvironmentString
IsmGetRealPlatform
IsmGetTempFile
TrackedIsmCreateSimpleObjectPattern
TrackedIsmExpandEnvironmentString
IsmGetTempStorage
TrackedIsmGetMemory
TrackedIsmDuplicateString
IsmGetEnvironmentMultiSz
IsmSetEnvironmentMultiSz
IsmGetObjectTypeName
TrackedIsmGetNativeObjectName
IsmGetObjectTypeId
IsmAcquireObjectEx
TrackedIsmCreateObjectStringsFromHandleEx
TrackedIsmCreateObjectHandle
IsmAbortObjectEnum
IsmEnumNextObject
IsmGetControlFile
IsmEnumFirstSourceObjectEx
IsmIsSystemScopeSelected
IsmReleaseObject
IsmDestroyObjectString
IsmReleaseMemory
IsmDestroyObjectHandle
IsmReplacePhysicalObject
IsmSetEnvironmentFlag
IsmSetPlatform
IsmInitialize
IsmStartTransport
IsmGetActiveScopeName

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 229KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

74572b4ca093a8833e2681e3a8da96c6

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

shell32

ole32

comdlg32

comctl32

setupapi

log

shlwapi

cabinet

migisma

Sections

.text Size: 83KB - Virtual size: 83KB

.data Size: 2KB - Virtual size: 17KB

.rsrc Size: 229KB - Virtual size: 232KB

.text
Size: 83KB - Virtual size: 83KB

.data
Size: 2KB - Virtual size: 17KB

.rsrc
Size: 229KB - Virtual size: 232KB