3271d66aa5edd59168246136355cf41c542a5655f5595d3c1efc08ec8e023358

Sharing

Copy URL Twitter E-mail

General

Target

3271d66aa5edd59168246136355cf41c542a5655f5595d3c1efc08ec8e023358
Size

799KB
MD5

90f8bf5934794145c8f1da14f7a6c980
SHA1

f135391a0f9d09c17d6dac46bbcbddeba44bcd7c
SHA256

3271d66aa5edd59168246136355cf41c542a5655f5595d3c1efc08ec8e023358
SHA512

75cb189f32f3be1227680ca5c59ba8532ddd82a2eb8c32330c014dbd377a774058fd1163866ffd7a496bb17f309f4f0de0685c31c53273f7ed569be2f85b135e
SSDEEP

24576:lc/im/4JRN3E0VoGtbHOTG6KqiebLjLxarbzzzzzkzzzzzeM9:sK3bJ6Kqimxarbzzzzzkzzzzz59

Score

N/A

Malware Config

Signatures

Files

3271d66aa5edd59168246136355cf41c542a5655f5595d3c1efc08ec8e023358
.exe windows x86

87af166fdcf37e296d24f3d1e2a529da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileSectionA
CreateDirectoryA
FormatMessageA
lstrcatA
GetWindowsDirectoryA
RemoveDirectoryA
TerminateProcess
CreateProcessA
MoveFileExA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
IsDBCSLeadByte
GetTempFileNameA
ResumeThread
SetThreadPriority
GetDiskFreeSpaceA
GetDriveTypeA
GetLogicalDriveStringsA
GetSystemDirectoryA
MulDiv
GlobalFree
GlobalAlloc
FlushFileBuffers
SetEndOfFile
SetFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetLocaleInfoW
SetStdHandle
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
IsValidLocale
WritePrivateProfileStringA
GetUserDefaultLCID
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
GetStdHandle
SetHandleCount
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetOEMCP
HeapSize
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoA
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
CreateThread
ExitThread
HeapReAlloc
RtlUnwind
ExitProcess
GetPrivateProfileSectionA
HeapFree
CopyFileA
Sleep
GetShortPathNameA
CreateMutexA
FindFirstFileA
GetFullPathNameA
SetLastError
MultiByteToWideChar
FindClose
FindNextFileA
lstrlenW
lstrcmpA
GetTempPathA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersion
LocalFree
GetCommandLineA
GetExitCodeProcess
InterlockedIncrement
WaitNamedPipeA
SetNamedPipeHandleState
ReadFile
OpenProcess
GetModuleHandleA
GetLastError
GetTickCount
OutputDebugStringA
WaitForSingleObject
TerminateThread
GetCurrentThreadId
GetModuleFileNameA
GetFileSize
SetFileAttributesA
DeviceIoControl
DeleteFileA
MoveFileA
SetFilePointer
WriteFile
GetFileAttributesA
lstrcpynA
GetLocalTime
GetPrivateProfileStringA
GetPrivateProfileIntA
InterlockedDecrement
GetCurrentProcessId
WideCharToMultiByte
lstrcmpiA
lstrcpyA
lstrlenA
GetProcessHeap
HeapAlloc
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
LoadLibraryA
GetProcAddress
CreateFileA
CloseHandle
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
EnumSystemLocalesA

user32

GetFocus
LoadCursorA
PostQuitMessage
IsWindowEnabled
SetActiveWindow
IsDialogMessageA
SetWindowPos
UnregisterClassA
SetWindowLongA
wsprintfA
ShowWindow
LoadStringA
CharUpperA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
MapWindowPoints
GetParent
LoadImageA
EnableMenuItem
GetSystemMenu
GetSystemMetrics
EndPaint
DrawTextExA
FillRect
BeginPaint
UpdateWindow
InvalidateRect
PtInRect
SetCursor
GetPropA
SetPropA
CreateWindowExA
RegisterClassExA
GetClassNameA
GetDlgCtrlID
CallWindowProcA
GetWindowLongA
GetDlgItemTextA
EnumChildWindows
ExitWindowsEx
DefWindowProcA
PostMessageA
EndDialog
SetWindowTextA
GetDlgItem
GetWindowThreadProcessId
IsWindowVisible
DestroyWindow
EnumWindows
RedrawWindow
GetWindow
GetWindowRect
SetDlgItemTextA
MoveWindow
SetTimer
SendMessageA
FindWindowA
IsWindow
wvsprintfA
CharLowerA
CharNextA
CreateDialogParamA
DialogBoxParamA
MessageBoxA
SetForegroundWindow
GetActiveWindow
SystemParametersInfoA
MsgWaitForMultipleObjects
GetDC
ReleaseDC
IsDlgButtonChecked
CheckRadioButton
GetWindowTextLengthA
GetWindowTextA
MessageBeep
GetClientRect
EnableWindow
GetCursorPos
LoadBitmapA
ScreenToClient
SetFocus
KillTimer

gdi32

DeleteObject
GetTextExtentPoint32A
GetObjectA
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
DeleteDC
CreateSolidBrush
SetTextColor
SetBkMode
SetBkColor
CreateFontA
CreatePatternBrush
GetObjectType
GetDeviceCaps
CreateFontIndirectA
BitBlt

comdlg32

GetSaveFileNameA

advapi32

AddAccessAllowedAce
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
SetFileSecurityA
FreeSid
RegDeleteKeyA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
RegCreateKeyExA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
EqualSid
GetAce
AdjustTokenPrivileges
RegQueryInfoKeyA
RegGetKeySecurity
GetTokenInformation
RegQueryValueA
GetUserNameA
RegEnumKeyExA
CreateProcessAsUserA
EnumDependentServicesA
ControlService
StartServiceA
DeleteService
CreateServiceA
ChangeServiceConfigA
RegSetKeySecurity
OpenProcessToken
AddAce
InitializeAcl
GetLengthSid
GetAclInformation
GetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetFileSecurityA
AllocateAndInitializeSid
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
LookupPrivilegeValueA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
Shell_NotifyIconA
ShellExecuteExA
SHGetMalloc

ole32

CoInitializeSecurity
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
CoInitialize
CoUninitialize
CoCreateInstance
OleInitialize

oleaut32

VariantClear
VariantInit
VariantCopy
SysFreeString
SysAllocStringLen
VarUI4FromStr
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayDestroy
VarBstrCat
SysAllocString

shlwapi

PathRemoveFileSpecA
PathFileExistsA
PathSkipRootA

comctl32

ImageList_Create
ImageList_AddMasked
InitCommonControlsEx

rpcrt4

UuidCreate

wininet

HttpOpenRequestA
HttpAddRequestHeadersA
HttpQueryInfoA
InternetReadFile
InternetCrackUrlA
InternetSetOptionA
InternetOpenA
InternetConnectA
InternetAttemptConnect
InternetCloseHandle
HttpSendRequestA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wsock32

inet_addr
htonl
ntohs
socket
WSAGetLastError
connect
closesocket
send
select
recv
htons
WSACleanup
WSAStartup
ioctlsocket

Sections

.text
Size: 448KB - Virtual size: 446KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

87af166fdcf37e296d24f3d1e2a529da

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

rpcrt4

wininet

version

wsock32

Sections

.text Size: 448KB - Virtual size: 446KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 264KB - Virtual size: 264KB

.text
Size: 448KB - Virtual size: 446KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 264KB - Virtual size: 264KB