8a0b92bb9a96a9ab3ea9a86b4d732c5ae0b6bbeea318a95af54ea507422eb6cc

Sharing

Copy URL

Twitter E-mail

General

Target

8a0b92bb9a96a9ab3ea9a86b4d732c5ae0b6bbeea318a95af54ea507422eb6cc
Size

1.1MB
MD5

90d3a46749064261f52e2b86ba24bdf0
SHA1

4170339ae1697ddf50bfd308eeda65ba863498fe
SHA256

8a0b92bb9a96a9ab3ea9a86b4d732c5ae0b6bbeea318a95af54ea507422eb6cc
SHA512

52a43c6ac13caec8268559cf70b3d3e5e4f573d759d1164ddb2bbc57059e0ac6aadab472e217cd2c3ef6c6ba6e34df759beff8cb8539fe42cef3cf7d99e76774
SSDEEP

24576:2VlVcOsONZ43oyYjnz++7e++2psIawLcInN8eo0bl0RExAPA/2zIEd56Dlm4MFpN:26FWZ43oyYjnz++7e++2psIawLcInN8d

Score

N/A

Malware Config

Signatures

Files

8a0b92bb9a96a9ab3ea9a86b4d732c5ae0b6bbeea318a95af54ea507422eb6cc
.exe windows x86

9638dc8c81af07a7bc971584280a2789

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
GetCurrentProcess
FlushInstructionCache
SetLastError
FreeResource
GetLongPathNameW
LocalAlloc
lstrcmpA
TerminateProcess
GetVersionExW
SetThreadLocale
LoadLibraryA
lstrcmpW
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
SetStdHandle
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
FlushFileBuffers
SetFilePointer
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
lstrcpynW
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapCreate
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
GetStartupInfoW
CreateThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedExchange
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
CreateDirectoryA
IsWow64Process
GetTempPathA
lstrlenA
OutputDebugStringW
DebugBreak
WriteFile
CreateFileW
GetExitCodeThread
FindFirstFileW
GlobalFree
GlobalUnlock
RaiseException
GlobalLock
GlobalAlloc
LockResource
GetCurrentProcessId
CloseHandle
GetProcessId
CopyFileW
LoadLibraryW
OpenProcess
CreateRemoteThread
CreateDirectoryW
ExitProcess
ReleaseMutex
CreateMutexW
WideCharToMultiByte
GetCommandLineW
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
MultiByteToWideChar
SizeofResource
lstrcmpiW
lstrcpyW
GetModuleHandleW
GetProcAddress
FreeLibrary
LocalFree
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetLastError
GetExitCodeProcess
WaitForSingleObject
DeleteFileW
GetTempPathW
Sleep
lstrlenW
InterlockedDecrement
ReadFile
GetModuleHandleA

user32

GetWindowLongW
DefWindowProcW
LoadIconW
LoadCursorW
RegisterClassExW
CreateWindowExW
SetWindowLongW
PostQuitMessage
ShowWindow
UnregisterClassA
DestroyWindow
CharNextW
CharLowerW
FindWindowW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
CallWindowProcW
SetCursor
GetClientRect
IsWindowEnabled
BeginPaint
EndPaint
GetCapture
GetDlgCtrlID
GetParent
ReleaseCapture
IsWindow
SendMessageW
InvalidateRect
UpdateWindow
SetCapture
SystemParametersInfoW
SetTimer
ClientToScreen
GetWindowRect
PtInRect
KillTimer
SetWindowPos
PostMessageW
MessageBoxW
EnableWindow
LoadStringW
RegisterWindowMessageW
IsChild
GetFocus
SetFocus
GetDlgItem
GetClassNameW
GetSysColor
RedrawWindow
CreateAcceleratorTableW
InflateRect
GetSystemMetrics
GetMenu
AdjustWindowRectEx
MoveWindow
FillRect
InvalidateRgn
GetDesktopWindow
DestroyAcceleratorTable
ScreenToClient
SetRect
SetForegroundWindow
GetWindow
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
FindWindowExW
TrackMouseEvent
LoadBitmapW
GetClassInfoExW
DrawTextW
wvsprintfW
SetWindowTextW
ReleaseDC
GetDC
GetWindowTextW
GetWindowTextLengthW
DrawEdge
DrawFocusRect

gdi32

LineTo
MoveToEx
SetTextColor
GetTextColor
CreateFontIndirectW
ExtTextOutW
SetBkColor
GetObjectW
BitBlt
SetViewportOrgEx
DeleteDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
CreatePen
GetDeviceCaps
DPtoLP
GetStockObject
Rectangle
SetBkMode
CreateSolidBrush

advapi32

RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
RegDeleteKeyW

shell32

CommandLineToArgvW
ShellExecuteW
ShellExecuteExW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
OleInitialize
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
LoadRegTypeLi
SysStringLen
OleCreateFontIndirect
DispCallFunc
VariantInit
VariantClear
LoadTypeLi
VarUI4FromStr
SysAllocStringLen
SysAllocString

shlwapi

PathFindFileNameW
PathRemoveFileSpecW

comctl32

ImageList_Draw
ImageList_Add
ImageList_Create
ImageList_Destroy
_TrackMouseEvent
ImageList_GetIconSize
InitCommonControlsEx

msimg32

TransparentBlt
AlphaBlend

gdiplus

GdipCreateHBITMAPFromBitmap
GdipDrawImagePointRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdipCreateBitmapFromStream
GdiplusShutdown
GdiplusStartup

wininet

InternetCloseHandle
InternetCanonicalizeUrlW
InternetOpenUrlW
InternetSetOptionW
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetOpenW
InternetCrackUrlW
InternetConnectW

wintrust

WinVerifyTrust

psapi

GetModuleBaseNameW
EnumProcesses
EnumProcessModules

crypt32

CertGetNameStringW
CertFindCertificateInStore
CryptDecodeObject
CryptMsgGetParam
CryptQueryObject
CryptMsgClose
CertCloseStore
CertFreeCertificateContext

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 805KB - Virtual size: 808KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9638dc8c81af07a7bc971584280a2789

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

wininet

wintrust

psapi

crypt32

version

Sections

.text Size: 280KB - Virtual size: 280KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 805KB - Virtual size: 808KB

.text
Size: 280KB - Virtual size: 280KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 805KB - Virtual size: 808KB