064050a7eccb59e6e60080efaf0554db55ad8ef56ecd41b48f06f9f362165436

Sharing

Copy URL Twitter E-mail

General

Target

064050a7eccb59e6e60080efaf0554db55ad8ef56ecd41b48f06f9f362165436
Size

147KB
MD5

9257b4f7138a16ae1c05d4262a5b2710
SHA1

35ddb207fd977f970de694f2cc6a2e35e82d83c9
SHA256

064050a7eccb59e6e60080efaf0554db55ad8ef56ecd41b48f06f9f362165436
SHA512

ae22999662765cf12b33101464fa2044162bbc8f2b3def5e820fd31884ef4bb5d2ccea68d5110f17d94e1edd23f9909c3ee053a4b275e15173462eafb4b066f7
SSDEEP

3072:92XkKmaYhQhshSSdBBGO0UaCtRQCrkJuffYIjAFz:+k/ahshfrnaCtRQCY83YIEFz

Score

N/A

Malware Config

Signatures

Files

064050a7eccb59e6e60080efaf0554db55ad8ef56ecd41b48f06f9f362165436
.exe windows x86

0571d71b9c8ef6bb6b251b8e63b111b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ChildWindowFromPoint
LockWorkStation
GetDlgItemTextW
DdeQueryStringA
GetTabbedTextExtentW
DdeFreeStringHandle
BroadcastSystemMessageA
DlgDirSelectExA
TabbedTextOutW
OemToCharBuffW
ShowCursor
EnableMenuItem
GetScrollBarInfo

comdlg32

ChooseColorA
CommDlgExtendedError
ChooseFontA

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager
URLDownloadToFileW

shell32

DuplicateIcon
DragAcceptFiles
DragQueryFileA
ShellExecuteExA
ShellAboutA
ShellExecuteA

ole32

CreateStreamOnHGlobal
OleRegEnumVerbs
IsAccelerator
OleDraw
OleSetMenuDescriptor
CoTaskMemAlloc
OleUninitialize
CoDisconnectObject
CoUninitialize
CoInitialize
CLSIDFromProgID
OleInitialize
StgIsStorageILockBytes
CoGetClassObject
OleSetContainedObject
ProgIDFromCLSID
CoCreateInstance
GetHGlobalFromILockBytes
OleFlushClipboard
GetRunningObjectTable
CoGetStandardMarshal
RevokeDragDrop
CoGetInterfaceAndReleaseStream
CoTaskMemFree
RegisterDragDrop
CoGetMarshalSizeMax
StringFromCLSID
WriteClassStm
CoLockObjectExternal
ReleaseStgMedium

advapi32

ReportEventA
RegOpenKeyW
AddAccessDeniedAceEx
GetSecurityDescriptorSacl
LookupAccountSidA
AccessCheckByTypeAndAuditAlarmA
CopySid
AccessCheckByTypeResultList

wininet

InternetGetConnectedState
FindNextUrlCacheEntryExW
FindFirstUrlCacheEntryExW
InternetSetOptionW
InternetReadFile
InternetQueryOptionW
InternetOpenW
InternetConnectW
InternetCloseHandle
HttpSendRequestW
HttpQueryInfoW
HttpOpenRequestW
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
FindCloseUrlCache
DeleteUrlCacheEntryW

ws2_32

htonl
gethostbyaddr
connect
select
listen
getsockopt
recv

dbghelp

StackWalk
SymUnDName64
ImageDirectoryEntryToDataEx
SymFunctionTableAccess
SymSetSearchPath

mpr

WNetConnectionDialog1W
WNetAddConnectionA
WNetConnectionDialog
WNetGetNetworkInformationA
WNetGetUniversalNameA
WNetGetResourceParentA
WNetDisconnectDialog1W

shlwapi

PathRemoveFileSpecW

winmm

joyGetNumDevs
midiStreamPause
PlaySoundA
mmioClose
midiOutLongMsg

kernel32

LoadLibraryW
GetConsoleCP
GetConsoleMode
HeapReAlloc
HeapAlloc
LCMapStringW
RtlUnwind
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
FlushFileBuffers
WriteFile
ExitProcess
GetTimeZoneInformation
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetLocaleInfoW
GetUserDefaultLCID
Sleep
IsValidCodePage
GetOEMCP
GetACP
HeapFree
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcAddress
GetCurrentThreadId
SetLastError
GetModuleHandleW
TlsFree
SetFilePointer
HeapSize
WriteConsoleW
SetStdHandle
CompareStringW
SetEnvironmentVariableA
CreateFileW
GetStdHandle
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DecodePointer
LeaveCriticalSection
EnterCriticalSection
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
FindResourceW
GetCommTimeouts
WriteConsoleInputW
EnumDateFormatsExA
TransmitCommChar
WaitForSingleObject
WaitForMultipleObjects
CloseHandle
SetEvent
CreateEventA
GetLastError
CreateThread

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0571d71b9c8ef6bb6b251b8e63b111b8

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

urlmon

shell32

ole32

advapi32

wininet

ws2_32

dbghelp

mpr

shlwapi

winmm

kernel32

Sections

.text Size: 69KB - Virtual size: 69KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 200KB - Virtual size: 200KB

.text
Size: 69KB - Virtual size: 69KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 200KB - Virtual size: 200KB