c7942d8daa3bf1ea69c76ab8f2fb79f9a99d6d1d3c3b541deacb8c5d62bfbddf

Sharing

Copy URL

Twitter E-mail

General

Target

c7942d8daa3bf1ea69c76ab8f2fb79f9a99d6d1d3c3b541deacb8c5d62bfbddf
Size

1.3MB
MD5

90845e93c7b6ac36ac4a7446ebed64f5
SHA1

5f0f7d5c3f22a3e9d385075338178c1d08868ba5
SHA256

c7942d8daa3bf1ea69c76ab8f2fb79f9a99d6d1d3c3b541deacb8c5d62bfbddf
SHA512

b4c7a6472ca4d00ec7cbe765eb38defb7fa7c089394bd6ac7dd76bf076b82b42c62f2a870c4498d1ee5afa2880342392c5eb7b6584b3c2262e937771b4392948
SSDEEP

6144:Z2wmA9vzZjHlYCbbulbbu+ZAVoK//bbuBY4bbuabbupkA3Sw9bbu8CdycMyFzbbL:ZOAvjHqmMA9CdycfE0U8y6

Score

N/A

Malware Config

Signatures

Files

c7942d8daa3bf1ea69c76ab8f2fb79f9a99d6d1d3c3b541deacb8c5d62bfbddf
.exe windows x86

5773b6e3cd84b7d6953d2ae6763fd351

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
MoveFileA
CreateDirectoryA
GetLocaleInfoA
Sleep
GetCurrentProcessId
TerminateThread
WaitForSingleObject
ReadFile
GetFileSize
MultiByteToWideChar
GetSystemDefaultLangID
CreateFileA
WriteFile
ResetEvent
DeleteFileA
GetFileAttributesExA
GetDateFormatA
GetNumberFormatA
FindResourceA
LoadResource
SizeofResource
LockResource
GetFileAttributesA
SetStdHandle
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetStringTypeW
GetStringTypeA
GetVersion
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
GetLastError
LocalReAlloc
GetShortPathNameA
GetModuleHandleA
GetProcAddress
FormatMessageA
GlobalFree
GlobalSize
GlobalReAlloc
GlobalAlloc
LoadLibraryA
CreateEventA
SetEvent
CreateMutexA
OpenEventA
ReleaseMutex
FreeLibrary
ExitProcess
LocalSize
lstrcpyA
GetModuleFileNameA
MulDiv
LocalFree
LocalAlloc
CreateThread
GetExitCodeThread
CloseHandle
ExitThread
GetVersionExA
FlushFileBuffers

advapi32

CryptAcquireContextA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
RegCloseKey

user32

FillRect
GetClientRect
GetDlgItem
GetWindowLongA
MessageBoxA
SystemParametersInfoA
LoadCursorA
CallWindowProcA
GetForegroundWindow
GetActiveWindow
GetWindowThreadProcessId
GetWindowTextA
LoadImageA
GetClassNameA
GetDlgCtrlID
DestroyIcon
GetParent
SetWindowLongA
ShowWindow
AttachThreadInput
SetForegroundWindow
BringWindowToTop
MoveWindow
GetSystemMetrics
CreateWindowExA
GetDialogBaseUnits
SetClassLongA
GetClassLongA
SetWindowTextA
LoadStringA
EndDialog
EnableWindow
GetWindowTextLengthA
SetFocus
IsWindowVisible
PostMessageA
DialogBoxParamA
CheckRadioButton
CheckDlgButton
IsDlgButtonChecked
UpdateWindow
IsDialogMessageA
CreateDialogParamA
IsWindowEnabled
GetCursorPos
IsWindow
GetAsyncKeyState
PostQuitMessage
CreatePopupMenu
AppendMenuA
TrackPopupMenuEx
DestroyMenu
EnumWindows
ExitWindowsEx
MessageBeep
PtInRect
SetCursor
DrawTextA
GetSysColor
MapDialogRect
InflateRect
ScreenToClient
SendMessageA
DestroyWindow
GetDC
ReleaseDC
EnumChildWindows
GetSysColorBrush
MsgWaitForMultipleObjects
GetWindowRect
PeekMessageA
SetWindowPos
TranslateMessage
DispatchMessageA
EnumThreadWindows
GetMessageA

gdi32

Escape
AbortDoc
StartDocA
StartPage
EndPage
EndDoc
CreateFontIndirectA
GetStockObject
GetDeviceCaps
StretchBlt
DeleteDC
DeleteObject
GetTextMetricsA
SetBkMode
SetTextColor
SetStretchBltMode
CreateCompatibleDC
SelectObject
GetObjectA
BitBlt
EnumFontFamiliesExA

comdlg32

GetSaveFileNameA
PrintDlgA

comctl32

ImageList_Create
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_GetIcon
ord17
PropertySheetA

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoA
SHGetPathFromIDListA
ShellExecuteExA
SHGetMalloc

ole32

OleUninitialize
OleInitialize

setupapi

SetupPromptReboot

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wintrust

WinVerifyTrust

urlmon

UrlMkSetSessionOption
URLOpenBlockingStreamA

tpisetup

TPI_InstallPackage
TPI_GetTpiImageList
TPI_GetTpiImageIndex
TPI_ExpandExtractCommand
TPI_DownloadPackage
TPI_IsFtpPackage
TPI_GetCriticalState
TPI_GetPackageName
TPI_ResetLogPath
TPI_SetDownloadDirectory
TPI_EnumSearchPath
TPI_AddSearchPath
TPI_DelSearchPath
TPI_EnumPackagesSilent
TPI_QueryLatestThisPackageOnWeb
TPI_EnumPackages
TPI_LeaveLiveupdatePackageOnly
TPI_SetProxySetting
TPI_GetSetupType
TPI_IsSelfReboot
TPI_SetVirtualMTM
TPI_GetPackageIStr
TPI_GetPackagePath
TPI_ComparePackageVersion
TPI_GetPackageVersion
TPI_DisableNewlyInstall
TPI_IsNewlyInstallDisabled
TPI_QueryUninstallRequired
TPI_GetStatus
TPI_GetParentsIStr
TPI_Init
TPI_QueryWebCapability
TPI_GetLiveupdateData
TPI_Clean
TPI_GetPlanerInfo
TPI_GetVirtualMTM
TPI_GetOnlineHelpURL
TPI_LiveupdateKillTarget
TPI_FindNameFromTPIID
TPI_SetInstallDirectory
TPI_GetInstallInfo
TPI_LiveupdateNotifyFinish
TPI_GetProxySetting
TPI_DoSelfReboot
TPI_GetOnlineMTMHelpURL
TPI_GetRapidRestoreInfo
TPI_GetReleaseInfo
TPI_OutputLog
TPI_RemoveLiveupdateData
TPI_GetInstallDirectory
TPI_GetResetDownloadDirectory

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5773b6e3cd84b7d6953d2ae6763fd351

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

comdlg32

comctl32

shell32

ole32

setupapi

version

wintrust

urlmon

tpisetup

Sections

.text Size: 108KB - Virtual size: 105KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 1.2MB - Virtual size: 1.3MB

.text
Size: 108KB - Virtual size: 105KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 1.2MB - Virtual size: 1.3MB