96bc2a82eb41f78a51748d27f016fb3a8d59cee65b3ec2800785ef12112869d2

Sharing

Copy URL

Twitter E-mail

General

Target

96bc2a82eb41f78a51748d27f016fb3a8d59cee65b3ec2800785ef12112869d2
Size

838KB
MD5

919906a2b507561cfea7942d316bddc0
SHA1

b1b789a765d087397fdbba7a70e7861dcd8ae22b
SHA256

96bc2a82eb41f78a51748d27f016fb3a8d59cee65b3ec2800785ef12112869d2
SHA512

12eee830d131893f3863813ae2ebdc5615f8ef8d93aed368ed549421ebdedb8517ba72ad3609ef2ab0711b6c00ee9220b6c5a8c5ad65e645d2120c106a0d21dd
SSDEEP

24576:zPKS9F9+qauR8HqWlBdJ+quuR3HqglBdxgXDeg:TfFIg

Score

N/A

Malware Config

Signatures

Files

96bc2a82eb41f78a51748d27f016fb3a8d59cee65b3ec2800785ef12112869d2
.exe windows x86

1e46f4583a675374f36458d6e46088f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
CreateEventA
CreateThread
SetEvent
TerminateProcess
DebugBreak
WaitForSingleObject
WaitForMultipleObjects
lstrlenA
ExitProcess
MultiByteToWideChar
MulDiv
InterlockedDecrement
CreateToolhelp32Snapshot
Process32First
Process32Next
CreateMutexA
LCMapStringW
LCMapStringA
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
HeapSize
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
GetOEMCP
SetLastError
GetCPInfo
GetStdHandle
HeapCreate
HeapDestroy
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetStartupInfoA
GetCommandLineA
HeapReAlloc
MoveFileA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
FlushInstructionCache
OutputDebugStringA
lstrcmpA
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAllocEx
OpenProcess
FreeLibrary
SizeofResource
LockResource
LoadResource
FindResourceA
EnumResourceNamesA
LoadLibraryExA
SetFilePointer
GetLastError
WriteFile
GetModuleFileNameA
GetVersion
Sleep
SetCurrentDirectoryA
GetCurrentProcess
CreateDirectoryA
GetFileAttributesA
DeleteFileA
lstrcmpiA
GetPrivateProfileIntA
SetEndOfFile
ReadFile
GetFileSize
CreateFileA
GetModuleHandleA
GetProcAddress
CloseHandle
GetACP
CreateProcessA

user32

EndDialog
SetWindowTextA
DestroyCursor
SetCursor
TrackPopupMenu
GetWindowDC
GetClassNameA
RegisterClassExA
GetClassInfoExA
IsWindowVisible
DefWindowProcA
LoadCursorA
SetRect
GetCursorPos
GetPropW
EnumWindows
SystemParametersInfoA
ReleaseDC
CreateWindowExA
SetLayeredWindowAttributes
SetRectEmpty
DialogBoxIndirectParamA
CallWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
PostQuitMessage
GetWindowLongA
EnumChildWindows
GetSystemMenu
KillTimer
CharNextA
SetTimer
GetWindow
MapWindowPoints
MessageBoxA
SetPropW
DrawTextA
GetWindowTextA
GetParent
ScreenToClient
OffsetRect
GetWindowTextLengthA
EndPaint
BeginPaint
RedrawWindow
TrackMouseEvent
GetClientRect
InvalidateRect
SetWindowRgn
IsWindow
LoadBitmapA
DestroyWindow
SetWindowLongA
CreateDialogParamA
PtInRect
SetFocus
ShowWindow
SetWindowPos
MoveWindow
SetParent
SendMessageA
GetWindowThreadProcessId
GetDesktopWindow
GetShellWindow
GetIconInfo
CreateIconFromResource
CreateIconFromResourceEx
CreateIconIndirect
DrawIconEx
FillRect
GetDC
wsprintfA
GetMonitorInfoA
MonitorFromRect
GetWindowRect
GetForegroundWindow
GetSystemMetrics
DestroyIcon
LoadImageA
PostMessageA
FindWindowExA
FindWindowA
SetForegroundWindow
UnregisterClassA

gdi32

CreateBitmap
GetStockObject
CreateSolidBrush
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontW
GetObjectA
ExtTextOutA
TextOutA
GetDeviceCaps
DPtoLP
CreateFontIndirectA
CreatePatternBrush
GetDIBits
DeleteDC
DeleteObject
CreateRectRgn
CombineRgn
SetViewportOrgEx
BitBlt
StretchBlt
GetBkColor
SetBkColor
SetTextColor
SetBkMode

advapi32

LookupPrivilegeValueA
OpenProcessToken
CryptAcquireContextA
CryptDecrypt
CryptDestroyHash
CryptDeriveKey
CryptHashData
CryptCreateHash
AdjustTokenPrivileges

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoTaskMemFree
CoUninitialize

shlwapi

StrCmpNIA
PathFileExistsA
PathRemoveFileSpecA

ws2_32

WSAStartup
socket
closesocket
inet_ntoa
gethostbyname
sendto
inet_addr
htons

psapi

GetModuleFileNameExA

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 636KB - Virtual size: 636KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e46f4583a675374f36458d6e46088f3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

ws2_32

psapi

Sections

.text Size: 156KB - Virtual size: 154KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 636KB - Virtual size: 636KB

.text
Size: 156KB - Virtual size: 154KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 636KB - Virtual size: 636KB