47168999b6d75dfc6ff13c83b795784078a46ef5aba3f109c91b9b394a9f4a0c

Sharing

Copy URL Twitter E-mail

General

Target

47168999b6d75dfc6ff13c83b795784078a46ef5aba3f109c91b9b394a9f4a0c
Size

504KB
MD5

a31d376820aa34a9295cdd7369d629d0
SHA1

7dd50e01bac636dfb82e79b40e862b4e98fd51e9
SHA256

47168999b6d75dfc6ff13c83b795784078a46ef5aba3f109c91b9b394a9f4a0c
SHA512

2c3f07b2e7a8a3439583af8f8d91e7f7e875c3468f01eea81a163fef3ebae276a487a9754beb0b48d03275f52bd7c24e910f836e4d72ba5d776e0cc3298a061e
SSDEEP

6144:79AVgc4W9b+n49mf6cxTBqhNnTdz6KXTg:79YtnSn/jTshNTc

Score

N/A

Malware Config

Signatures

Files

47168999b6d75dfc6ff13c83b795784078a46ef5aba3f109c91b9b394a9f4a0c
.exe windows x86

9266d55963d13a562624914b37f93cd0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathW

kernel32

FreeLibrary
GetLocalTime
WriteFile
GlobalFree
SetThreadLocale
ReadFile
SetFilePointer
LocalFree
LocalAlloc
FindClose
FileTimeToLocalFileTime
SetFileTime
LocalFileTimeToFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
SystemTimeToFileTime
GlobalAlloc
CompareStringA
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
InterlockedExchange
SetLastError
MulDiv
InterlockedDecrement
InterlockedIncrement
GetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
CloseHandle
GetThreadLocale
IsProcessorFeaturePresent
InterlockedCompareExchange
FlushFileBuffers
CreateFileA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
HeapFree
GetLocaleInfoA
GetStringTypeA
LCMapStringA
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
SetEndOfFile
Sleep
GetOEMCP
GetACP
GetStdHandle
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetProcessHeap
GetVersionExA
HeapReAlloc
HeapAlloc
RtlUnwind

gdi32

GetStockObject
SetTextColor
SetBkMode
SelectObject
GetDeviceCaps
DeleteObject

shlwapi

SHDeleteKeyW
PathIsDirectoryW
PathRemoveFileSpecW
PathAppendW
PathCanonicalizeW
PathIsRelativeW
PathUnExpandEnvStringsW
StrCpyW
PathAddBackslashW
PathFileExistsW
PathFindFileNameW

comctl32

ord17
ImageList_ReplaceIcon
ImageList_Create
ImageList_SetBkColor
_TrackMouseEvent
CreatePropertySheetPageW
PropertySheetW
DestroyPropertySheetPage

msi

ord173

user32

GetActiveWindow
GetSysColorBrush
CheckDlgButton
IsDlgButtonChecked
CheckRadioButton
KillTimer
SetTimer
IsWindowVisible
ShowWindow
GetDlgItem
CreateCursor
OffsetRect
GetSysColor
GetFocus
GetCapture
MapWindowPoints
EndPaint
BeginPaint
GetCursorPos
DrawFocusRect
SetCursor
PtInRect
SetWindowPos
IsWindow
GetDlgCtrlID
GetParent
SetFocus
SetCapture
IsWindowEnabled
InvalidateRect
UpdateWindow
ScreenToClient
GetClientRect
SetRectEmpty
DestroyWindow
DestroyCursor
ReleaseDC
GetDC
GetWindowRect
GetWindow
UnregisterClassA
ReleaseCapture
FillRect

advapi32

RegCloseKey

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoInitialize
CoUninitialize

oleaut32

VarUI4FromStr

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�u�E�u�
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9266d55963d13a562624914b37f93cd0

Headers

File Characteristics

Imports

shell32

kernel32

gdi32

shlwapi

comctl32

msi

user32

advapi32

ole32

oleaut32

Sections

.text Size: 164KB - Virtual size: 160KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 260KB - Virtual size: 259KB

�u�E�u� Size: 20KB - Virtual size: 20KB

.text
Size: 164KB - Virtual size: 160KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 260KB - Virtual size: 259KB

�u�E�u�
Size: 20KB - Virtual size: 20KB