db72d92cf68cdc1b480b9b1211fa67b2e4b75993a9d9cde490815a0850811cf1

Sharing

Copy URL Twitter E-mail

General

Target

db72d92cf68cdc1b480b9b1211fa67b2e4b75993a9d9cde490815a0850811cf1
Size

160KB
MD5

a22e70153b5a93e12c3a6e7ab31be9e0
SHA1

a30958d721f17a1d325bbddd5e628f85edb955c7
SHA256

db72d92cf68cdc1b480b9b1211fa67b2e4b75993a9d9cde490815a0850811cf1
SHA512

22df55864b1d4a7c99896fa304c61c81847f812b6ea269d886e1024ffba51ad2ba920a857563612376c7e670d2daf716402ac0adfe7f54de09af9f499cdd4ba9
SSDEEP

3072:yBAw87mZ4wilO/A8IdEJZublonARKukr8kTF9TaqDKgZPDHhWY5D/79ci6:nw87mZ4wMCIdEbwl2dukIONaYI

Score

N/A

Malware Config

Signatures

Files

db72d92cf68cdc1b480b9b1211fa67b2e4b75993a9d9cde490815a0850811cf1
.exe windows x86

c19c8cfa2adcd330aecd5697069a6073

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegQueryValueExA
DeregisterEventSource
ReportEventA
RegisterEventSourceW
RegEnumValueA
GetUserNameA

comctl32

ord17

gdi32

CreateFontA
DeleteDC
RestoreDC
DeleteObject
GetTextFaceA
SelectObject
GetTextMetricsA
GetDeviceCaps
SetMapMode
SaveDC
Polyline
CreatePen
ExtTextOutW
GetTextExtentPoint32W
SetTextAlign
SetBkMode
SetTextColor
CreateFontIndirectA
GetObjectA

kernel32

GetModuleHandleA
MultiByteToWideChar
GetCommandLineA
GetCommandLineW
MapViewOfFile
ReleaseMutex
WaitForSingleObject
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
ExitProcess
GetStartupInfoA
CloseHandle
CreateThread
Sleep
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
LoadLibraryA
SetUnhandledExceptionFilter
MulDiv
WideCharToMultiByte
IsBadReadPtr
GetModuleFileNameA
GetSystemDefaultLangID
GetProcAddress
GetUserDefaultLangID
GetACP
GetSystemDefaultLCID
GetVersionExA
FreeLibrary
InitializeCriticalSection
GetProcessHeap
DeleteCriticalSection
lstrcpyA
GetLastError
GetProfileStringA
SetEvent
CreateSemaphoreA
CreateProcessW
ExpandEnvironmentStringsW
CreateFileMappingA
GetFileSize
CreateFileA
DeleteFileA
DeleteFileW
GetTickCount
SetEnvironmentVariableA
ReadProcessMemory
VirtualQueryEx
GetSystemInfo
GetFileAttributesA
CreateDirectoryA
WriteFile
SetFilePointer
CreateFileW
GetTempPathA
GetTempPathW
GetFileAttributesW
CreateDirectoryW
LockResource
LoadResource
FindResourceExA
GetSystemDirectoryA
SetEndOfFile
ExpandEnvironmentStringsA
IsDBCSLeadByte
CreateProcessA
SuspendThread
GetSystemTime
GetComputerNameA
CreateMutexA
TlsAlloc
TlsFree
TlsSetValue
VirtualFree
TlsGetValue
UnmapViewOfFile
SetLastError
HeapAlloc
GetLocaleInfoA
IsValidCodePage
VirtualAlloc
TerminateThread
GetCurrentThreadId
GetThreadContext
GetThreadSelectorEntry
ResumeThread
HeapFree
GetStringTypeA
GetStringTypeW
RtlUnwind
LCMapStringA
LCMapStringW

oleaut32

SysFreeString
SystemTimeToVariantTime
VariantTimeToDosDateTime
SysStringLen
SysAllocString

shell32

ShellExecuteExA
ExtractIconExA

user32

SetWindowLongA
DestroyWindow
MessageBoxA
DrawIconEx
EnableWindow
CheckDlgButton
GetSysColor
IsDlgButtonChecked
LoadIconA
DrawFocusRect
SetWindowTextW
GetWindow
LoadCursorA
DestroyIcon
GetWindowPlacement
IsIconic
wsprintfW
LoadStringW
GetWindowThreadProcessId
EnumWindows
CallWindowProcA
CallWindowProcW
IsWindowUnicode
SystemParametersInfoA
GetClientRect
SendDlgItemMessageA
SetFocus
EndDialog
GetDlgItem
ShowWindow
SetCursor
InvalidateRect
DialogBoxParamW
DialogBoxParamA
CreateDialogParamW
CreateDialogParamA
SetWindowTextA
GetDC
MapWindowPoints
GetSysColorBrush
FillRect
ReleaseDC
GetSystemMetrics
SetForegroundWindow
GetWindowLongA
GetWindowRect
SetWindowPos
RegisterClassExA
CreateWindowExA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
DefWindowProcA
KillTimer
wsprintfA
SendMessageA
PostMessageA
SetScrollInfo
GetScrollInfo
SetDlgItemTextA
SetTimer

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoW

wininet

InternetSetOptionA
InternetWriteFile
HttpSendRequestExA
InternetCanonicalizeUrlA
InternetReadFileExA
HttpEndRequestA
InternetOpenA
InternetSetStatusCallback
InternetAutodial
InternetGetConnectedState
InternetQueryOptionA
HttpQueryInfoA
InternetCloseHandle
HttpOpenRequestA
InternetConnectA

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dspak
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c19c8cfa2adcd330aecd5697069a6073

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

oleaut32

shell32

user32

version

wininet

Sections

.text Size: 140KB - Virtual size: 137KB

.data Size: 4KB - Virtual size: 30KB

.rsrc Size: 4KB - Virtual size: 2KB

.dspak Size: 8KB - Virtual size: 8KB

.text
Size: 140KB - Virtual size: 137KB

.data
Size: 4KB - Virtual size: 30KB

.rsrc
Size: 4KB - Virtual size: 2KB

.dspak
Size: 8KB - Virtual size: 8KB