d85162a361bbe41ce8e1a427aa21336b761acec1c49491caa5ef4c287d8fb266

Sharing

Copy URL Twitter E-mail

General

Target

d85162a361bbe41ce8e1a427aa21336b761acec1c49491caa5ef4c287d8fb266
Size

1.3MB
MD5

91e9654b1d4beba82aa324406f796afa
SHA1

c92aa2296e08bc17cd94a2dabd1164de3a8e87f4
SHA256

d85162a361bbe41ce8e1a427aa21336b761acec1c49491caa5ef4c287d8fb266
SHA512

db7ec8bae396090ce8eb2cd0946c7bb512506647f450aba2a21aa20a38dfa8d6a868d7617bcd23c8b19ddc1b0e3d57567b8265b9bf5f9244405bc7c4788bced0
SSDEEP

24576:AK2+E4Yj5wGIvwkLAzvJ0y/E7PZ5Ea0sKGHQ9Kw1jV41A8WDtxuu7:AQGj5wGL3ZE7vh0Gw9KwNI2n7

Score

N/A

Malware Config

Signatures

Files

d85162a361bbe41ce8e1a427aa21336b761acec1c49491caa5ef4c287d8fb266
.exe windows x86

081bc1849029a0e7b203c97b7eca7688

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExA
WideCharToMultiByte
DeviceIoControl
GetVersionExA
InitializeCriticalSection
DeleteCriticalSection
GetLastError
SetFileTime
SystemTimeToFileTime
SetEndOfFile
FlushFileBuffers
LeaveCriticalSection
EnterCriticalSection
FileTimeToSystemTime
FindClose
FindFirstFileA
CreateDirectoryA
SetLastError
GetCommandLineA
ExitProcess
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
lstrlenW
lstrcmpA
MulDiv
InterlockedIncrement
InterlockedDecrement
FlushInstructionCache
lstrcpyA
GetTempPathA
WinExec
GetVersion
GetACP
LoadLibraryExA
IsDBCSLeadByte
ReadFile
GetWindowsDirectoryA
lstrcatA
ReleaseMutex
CreateMutexA
WaitForMultipleObjects
CreateEventA
Sleep
CreateThread
WaitForSingleObject
CreateProcessA
GetStartupInfoA
WritePrivateProfileStringA
GetCurrentDirectoryW
ExpandEnvironmentStringsW
GetFileAttributesW
InterlockedCompareExchange
AreFileApisANSI
UnlockFile
LockFile
LockFileEx
CreateFileW
GetTempPathW
DeleteFileW
GetFullPathNameA
GetFullPathNameW
GetDiskFreeSpaceA
GetDiskFreeSpaceW
LoadLibraryW
FormatMessageA
QueryPerformanceCounter
lstrlenA
GetSystemTimeAsFileTime
FindNextFileA
GetSystemDirectoryA
SetEvent
SetThreadLocale
GlobalFree
GlobalHandle
LoadResource
TerminateProcess
OpenProcess
CreateToolhelp32Snapshot
Process32First
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
InterlockedExchange
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCurrentThread
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
HeapCreate
FatalAppExitA
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualProtect
IsDebuggerPresent
UnhandledExceptionFilter
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LockResource
SizeofResource
Process32Next
lstrcmpiA
RaiseException
GetLocalTime
GetModuleHandleA
SuspendThread
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
CloseHandle
SetUnhandledExceptionFilter
FindResourceA
GetFileAttributesA
GetFileSize
SetFileAttributesA
DeleteFileA
MoveFileA
SetFilePointer
WriteFile
GetPrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
OutputDebugStringA
GetCurrentDirectoryA
lstrcpynA
GetSystemTime
GetModuleFileNameA

user32

PostQuitMessage
GetForegroundWindow
GetClassNameA
GetWindowTextA
GetWindowRect
GetWindowThreadProcessId
UnregisterClassA
EnumWindows
CreateDialogIndirectParamA
PeekMessageA
LoadImageA
TranslateMessage
DispatchMessageA
wsprintfA
wsprintfW
OffsetRect
SetWindowRgn
UpdateWindow
ShowWindow
SetForegroundWindow
MessageBoxA
SetWindowLongA
PostMessageA
CharUpperA
IsWindow
GetWindowLongA
FindWindowA
GetMessageA
GetSystemMetrics
CallWindowProcA
GetDlgItem
SendMessageA
DestroyWindow
GetWindow
MapDialogRect
CreateWindowExA
SetWindowPos
GetClientRect
IsWindowVisible
SetTimer
KillTimer
SetWindowContextHelpId
IsDialogMessageA
MapWindowPoints
GetMonitorInfoA
SystemParametersInfoA
MonitorFromWindow
GetParent
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
ScreenToClient
ClientToScreen
MoveWindow
CreateAcceleratorTableA
GetDC
ReleaseDC
GetDesktopWindow
CharNextA
RedrawWindow
BeginPaint
FillRect
EndPaint
IsChild
SetFocus
GetFocus
GetSysColor
DestroyAcceleratorTable
GetWindowTextLengthA
SetWindowTextA
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA

gdi32

CreateRectRgn
GetStockObject
GetObjectA
GetDeviceCaps
CreateSolidBrush
CreateRoundRectRgn
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject
CombineRgn

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegOpenKeyA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegQueryValueExW
RegOpenKeyExW
GetTokenInformation
OpenProcessToken
RegSetValueExW
RegCreateKeyW
RegOpenKeyW
RegCloseKey

shell32

SHChangeNotify
ShellExecuteA
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetFolderPathA
SHGetSpecialFolderPathA

ole32

CoInitializeSecurity
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
OleLockRunning
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
OleRun

oleaut32

OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
VariantChangeType
VarUI4FromStr
VarBstrCmp
VariantTimeToSystemTime
VarBstrCat
SafeArrayDestroy
SafeArrayGetElement
CreateErrorInfo
SafeArrayGetUBound
SafeArrayGetLBound
GetErrorInfo
SetErrorInfo
SysAllocString
SysStringLen
SysAllocStringLen
VariantClear
VariantInit
VariantCopy
SysFreeString

shlwapi

PathGetArgsA
PathIsURLA
PathRemoveFileSpecA
PathSkipRootA
PathFileExistsA
PathRemoveExtensionA
StrCpyNW

comctl32

InitCommonControlsEx

rpcrt4

UuidCreate

wininet

InternetCrackUrlA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
HttpQueryInfoA
InternetCloseHandle
InternetReadFile
InternetOpenA
InternetSetOptionA
InternetConnectA
InternetAttemptConnect

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 34KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

081bc1849029a0e7b203c97b7eca7688

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

rpcrt4

wininet

version

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 130KB - Virtual size: 130KB

.data Size: 34KB - Virtual size: 45KB

.rsrc Size: 90KB - Virtual size: 92KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 130KB - Virtual size: 130KB

.data
Size: 34KB - Virtual size: 45KB

.rsrc
Size: 90KB - Virtual size: 92KB