681e45aeb56c923d2e0eaccbcdc71311c0ea3d040e789da881895e1eb7ae3263

Sharing

Copy URL Twitter E-mail

General

Target

681e45aeb56c923d2e0eaccbcdc71311c0ea3d040e789da881895e1eb7ae3263
Size

250KB
MD5

93da26d2d31f0971a53def2999b4f720
SHA1

37e429143167899ff0c0e902d987b61ed748df86
SHA256

681e45aeb56c923d2e0eaccbcdc71311c0ea3d040e789da881895e1eb7ae3263
SHA512

3af44fa38a6c2ac91d77884a26ced3c776c5eb6b475503cb38b089f3fff689b0dd4950cdbf2a43a0f6061c833904972b33edad4a36aff4fc485c1902f482aff8
SSDEEP

6144:UupoDYYu19fHV+Q6p08639NHnlJuP/l3KUjxtAfF:zuEYu1M08ILlJ+/HK

Score

N/A

Malware Config

Signatures

Files

681e45aeb56c923d2e0eaccbcdc71311c0ea3d040e789da881895e1eb7ae3263
.exe windows x86

1cb53238fe91e6b6329874fd12a76154

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
CreateNamedPipeW
GetEnvironmentVariableW
GetEnvironmentStringsW
GetProcessHeap
GetModuleHandleA
GetLongPathNameA
GetStartupInfoW
GetLocaleInfoA
CreateSemaphoreA
FileTimeToSystemTime
GetLocalTime
IsBadStringPtrA
CreatePipe
CopyFileExA
BeginUpdateResourceA
ReadDirectoryChangesW
GetDiskFreeSpaceA
IsBadWritePtr
MoveFileW
GetHandleInformation
GetLogicalDrives
SleepEx
GetProcAddress
CreateMutexW
lstrcpynA
FindResourceW
MultiByteToWideChar
CreateEventA
GetFileAttributesA
GetLastError
GetProcessHeaps
GetEnvironmentStringsA
GlobalAlloc
GetWindowsDirectoryW
GetFileAttributesW
GetCalendarInfoW
CreateMailslotA
GetAtomNameW
EnumCalendarInfoA
GetCurrentDirectoryA
GetTimeFormatW
WaitForMultipleObjects
GetCalendarInfoA
GetSystemDirectoryW
GetComputerNameA
EnumCalendarInfoW
FindResourceA

user32

DefWindowProcW
IsMenu
keybd_event
GetKeyboardType
CreateDialogIndirectParamA
GetMenuState
DestroyCursor
DestroyIcon
CreateDesktopW
GetCapture
InvalidateRgn
SetForegroundWindow
GetDlgItemInt
MessageBoxIndirectA
DialogBoxIndirectParamA
SetTimer
MessageBeep
DestroyMenu
SetWindowLongW
CharPrevW
GetMenuItemID
WaitForInputIdle
RegisterClassW
CharLowerW
wsprintfW
GetClassInfoExA
GetWindowRgn
CharNextA
GetMenuItemRect
SetParent
RegisterWindowMessageA
CharNextW
GetCapture
wvsprintfW
SetFocus
AppendMenuW
LoadMenuA
GetCaretPos
GetActiveWindow
CreatePopupMenu
GetMenuItemInfoW
SetWindowTextW
SetActiveWindow
RegisterClassExA
SendDlgItemMessageW
CreateDialogParamW
GetClassInfoExW
MonitorFromWindow
GetMessageW
IsDlgButtonChecked
ShowCursor
DefWindowProcA
SetCursorPos
GetFocus
TrackPopupMenu
CharUpperA
LoadCursorW
UnregisterClassA
SetDlgItemTextW
GetActiveWindow
SendDlgItemMessageA
CharLowerA
LoadCursorA
LoadImageA
GetSubMenu
CreateDesktopA
InsertMenuA
LoadBitmapA
IsWindow
SetDlgItemTextA
OffsetRect
GetTopWindow
CreateAcceleratorTableW
GetMenuItemInfoA

gdi32

CreateICW
CreateScalableFontResourceW
GdiGetBatchLimit
SetMetaFileBitsEx
GetStockObject
CreatePatternBrush
CreateFontIndirectW
CreateMetaFileW
CreateColorSpaceW
CreatePalette
CreateCompatibleDC

advapi32

RegSaveKeyA
ClearEventLogA
CreateWellKnownSid
SystemFunction026
FindFirstFreeAce
EqualSid
SetEntriesInAccessListA
SystemFunction008
GetTrusteeNameW

shell32

StrRChrIW
ExtractAssociatedIconA

comdlg32

PrintDlgExA
GetFileTitleA

ws2_32

htonl
WSADuplicateSocketW
WSARecvDisconnect
WSAAccept
getsockname

urlmon

CoInternetGetSecurityUrl
GetMarkOfTheWeb

winmm

mciSetYieldProc
waveOutGetDevCapsW
sndPlaySoundW
mmioGetInfo
mmioStringToFOURCCA
midiDisconnect
midiOutGetNumDevs
mmioWrite
mid32Message
midiOutClose
waveInGetNumDevs
midiOutMessage
WOW32ResolveMultiMediaHandle

mprapi

MprInfoBlockAdd
MprInfoBlockAdd
MprInfoDelete
MprAdminIsDomainRasServer
MprAdminConnectionClearStats
MprInfoCreate
MprAdminUserSetInfo
MprConfigBufferFree
MprConfigInterfaceTransportGetInfo
MprConfigTransportSetInfo
MprConfigBufferFree
MprAdminUserGetInfo
MprConfigGetFriendlyName
MprAdminMIBEntryGet
MprAdminUserReadProfFlags
MprAdminPortReset
MprAdminUserRead

inetcomm

EssSecurityLabelEncodeEx
MimeOleDecodeHeader
MimeOleCreateHeaderTable
HrGetLastOpenFileDirectoryW
EssReceiptEncodeEx
MimeOleClearDirtyTree
MimeEditIsSafeToRun
MimeGetAddressFormatW
MimeOleGetDefaultCharset
HrAthGetFileName
HrDoAttachmentVerb
MimeOleSMimeCapRelease
MimeOleFileTimeToInetDate
MimeOleSetCompatMode

oledlg

OleUIChangeIconW

sqlunirl

_DefWindowProc@16
_OpenSCManager_@12
_GetTempPath_@8
_GetLogicalDriveStrings_@8
_TranslateAccelerator@12
_GetKeyboardLayoutName_@4
_QueryDosDevice_@12
_CreateWaitableTimer_@12
_SetFileAttributes_@8
_EnumDependentServices_@24
_CreateNamedPipe_@32
_RegDeleteValue_@8
_CopyEnhMetaFile_@8
_GetFileSecurity_@20
_GetWindowText@12
_CallWindowProc@20
_lstrcmpi_@8

crypt32

CryptMsgSignCTL
CertAddEncodedCertificateToStore
CryptAcquireCertificatePrivateKey
CertAlgIdToOID
CryptBinaryToStringA
CertFindSubjectInSortedCTL
CertGetCTLContextProperty
CertDeleteCRLFromStore
CryptSIPRemoveProvider
CryptSIPGetSignedDataMsg

Sections

.text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zl
Size: 110KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KtnvFl
Size: 108KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cb53238fe91e6b6329874fd12a76154

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comdlg32

ws2_32

urlmon

winmm

mprapi

inetcomm

oledlg

sqlunirl

crypt32

Sections

.text Size: 11KB - Virtual size: 12KB

.zl Size: 110KB - Virtual size: 177KB

.rdata Size: 7KB - Virtual size: 42KB

.data Size: 5KB - Virtual size: 323KB

.KtnvFl Size: 108KB - Virtual size: 170KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 11KB - Virtual size: 12KB

.zl
Size: 110KB - Virtual size: 177KB

.rdata
Size: 7KB - Virtual size: 42KB

.data
Size: 5KB - Virtual size: 323KB

.KtnvFl
Size: 108KB - Virtual size: 170KB

.rsrc
Size: 6KB - Virtual size: 6KB