a782f3e20d05bab92b56b883259803dd5cbb0f3842bfb6baa17db980d954b2a0

Sharing

Copy URL Twitter E-mail

General

Target

a782f3e20d05bab92b56b883259803dd5cbb0f3842bfb6baa17db980d954b2a0
Size

220KB
MD5

8311935a44cd4f1bc2885394ed94df00
SHA1

fd5241d7d45a8b70368a9cbf70704483a922d311
SHA256

a782f3e20d05bab92b56b883259803dd5cbb0f3842bfb6baa17db980d954b2a0
SHA512

1acae8cc3c4832ddb5f6e0740f58f885dbc281cf4802082788413b9f1c720d342d6a7b3008d98fd418f8e30c679a12dd9c99d244b4f1dd4a5541b829e4643210
SSDEEP

3072:czn+DnuThuoKnxfCT9I1DTq3inGexbHfK5pcHX4XCB9ppvIG:8hu7FC61dRxbHfIu3eG

Score

N/A

Malware Config

Signatures

Files

a782f3e20d05bab92b56b883259803dd5cbb0f3842bfb6baa17db980d954b2a0
.exe windows x86

109169dade6a4c48c9ec3935aac53593

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlHashA
UrlCreateFromPathW
SHDeleteValueA
PathCommonPrefixW
PathMatchSpecW
PathCanonicalizeA
StrCatBuffW
UrlGetLocationW
PathIsDirectoryA
StrStrIA
wvnsprintfA
PathFileExistsW
StrRStrIW
PathAppendW
StrChrW
SHStrDupA
PathFindFileNameA
PathIsContentTypeA
SHStrDupW
StrChrIA
PathGetCharTypeW
PathIsLFNFileSpecW
PathAppendA
PathIsRelativeW
PathFindExtensionW
PathFindNextComponentA
StrChrIW
StrStrA
StrChrA
wvnsprintfW
StrRChrA

kernel32

GetProcessHeap
lstrcatA
lstrcpyA
lstrcpynA
lstrcmpiW
SetComputerNameExW
GetDefaultCommConfigW
WriteProfileStringA
SetSystemTime
Process32Next
FindVolumeClose
SetEvent
SleepEx
GetLocalTime
GetWriteWatch
GetPrivateProfileIntW
Thread32Next
GetLocaleInfoW
FlushViewOfFile
GetPrivateProfileSectionW
Module32NextW
WaitNamedPipeW
GetSystemTimeAdjustment
GetFileInformationByHandle
GetLogicalDrives
ChangeTimerQueueTimer
OpenEventA
FindResourceA
TerminateJobObject
CreateDirectoryW
DeleteTimerQueueEx
DisconnectNamedPipe
GetProcessVersion
OpenFileMappingA
GlobalAddAtomA
RemoveDirectoryW
GetSystemDefaultUILanguage
SetComputerNameExA
OpenFile
SetComputerNameA
GetModuleHandleA
GetVersionExA
FlushInstructionCache
GetCurrentProcess
UnhandledExceptionFilter
VirtualAlloc
GetVolumeInformationA
WideCharToMultiByte
HeapAlloc
SystemTimeToFileTime
GetSystemTime
GetSystemInfo
CloseHandle
DeviceIoControl
CreateFileW
Sleep
ExitProcess
MultiByteToWideChar
lstrlenW
GetProcAddress
InterlockedIncrement
InterlockedDecrement
lstrlenA
lstrcmpiA
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
LoadLibraryExA
GetModuleFileNameA
LoadLibraryA
GetCurrentProcessId
lstrcmpA
LockResource
SetLastError
LCMapStringW
LoadLibraryW
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameW
GetStdHandle
WriteFile
RtlUnwind
HeapSize
HeapReAlloc
HeapCreate
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
GetCommandLineA
VirtualQuery
GetModuleHandleW
VirtualProtect
EncodePointer
DecodePointer
InterlockedPopEntrySList
VirtualFree
IsProcessorFeaturePresent
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetLastError
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetCurrentThreadId
WriteConsoleW
SetStdHandle
GetStringTypeW

user32

SetWindowPos
CheckMenuRadioItem
MonitorFromWindow
GetWindow
EndDialog
DialogBoxParamA
SetMenuDefaultItem
RemoveMenu
AppendMenuA
CreatePopupMenu
LoadBitmapA
LoadStringW
PostQuitMessage
GetWindowRect
TranslateAcceleratorA
KillTimer
SetTimer
SetMenu
GetMenu
GetSubMenu
PtInRect
IsMenu
SetWindowsHookExA
GetClassNameA
OffsetRect
CallNextHookEx
GetKeyState
CharLowerA
UnhookWindowsHookEx
InflateRect
SystemParametersInfoA
SetRectEmpty
GetSystemMetrics
RegisterWindowMessageA
GetSysColorBrush
GetSysColor
ReleaseDC
GetWindowDC
TrackPopupMenuEx
GetMessagePos
WindowFromPoint
MessageBeep
DrawEdge
FrameRect
ModifyMenuA
MonitorFromPoint
GetMonitorInfoA
DrawFrameControl
DrawTextA
GetFocus
SetMenuItemInfoA
GetMenuItemInfoA
FillRect
GetActiveWindow
GetWindowThreadProcessId
GetParent
SetFocus
IsWindowEnabled
IsWindowVisible
MapWindowPoints
ScreenToClient
GetClientRect
PostMessageA
LoadStringA
LoadMenuA
LoadAcceleratorsA
DestroyMenu
CreateWindowExA
EndPaint
BeginPaint
CallWindowProcA
DestroyWindow
GetClassInfoExA
LoadCursorA
LoadImageA
RegisterClassExA
CharNextA
GetMessageA
TranslateMessage
DefWindowProcA
IsWindow
ShowWindow
GetWindowLongA
SetWindowLongA
SetWindowPlacement
PeekMessageA
ScrollWindow
GetDlgCtrlID
CheckRadioButton
SetKeyboardState
DeleteMenu
InsertMenuA
GetDC
SendMessageA
InvalidateRgn
VkKeyScanA
SetWindowTextA
SendMessageTimeoutA
GetClassInfoW
GetMenuItemID
UpdateWindow
AppendMenuW
PostThreadMessageA
MoveWindow
WindowFromDC
GetMenuItemCount
DispatchMessageA
DispatchMessageW
MapVirtualKeyA
InvalidateRect
UnregisterClassA

gdi32

GetStockObject
GetCurrentObject
CreateDIBSection
CreatePatternBrush
CreateBitmap
PatBlt
SetBkColor
SetBrushOrgEx
SetTextColor
SetBkMode
CreateFontIndirectA
GetObjectA
CreateCompatibleBitmap
BitBlt
SelectObject
CreateCompatibleDC
DeleteDC
DeleteObject

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryInfoKeyW
RegEnumKeyExA
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoSetProxyBlanket

oleaut32

VariantInit
SysFreeString
SysAllocString
VarUI4FromStr
VariantClear

comctl32

ImageList_GetImageCount
ImageList_Draw
ImageList_DrawIndirect
ord6
ord8
ImageList_Create
ImageList_LoadImageA
ImageList_AddMasked
ImageList_Destroy
InitCommonControlsEx

Sections

.text
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

109169dade6a4c48c9ec3935aac53593

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 150KB - Virtual size: 150KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 150KB - Virtual size: 150KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 9KB - Virtual size: 9KB