ab2b6ade3f3c8168b2e27181e07a140c005210803c2baebf78dcff3c57ab2de8

Sharing

Copy URL

Twitter E-mail

General

Target

ab2b6ade3f3c8168b2e27181e07a140c005210803c2baebf78dcff3c57ab2de8
Size

276KB
MD5

911006c687ca12af58575bef768af814
SHA1

1f87a33f46a16ca3da4ff7cd6d3650f60d86ea5f
SHA256

ab2b6ade3f3c8168b2e27181e07a140c005210803c2baebf78dcff3c57ab2de8
SHA512

b7ef06d393b3d671f9366a72557f3bdda5657ef73095abfbd7de2429b3e3b37595b926adceaa667a97b3280cb5763edfc43cda7a15c7964533d8beabefce0421
SSDEEP

6144:Uw3a1EPDANdxewjciDj/YlYhlPXfoY+0i5mv0x4I/:UESDW8PVRigv0x4I

Score

N/A

Malware Config

Signatures

Files

ab2b6ade3f3c8168b2e27181e07a140c005210803c2baebf78dcff3c57ab2de8
.exe windows x86

28f48d4c6eb56da97dfe67a8900e7709

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmSetOpenStatus
ImmGetContext
ImmGetIMEFileNameA
ImmGetConversionStatus
ImmSetConversionStatus
ImmReleaseContext
ImmCreateContext
ImmAssociateContext
ImmDestroyContext
ImmNotifyIME
ImmIsIME

kernel32

WriteFile
SetFilePointer
CreateFileA
GetLocaleInfoA
GetSystemDirectoryA
DeleteFileA
GetSystemDefaultLCID
GetSystemInfo
RemoveDirectoryA
Sleep
lstrcpyW
lstrlenW
WideCharToMultiByte
lstrcmpA
GetWindowsDirectoryA
lstrcpynA
GetEnvironmentVariableA
CreateDirectoryA
GetPrivateProfileStringA
FlushFileBuffers
GetProcAddress
CompareStringW
SetStdHandle
ReadFile
SetConsoleCtrlHandler
GetTimeZoneInformation
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFullPathNameA
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
TerminateProcess
LCMapStringW
LCMapStringA
HeapFree
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
FindFirstFileA
InterlockedExchange
GetDriveTypeA
FileTimeToLocalFileTime
GetCurrentThread
GetCurrentProcess
GetLastError
FreeLibrary
LoadLibraryA
GetFileAttributesA
WinExec
lstrcatA
GetTickCount
ReleaseMutex
WaitForSingleObject
UnmapViewOfFile
CloseHandle
CreateMutexA
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
lstrlenA
lstrcpyA
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
lstrcmpiA
CompareStringA
GetCommandLineA
SetEnvironmentVariableA
FileTimeToSystemTime
FindClose
HeapAlloc
RtlUnwind
GetCurrentThreadId
SetLastError
GetVersionExA
LocalAlloc
GetModuleFileNameA
GetBinaryTypeA
LocalFree

user32

CharLowerA
LoadKeyboardLayoutA
SystemParametersInfoA
wsprintfA
IsCharAlphaA
GetKeyboardLayoutList
GetDlgItem
SetFocus
wsprintfW
DialogBoxParamA
DialogBoxParamW
FindWindowA
EnumChildWindows
GetDC
wvsprintfA
ReleaseDC
DrawTextW
DrawTextA
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextW
GetWindowTextA
SetWindowTextW
SetWindowTextA
MessageBoxW
MessageBoxA
IsDialogMessageW
IsDialogMessageA
DefWindowProcW
DefWindowProcA
CallWindowProcW
CallWindowProcA
GetWindowLongW
GetWindowLongA
SetWindowLongW
SetWindowLongA
DispatchMessageW
DispatchMessageA
PeekMessageW
PeekMessageA
PostMessageW
IsWindowUnicode
SendMessageW
SendMessageA
GetClassNameA
SendMessageTimeoutA
PostMessageA
RegisterWindowMessageA
CharNextA
PostThreadMessageA
EnumWindows
UnloadKeyboardLayout
GetSysColor
GetKeyboardLayout
EndDialog

gdi32

TextOutW
TextOutA

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorA
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
GetSecurityDescriptorDacl
AllocateAndInitializeSid
IsValidSid
FreeSid
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegQueryValueExW
RegOpenKeyA
RegCreateKeyExW
RegSetValueExW
GetUserNameA
OpenThreadToken
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
InitializeSecurityDescriptor
RegSetKeySecurity
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
RegFlushKey
LookupPrivilegeValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegCloseKey
RegEnumValueA
RegDeleteValueA
RegSetValueExA
RegEnumKeyExA
RegUnLoadKeyA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

ole32

CoInitialize
StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoUninitialize

msi

ord81

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

28f48d4c6eb56da97dfe67a8900e7709

Headers

File Characteristics

Imports

imm32

kernel32

user32

gdi32

advapi32

shell32

ole32

msi

Sections

.text Size: 144KB - Virtual size: 140KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 32KB - Virtual size: 42KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 144KB - Virtual size: 140KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 32KB - Virtual size: 42KB

.rsrc
Size: 76KB - Virtual size: 76KB