f846688bbb11e5f2390c9181030e729a0e6fa4c022ec62f8bddbab25ec44ae3e

Sharing

Copy URL

Twitter E-mail

General

Target

f846688bbb11e5f2390c9181030e729a0e6fa4c022ec62f8bddbab25ec44ae3e
Size

848KB
MD5

833b4bb47b95660a1ea6907eca41c660
SHA1

1e659daf5142d2646a44dfbadb5d5cb6f9f5fadb
SHA256

f846688bbb11e5f2390c9181030e729a0e6fa4c022ec62f8bddbab25ec44ae3e
SHA512

643bf30c759feccf8fc8eeba97ecd31d0ad28bd3b9a4fb7017362006c808e33ab7feeb820f29062666c5fff276ef55c3e2d13a0456742331a04c5ce1061b35bd
SSDEEP

12288:mhkk6MTmWZe33Qdownk5eM+kTPKUY1UoiegksFlOFuyAH95ZIV3jPu2440ZJRZNr:STmWZeEown5AIV3jPGZLZLe9nU

Score

N/A

Malware Config

Signatures

Files

f846688bbb11e5f2390c9181030e729a0e6fa4c022ec62f8bddbab25ec44ae3e
.exe windows x86

ff6de64585fabd347950f29cc86f44dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

GetProcAddress
GetModuleHandleW
lstrlenW
FreeLibrary
LoadLibraryW
GetVersionExW
lstrlenA
MultiByteToWideChar
FindClose
FindFirstFileW
InterlockedDecrement
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
FreeResource
LockResource
CreateEventW
SetLastError
GetCurrentThreadId
Sleep
FlushInstructionCache
CloseHandle
CreateThread
WaitForSingleObject
SetEvent
CreateSemaphoreW
ReleaseSemaphore
AreFileApisANSI
GetFileAttributesA
DeleteFileA
GetFileAttributesW
GetTempPathA
GetTempPathW
SetFilePointer
GetPrivateProfileStringW
SetEndOfFile
GetFileSize
LockFile
LockFileEx
UnlockFile
GetFullPathNameA
GetFullPathNameW
LoadLibraryA
GetSystemTime
GetSystemTimeAsFileTime
TlsSetValue
TlsGetValue
TlsAlloc
CreateFileA
CreateFileW
CompareStringW
WriteConsoleW
SetStdHandle
SetConsoleCtrlHandler
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileType
SetHandleCount
GetLocaleInfoW
GetTimeZoneInformation
FatalAppExitA
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetConsoleMode
GetConsoleCP
GetStdHandle
ExitProcess
HeapDestroy
DeleteFileW
MoveFileW
WriteFile
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileIntW
ReadFile
InitializeCriticalSection
DeleteCriticalSection
lstrcpyW
LocalFree
GetModuleFileNameW
GetProcessHeap
GetCommandLineW
GetLastError
SetEnvironmentVariableA
HeapFree
InterlockedPushEntrySList
FlushFileBuffers
HeapCreate
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCurrentThread
TlsFree
LCMapStringW
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCPInfo
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
GetDateFormatA
GetTimeFormatA
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
InterlockedExchange
GetStringTypeW
EncodePointer
DecodePointer
RtlUnwind
InterlockedCompareExchange

user32

UnregisterClassA
wsprintfW
CharNextW
GetSysColor
LoadCursorW
PtInRect
GetWindowRect
GetSubMenu
LoadMenuW
LoadIconW
SetCursor
SendMessageW
LoadBitmapW
SetLayeredWindowAttributes
GetWindowLongW
GetClientRect
TrackPopupMenu
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItem
EndDialog
SetWindowLongW
PostThreadMessageW
DialogBoxParamW
DispatchMessageW
TranslateMessage
GetMessageW

gdi32

PaintRgn
FrameRgn
SetTextColor
SetBkColor
GetObjectW
CreateFontIndirectW
CreateSolidBrush
CreateRoundRectRgn

advapi32

RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey

shell32

CommandLineToArgvW

ole32

OleRun
CLSIDFromString
CLSIDFromProgID
CoReleaseServerProcess
CoAddRefServerProcess
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

UnRegisterTypeLi
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
SysStringLen
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SysAllocStringLen
SysFreeString
VariantCopy
VariantClear
SysAllocString
VariantInit
CreateErrorInfo
GetErrorInfo
SetErrorInfo
RegisterTypeLi

secur32

GetUserNameExW

winhttp

WinHttpReceiveResponse
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpGetProxyForUrl
WinHttpCrackUrl
WinHttpConnect
WinHttpOpenRequest
WinHttpSetStatusCallback
WinHttpSendRequest
WinHttpOpen
WinHttpSetOption
WinHttpCloseHandle

Sections

.text
Size: 697KB - Virtual size: 696KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff6de64585fabd347950f29cc86f44dd

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

secur32

winhttp

Sections

.text Size: 697KB - Virtual size: 696KB

.rdata Size: 102KB - Virtual size: 101KB

.data Size: 9KB - Virtual size: 20KB

.rsrc Size: 67KB - Virtual size: 67KB

.reloc Size: 26KB - Virtual size: 26KB

.text
Size: 697KB - Virtual size: 696KB

.rdata
Size: 102KB - Virtual size: 101KB

.data
Size: 9KB - Virtual size: 20KB

.rsrc
Size: 67KB - Virtual size: 67KB

.reloc
Size: 26KB - Virtual size: 26KB