5a65bb5887a054c01da87b96d21c2ee496316bab886687293b5921f04dd66797

Sharing

Copy URL

Twitter E-mail

General

Target

5a65bb5887a054c01da87b96d21c2ee496316bab886687293b5921f04dd66797
Size

638KB
MD5

8212a39eeffe9411e45b0a192208c101
SHA1

610f61331b5041fbb716a7a6e69598a8d382d204
SHA256

5a65bb5887a054c01da87b96d21c2ee496316bab886687293b5921f04dd66797
SHA512

c4e8469d93c95c763e390f37bed0cef339b69b1ee5e981d5a963af7f2546557c7c4b01a61d15cae556ed552d1185e6462c8ec1a14bbddfc2dc7cc7eb4b407981
SSDEEP

12288:8t53YTYP2mWTkgXPgZFBW7Q/WNLN54QHQXgvYAUsRS4i5sBhV38ZWT6rTIpSsPi:8zYTYPGY0R5FS4ikaIT6r8pSoi

Score

N/A

Malware Config

Signatures

Files

5a65bb5887a054c01da87b96d21c2ee496316bab886687293b5921f04dd66797
.exe windows x86

1fe750a4bbeb27f319fd3da0338ec82e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
LockResource
GetSystemInfo
SetEnvironmentVariableA
GetCurrentThreadId
GetCurrentProcessId
SetEvent
InitializeCriticalSection
CreateEventA
FlushInstructionCache
RaiseException
SetLastError
ResetEvent
GetVersion
lstrcpyA
FindResourceA
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
IsDBCSLeadByte
lstrlenW
lstrcmpiA
LoadLibraryExA
DeleteCriticalSection
GetTempPathA
CloseHandle
InterlockedPopEntrySList
VirtualFree
InterlockedPushEntrySList
CompareStringW
CreateFileW
SetEndOfFile
WriteConsoleW
SetStdHandle
LoadLibraryW
IsValidLocale
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
GetModuleHandleA
GetConsoleMode
GetConsoleCP
GetLocaleInfoW
GetModuleFileNameW
HeapDestroy
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ExitProcess
HeapSize
GetStdHandle
SetHandleCount
IsProcessorFeaturePresent
LCMapStringW
RtlUnwind
GetCPInfo
GetTimeZoneInformation
GetStartupInfoW
HeapSetInformation
GetCommandLineA
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
GetModuleHandleW
VirtualAlloc
VirtualProtect
CreateThread
ExitThread
DecodePointer
EncodePointer
InterlockedCompareExchange
FlushFileBuffers
GetFileAttributesA
GetSystemDefaultLCID
EnterCriticalSection
GetProcAddress
GetLastError
InterlockedExchange
MultiByteToWideChar
FileTimeToSystemTime
CreateProcessA
LeaveCriticalSection
SizeofResource
Sleep
WideCharToMultiByte
GlobalAlloc
WriteFile
WaitForSingleObject
GetCurrentProcess
SetUnhandledExceptionFilter
LoadResource
FreeLibrary
FindResourceW
FindResourceExW
VirtualQuery
lstrlenA
DeleteFileA
EnumSystemLocalesA
ResumeThread
FindNextFileA
GetModuleFileNameA
GetLocalTime
FindClose
GetTempFileNameA
CopyFileA
FindFirstFileA
CreateDirectoryA
CreateFileA
GetEnvironmentVariableA
GetTickCount
GlobalLock
GetSystemDefaultUILanguage
GetSystemDefaultLangID
LocalFree
LocalAlloc
GetSystemPowerStatus
HeapFree
GetProcessHeap
HeapAlloc
SystemTimeToFileTime
UnmapViewOfFile
FileTimeToDosDateTime
ReadFile
SetFilePointer
GetFileInformationByHandle
GetFileType
GetFileSize

user32

KillTimer
GetWindow
UnregisterClassA
LoadStringA
CopyImage
LoadImageA
GetDesktopWindow
ReleaseDC
GetForegroundWindow
GetDC
GetClientRect
MoveWindow
CopyRect
DrawFrameControl
GetDlgCtrlID
LoadCursorA
CallWindowProcA
MapWindowPoints
IsWindowVisible
ReleaseCapture
EqualRect
IsWindow
ShowWindow
SetWindowPos
DefWindowProcA
GetDlgItem
MonitorFromWindow
CreateWindowExA
GetWindowLongA
InvalidateRect
SetWindowLongA
SetRect
GetWindowTextA
OffsetRect
InflateRect
GetMonitorInfoA
PtInRect
BeginPaint
SendMessageA
SetFocus
IsWindowEnabled
LoadIconA
GetParent
DrawIconEx
GetKeyState
DrawTextA
GetMessageA
CharNextA
TranslateMessage
PeekMessageA
GetActiveWindow
DispatchMessageA
EndPaint
ClientToScreen
DestroyWindow
SetCursor
SetWindowRgn
SetTimer
GetWindowRect
RegisterClassExA
PostQuitMessage
GetClassInfoExA
SetCapture

gdi32

GetClipRgn
MoveToEx
GetTextExtentPoint32A
LineTo
SetTextColor
StretchBlt
CreateFontIndirectA
SetBkColor
CreateBitmap
SetBkMode
SelectClipRgn
SetRectRgn
CreateRectRgnIndirect
CombineRgn
RectInRegion
OffsetRgn
SaveDC
CreateRectRgn
CreatePen
RoundRect
GetPixel
GetStockObject
ExtTextOutA
RestoreDC
CreateSolidBrush
TextOutA
BitBlt
DeleteDC
CreateDIBSection
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
Rectangle

advapi32

RegOpenKeyExA
RegQueryInfoKeyA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyW
RegSetValueExA
RegQueryValueExA
RegOpenKeyA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

ole32

CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoInitializeSecurity
CoUninitialize
CreateStreamOnHGlobal

oleaut32

VarUI4FromStr
OleLoadPicture
SafeArrayGetUBound
SafeArrayGetElement
VariantChangeType
VariantInit
SafeArrayDestroy
VariantCopy
VariantClear
SafeArrayGetLBound
SysAllocString
SysFreeString

shlwapi

PathFileExistsA
PathRemoveFileSpecA
PathAppendA
SHGetValueA
PathAddBackslashA
StrToIntA

wininet

InternetConnectA
InternetAttemptConnect
InternetCloseHandle
HttpOpenRequestA
HttpAddRequestHeadersA
InternetSetCookieA
InternetOpenA
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA
InternetReadFile
HttpSendRequestA

gdiplus

GdipDisposeImage
GdipAlloc
GdipLoadImageFromStream
GdipCreateFromHDC
GdipCreateImageAttributes
GdipSetImageAttributesColorKeys
GdipDisposeImageAttributes
GdipDrawImageRectI
GdipDrawImageRectRectI
GdiplusStartup
GdipGetImageWidth
GdipCloneImage
GdipDeleteGraphics
GdiplusShutdown
GdipFree
GdipGetImageHeight

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

_TrackMouseEvent

Sections

.text
Size: 431KB - Virtual size: 431KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fe750a4bbeb27f319fd3da0338ec82e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

wininet

gdiplus

version

comctl32

Sections

.text Size: 431KB - Virtual size: 431KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 10KB - Virtual size: 39KB

.rsrc Size: 115KB - Virtual size: 115KB

.text
Size: 431KB - Virtual size: 431KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 10KB - Virtual size: 39KB

.rsrc
Size: 115KB - Virtual size: 115KB