6d745ca1954e5c183e6dd6047d13b8c2f93e85f51c57ddb18519471dd8597375

Sharing

Copy URL Twitter E-mail

General

Target

6d745ca1954e5c183e6dd6047d13b8c2f93e85f51c57ddb18519471dd8597375
Size

141KB
MD5

923a2c7ab6ca906016427686e83294b2
SHA1

a217a2864aaf059a1b72d7e9d6850cb83faea19c
SHA256

6d745ca1954e5c183e6dd6047d13b8c2f93e85f51c57ddb18519471dd8597375
SHA512

b9c93b93fc230d5a7a8ffeaf27abaac75a6f012edb17fbc322148d3cc3e30494540b522731ab7ddfa15b7141683c59c3d920e7071b30faea099a741bd78871ab
SSDEEP

3072:o//WZd5xUKRTBfMxR9hCSe7d4o76yfSJ5l0uceeQTTi+Yz9nz:c85lRTBQhsag6ESrl0uFrG+A

Score

N/A

Malware Config

Signatures

Files

6d745ca1954e5c183e6dd6047d13b8c2f93e85f51c57ddb18519471dd8597375
.exe windows x86

6ec2ef0d5cf893effd45512fbaf6b144

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
GetLocalTime
SetEndOfFile
SetFilePointer
GetCurrentProcessId
CreateFileA
CreateDirectoryA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateThread
FindNextFileW
GetModuleHandleW
WritePrivateProfileStringW
lstrlenA
DebugBreak
OutputDebugStringW
GlobalFree
GlobalAlloc
LockResource
LoadResource
SizeofResource
FindResourceW
ReadFile
GetFileSize
VirtualAlloc
VirtualFree
GetStartupInfoA
GetModuleHandleA
FindClose
InterlockedIncrement
GetPrivateProfileSectionW
WideCharToMultiByte
lstrlenW
CreateFileW
WriteFile
lstrcpyW
GetPrivateProfileIntW
GetPrivateProfileStringW
LoadLibraryW
GetProcAddress
CreateProcessW
WaitForSingleObject
CloseHandle
GetLastError
FreeLibrary
ExpandEnvironmentStringsW
CreateDirectoryW
CopyFileW
DeleteFileW
LocalFree
GetVersionExW
InterlockedDecrement
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetCommandLineW
GetModuleFileNameW

user32

SetWindowLongW
DestroyWindow
DefWindowProcW
DialogBoxParamW
PostMessageW
wsprintfW
LoadStringW
SetWindowPos
GetDlgItem
GetWindow
EndDialog
SetWindowTextW
IsWindow
FindWindowW
UpdateWindow
BeginPaint
DrawTextW
OffsetRect
GetWindowLongW
GetSysColor
DrawFocusRect
GetMenu
AdjustWindowRectEx
SendMessageW
LoadIconW
InvalidateRect
GetParent
GetWindowTextW
SetTimer
GetClientRect
SystemParametersInfoW
InflateRect
GetSystemMetrics
DrawEdge
IsWindowEnabled
EndPaint
ClientToScreen
GetCapture
CallWindowProcW
SetCapture
ReleaseCapture
GetDlgCtrlID
PtInRect
GetWindowRect
CharNextW
wvsprintfW
CreateWindowExW
MapWindowPoints
GetTopWindow
FindWindowExW
KillTimer

gdi32

SetBkColor
ExtTextOutW
CreateCompatibleDC
GetObjectW
DeleteDC
CreateFontW
SetTextColor
SelectObject
SetBkMode
CreateSolidBrush
DeleteObject

shell32

CommandLineToArgvW

ole32

CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoInitialize
CoUninitialize

comctl32

ImageList_GetIconSize
_TrackMouseEvent
ImageList_Draw
ImageList_Create
ImageList_Add
ImageList_SetImageCount
ImageList_Destroy
InitCommonControlsEx

msimg32

AlphaBlend

msvcp60

?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB

wininet

InternetCloseHandle
InternetOpenW
InternetOpenUrlW
HttpQueryInfoW
InternetReadFile
InternetSetOptionW

shlwapi

StrStrIW
PathAppendW
SHSetValueW
StrToIntW
PathRemoveFileSpecW
PathFileExistsW

gdiplus

GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipFree
GdipAlloc
GdiplusStartup
GdipCloneImage
GdipCreateHBITMAPFromBitmap
GdipDisposeImage

msvcrt

__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
__set_app_type
_wtoi
iswdigit
strncpy
sprintf
strrchr
strcpy
_lseek
_close
_write
_read
_open
malloc
_snprintf
strlen
_vsnwprintf
_controlfp
memcmp
free
memset
_wcsicmp
wcsrchr
wcslen
wcstok
wcscmp
wcscpy
wcscat
_wcsnicmp
memcpy
??2@YAPAXI@Z
__CxxFrameHandler
_snwprintf
_wtol

cryptui

CryptUIWizImport

crypt32

CertOpenSystemStoreW
CertCloseStore

wintrust

CryptCATAdminCalcHashFromFileHandle
CryptCATAdminReleaseContext
CryptCATAdminAcquireContext
CryptCATAdminEnumCatalogFromHash
CryptCATAdminReleaseCatalogContext
WinVerifyTrust
CryptCATCatalogInfoFromContext

cabinet

ord22
ord23
ord21
ord20

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ec2ef0d5cf893effd45512fbaf6b144

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

comctl32

msimg32

msvcp60

wininet

shlwapi

gdiplus

msvcrt

cryptui

crypt32

wintrust

cabinet

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 7KB - Virtual size: 8KB

.rsrc Size: 9KB - Virtual size: 9KB

.rrdata Size: 68KB - Virtual size: 68KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 9KB - Virtual size: 9KB

.rrdata
Size: 68KB - Virtual size: 68KB