f619333949119aa515854f1abd752f5ccee33855604b156905a98fe7bccd2304

Sharing

Copy URL

Twitter E-mail

General

Target

f619333949119aa515854f1abd752f5ccee33855604b156905a98fe7bccd2304
Size

788KB
MD5

83664371eb833c22885bc3eb54322f50
SHA1

b73ffdd31538204bead44ba3d9fe17cda6517eb1
SHA256

f619333949119aa515854f1abd752f5ccee33855604b156905a98fe7bccd2304
SHA512

157e96bbabb6cd3e048dee37f3e5287775aaa67ab3a4e5e4d5b7d6a4a36bbabe14194167aa7cb592889c88871b4dd3ba91c866be14cab418622d0748716d55cd
SSDEEP

24576:FH8i87x4UeaR2kFey/r7TvF7kB73uroQg:FIik/7TS

Score

N/A

Malware Config

Signatures

Files

f619333949119aa515854f1abd752f5ccee33855604b156905a98fe7bccd2304
.exe windows x86

6122b65ac5b58f1db73d590f5eac372f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_c_exit
__CxxFrameHandler
iswcntrl
isxdigit
towlower
towupper
wcsncmp
wcslen
??2@YAPAXI@Z
memmove
wcsrchr
wcsspn
iswspace
iswascii
wcspbrk
wcschr
wcsstr
_wcsnicmp
_wtol
_vsnwprintf
_wcsicmp
_CIpow
_purecall
swscanf
_ftol
iswdigit
_wtoi
iswalnum
_wtoi64
_controlfp
wcstoul
floor
memcmp
atoi
memset
_snwprintf
wcsncpy
wcscpy
memcpy
free
strchr
_exit
_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
isdigit
ceil
_vsnprintf
_strnicmp
malloc
wcscat
rand
realloc
toupper
isspace
atol
swprintf
_stricmp
strncpy
wcscspn
_wcsupr
wcstombs
bsearch
_ultow
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
abs
qsort
wcscmp
srand
_beginthreadex
??3@YAXPAX@Z

advapi32

SetFileSecurityW
GetFileSecurityW
RegCloseKey
RegQueryValueExW
RegQueryValueExA
RegSetValueExW
RegSetValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueW
RegEnumValueA
RegEnumKeyA
RegCreateKeyExW
RegCreateKeyExA
GetUserNameA

kernel32

ExitProcess
GetSystemTime
CreateThread
WaitForMultipleObjects
SetEvent
GetProcessHeap
HeapFree
GetUserDefaultLCID
RaiseException
InterlockedDecrement
InterlockedIncrement
CloseHandle
LoadResource
LockResource
GetThreadLocale
FreeLibrary
GetSystemInfo
QueryDosDeviceW
QueryDosDeviceA
lstrlenA
GetSystemDirectoryW
GetSystemDirectoryA
UnmapViewOfFile
GetDriveTypeA
GetDateFormatW
CreateMutexW
CreateMutexA
CompareStringW
GetShortPathNameA
GetWindowsDirectoryW
GlobalLock
GlobalSize
GlobalAlloc
GlobalUnlock
GlobalFree
GetLocaleInfoA
CreateFileMappingW
CreateFileMappingA
GetVersionExW
SetFileAttributesW
SetFileAttributesA
IsBadWritePtr
lstrcmpiW
lstrcmpiA
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
LoadLibraryA
LCMapStringW
LCMapStringA
GetVolumeInformationW
GetTempPathA
GetTempFileNameW
GetTempFileNameA
GetPrivateProfileStringW
GetPrivateProfileStringA
lstrcpynW
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
SystemTimeToFileTime
GetLocalTime
MapViewOfFile
GetFileType
SetFilePointer
SetEndOfFile
GetFileSize
ReadFile
WriteFile
FlushFileBuffers
WaitForSingleObject
CompareFileTime
SetThreadPriority
Sleep
GetLongPathNameA
GetLongPathNameW
ReleaseMutex
InterlockedExchange
GetStartupInfoW
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FindClose
IsValidLocale
SetErrorMode
FileTimeToSystemTime
lstrcatA
lstrcpyA
GetACP
DebugBreak
InterlockedCompareExchange
GetExitCodeThread
DeviceIoControl
GetVersion
HeapAlloc
GetDriveTypeW
GetDateFormatA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
lstrlenW
GetLastError
GetWindowsDirectoryA
GetProcAddress
SetLastError
CopyFileA
CopyFileW
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FindResourceW
LocalFree
LocalAlloc
GetFileAttributesA
GetFileAttributesW
GetFileAttributesExA
GetFileAttributesExW
GetFullPathNameA
GetFullPathNameW

shell32

SHGetMalloc
SHFileOperationA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

shlwapi

PathGetCharTypeA
PathRemoveBackslashW
PathRemoveFileSpecW
UrlCombineW
PathGetCharTypeW
PathUndecorateW

ole32

PropVariantCopy
GetHGlobalFromStream
StringFromGUID2
OleLoadFromStream
CoCreateInstance
StringFromIID
StringFromCLSID
CoTaskMemFree
CLSIDFromString
CoReleaseMarshalData
CoUnmarshalInterface
CreateStreamOnHGlobal
CoMarshalInterface
CoCreateGuid
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
CoGetMalloc
CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoUninitialize
CoInitializeEx
PropVariantClear
OleSaveToStream

oleaut32

GetErrorInfo
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
VariantCopy
VariantInit
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysAllocString
SysAllocStringLen
VariantClear
SysFreeString

mpr

WNetCancelConnection2W
WNetAddConnection2W
WNetGetConnectionA
WNetGetConnectionW

winmm

mmioOpenW
mmioOpenA
timeGetTime
mmioSeek
mmioDescend
mmioAscend
mmioRead
mmioClose
timeBeginPeriod
timeEndPeriod

avifil32

AVIFileGetStream
AVIStreamLength
AVIStreamSampleToTime
AVIStreamRelease
AVIFileAddRef
AVIFileExit
AVIFileOpenA
AVIFileOpenW
AVIFileInfoA
AVIFileInfoW
AVIFileRelease
AVIFileInit
AVIStreamInfoW
AVIStreamInfoA
AVIStreamReadFormat

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA

wininet

RetrieveUrlCacheEntryFileW
RetrieveUrlCacheEntryFileA
InternetQueryOptionA
InternetSetOptionA
InternetCrackUrlA
InternetCrackUrlW

user32

CharNextW
RegisterWindowMessageA
PostThreadMessageA
PeekMessageW
PeekMessageA
MessageBoxW
MessageBoxA
LoadStringW
LoadStringA
GetMessageA
GetDesktopWindow
MsgWaitForMultipleObjects
KillTimer
TranslateMessage
SetTimer
wsprintfA
CharNextA
SendMessageA
DispatchMessageA
DispatchMessageW

urlmon

CoGetClassObjectFromURL
CreateURLMoniker
CreateAsyncBindCtx

Sections

.text
Size: 692KB - Virtual size: 688KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 68KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6122b65ac5b58f1db73d590f5eac372f

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

shell32

shlwapi

ole32

oleaut32

mpr

winmm

avifil32

version

wininet

user32

urlmon

Sections

.text Size: 692KB - Virtual size: 688KB

.data Size: 68KB - Virtual size: 78KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 692KB - Virtual size: 688KB

.data
Size: 68KB - Virtual size: 78KB

.rsrc
Size: 24KB - Virtual size: 24KB