354261d3acd547640678b9f1fe81a279a20a1945cee1745c4d404ac286311bf2

Sharing

Copy URL Twitter E-mail

General

Target

354261d3acd547640678b9f1fe81a279a20a1945cee1745c4d404ac286311bf2
Size

176KB
MD5

91804f62e21a4bede4dd994cd7c0d650
SHA1

77bfc1a0b0ba907270e0502d4d381227711270b5
SHA256

354261d3acd547640678b9f1fe81a279a20a1945cee1745c4d404ac286311bf2
SHA512

95789f6e7a120db4c543dd8b4a6b3018c0feed9e6fde9b1da05a34ff9f65562ee827877a0034dfee1679d7609ff9f300a36616d0f4e0edd342194c9edcff9024
SSDEEP

3072:5fZQGJDrVwed1ddlaqpXjHwF4q4A1j7ERzTBfC0qIJ0vC4MdvW/BD:J/JnVwedjfaqpXjtA1KzTBqpu4M4J

Score

N/A

Malware Config

Signatures

Files

354261d3acd547640678b9f1fe81a279a20a1945cee1745c4d404ac286311bf2
.exe windows x86

15dc9df1d2ac53d6b6ebcc6a3c4d9355

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsA
GetDateFormatA
GetTimeFormatA
GetLocalTime
GetModuleHandleA
CloseHandle
TerminateProcess
GlobalAlloc
WideCharToMultiByte
CreateDirectoryA
LocalAlloc
MultiByteToWideChar
DeleteFileA
GetCurrentProcess
lstrcmpiA
GetStartupInfoA
FindNextFileA
RemoveDirectoryA
MoveFileA
GetFileAttributesA
MulDiv
GetSystemDirectoryA
FreeLibrary
WaitForSingleObject
GetVersionExA
GlobalMemoryStatus
WritePrivateProfileStringA
GetModuleFileNameA
LoadLibraryExA
GetTempPathA
LoadLibraryA
GetProcAddress
GetWindowsDirectoryA
CopyFileA
GetShortPathNameA
GetPrivateProfileStringA
SleepEx
LocalFree
GlobalFree
GetCurrentDirectoryA
lstrlenA
SetCurrentDirectoryA
lstrcpyA
lstrcatA
FindFirstFileA
FindClose
OpenProcess

user32

FillRect
IntersectRect
OffsetRect
UpdateWindow
SetForegroundWindow
GetWindowThreadProcessId
MessageBoxA
PostQuitMessage
EnableMenuItem
GetSystemMenu
SetWindowPos
EnumWindows
DestroyWindow
GetWindowRect
GetDlgItem
ShowWindow
SendDlgItemMessageA
GetMessageA
IsDialogMessageA
TranslateAcceleratorA
GetDC
FindWindowA
SendMessageTimeoutA
CharUpperBuffA
CharPrevA
CharNextA
LoadAcceleratorsA
LoadBitmapA
CharLowerA
LoadStringA
GetSystemMetrics
CreateWindowExA
DeleteMenu
BeginPaint
EndPaint
DefWindowProcA
DefDlgProcA
LoadIconA
LoadCursorA
RegisterClassA
CreateDialogParamA
PeekMessageA
TranslateMessage
DispatchMessageA
ExitWindowsEx
GetWindowLongA
SetWindowLongA
InvalidateRect
SendMessageA
DrawFocusRect
GetSysColor
IsDlgButtonChecked
CheckDlgButton
SetFocus
EnableWindow
GetWindowDC
GetClientRect
SystemParametersInfoA
ReleaseDC
GetDlgItemTextA
EndDialog
CallWindowProcA
SetWindowTextA
wsprintfA
SetDlgItemTextA
UnregisterClassA

gdi32

DeleteObject
SelectObject
CreateFontIndirectA
ExtTextOutA
GetTextMetricsA
SetBkColor
SetTextColor
DeleteDC
BitBlt
CreateCompatibleDC
TextOutA
SetBkMode
CreateFontA
CreateSolidBrush
GetDeviceCaps
GetStockObject
LineTo
MoveToEx
CreatePen
GetTextExtentPoint32A

advapi32

LookupPrivilegeValueA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
OpenProcessToken
RegCloseKey
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges

ole32

CoCreateInstance
CoUninitialize
CoInitialize

comdlg32

GetOpenFileNameA

shell32

ShellExecuteA
ShellExecuteExA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

msvcrt

strcmp
calloc
free
__mb_cur_max
_isctype
_pctype
strncpy
strncmp
strcat
fgets
strstr
fputs
exit
memcpy
_snprintf
_ui64toa
strlen
memmove
memset
strcpy
fopen
fread
fclose
rand
srand
time
atol
_atoi64
_chdir
atoi
sprintf
fwrite
_ftol
malloc
strtok
??2@YAPAXI@Z
remove
ftell
fseek
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_itoa
_strcmpi
_strdup
??3@YAXPAX@Z

Exports

Exports

ZIP_CloseArchive
ZIP_ExtractFile
ZIP_FindFree
ZIP_FindInit
ZIP_FindNext
ZIP_OpenArchive
ZIP_TestArchive

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

15dc9df1d2ac53d6b6ebcc6a3c4d9355

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

comdlg32

shell32

version

msvcrt

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 16KB - Virtual size: 213KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 16KB - Virtual size: 213KB

.rsrc
Size: 24KB - Virtual size: 24KB