63d1295bd48fa9432318e60e2ce8615a0d9e2599e134415e4893951b61134fc5

Sharing

Copy URL Twitter E-mail

General

Target

63d1295bd48fa9432318e60e2ce8615a0d9e2599e134415e4893951b61134fc5
Size

399KB
MD5

06d6b04199731cd3ed99a6630a76a9dc
SHA1

436515acd0786a81e43bf4ddba4aa70d9ed8738c
SHA256

63d1295bd48fa9432318e60e2ce8615a0d9e2599e134415e4893951b61134fc5
SHA512

5ddde32066a249fb1c213479051881c248f8d105ced052bbd637d02a05a36a0090496aed2dff96913191d534379024dd30e57677e00435ac73b5151cc526aac6
SSDEEP

12288:ecms/h1N1TTWhdDMOw/bxYk9bky2h9gpczI2LayMPFlcM:F5NKg7FbSy2h9gpczI2LayIeM

Score

N/A

Malware Config

Signatures

Files

63d1295bd48fa9432318e60e2ce8615a0d9e2599e134415e4893951b61134fc5
.exe windows x86

df1dbf61ab867029dc532204d67b9a35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
InitializeCriticalSection
MultiByteToWideChar
LoadLibraryExW
OutputDebugStringW
CreateFileW
FlushFileBuffers
WriteFile
GetSystemTime
CreateThread
SetFilePointer
ReadFile
DeviceIoControl
GetLocalTime
lstrcpynW
MulDiv
TerminateThread
WaitForSingleObject
CreateMutexW
OpenProcess
GetVersionExW
SystemTimeToFileTime
GetProcessTimes
GetFileAttributesExW
GetWindowsDirectoryW
RemoveDirectoryW
GetSystemDirectoryW
GetLogicalDriveStringsW
InterlockedIncrement
LoadLibraryW
GetProcAddress
FreeLibrary
InterlockedDecrement
CloseHandle
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
WriteConsoleW
GetModuleHandleW
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
CompareStringW
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleHandleA
GetConsoleMode
GetConsoleCP
GetModuleFileNameA
GetStdHandle
Sleep
HeapCreate
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
ExitThread
GetSystemTimeAsFileTime
CreateFileA
SetEndOfFile
GetCurrentProcessId
GetEnvironmentVariableW
SetEnvironmentVariableW
TlsFree
TlsAlloc
OpenThread
TlsSetValue
TlsGetValue
SetFilePointerEx
GetFileSizeEx
LocalFileTimeToFileTime
LeaveCriticalSection
EnterCriticalSection
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
GetTempPathW
GetTempFileNameW
GetConsoleOutputCP
DeleteFileW
lstrcpyW
lstrlenW
lstrcmpiW
GetCurrentProcess
FlushInstructionCache
ExitProcess
SetLastError
RaiseException
DeleteCriticalSection
FindFirstFileW
FindNextFileW
FindClose
InitializeCriticalSectionAndSpinCount
ReleaseMutex
FormatMessageW
LocalFree
GetACP
lstrlenA
WideCharToMultiByte
GetFileType
lstrcmpA
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetModuleFileNameW
GetCurrentThreadId
GetCPInfo

user32

GetDC
RegisterClassW
DefWindowProcW
LoadIconW
LoadCursorW
DispatchMessageW
TranslateMessage
UnregisterClassA
GetMessageW
PeekMessageW
ShowWindow
IsDialogMessageW
DestroyWindow
SetRectEmpty
SystemParametersInfoW
RegisterClassExW
GetClassInfoExW
EndDialog
PostQuitMessage
PostMessageW
EnableWindow
GetWindow
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
GetSystemMetrics
LoadImageW
MoveWindow
MessageBoxW
CreateDialogParamW
GetDlgItem
CallWindowProcW
DrawFocusRect
FillRect
CharNextW
SetWindowTextW
CreateWindowExW
DrawTextW
IsWindowEnabled
GetSysColor
GetFocus
ReleaseDC
GetWindowRect
GetClientRect
OffsetRect
SetWindowLongW
SetWindowPos
GetWindowTextLengthW
GetWindowTextW
GetWindowLongW
GetClassNameW
GetDlgCtrlID
GetParent
SendMessageW
EndPaint
BeginPaint
ScreenToClient
GetCursorPos
GetCapture
ReleaseCapture
SetFocus
SetCapture
UpdateWindow
PtInRect
SetCursor
InvalidateRect
IsWindow

gdi32

DPtoLP
SetTextColor
SetBkMode
SelectObject
GetObjectW
DeleteDC
CreateFontIndirectW
DeleteObject
GetStockObject
GetDeviceCaps

advapi32

RegCreateKeyExW
OpenProcessToken
GetTokenInformation
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteExW
ShellExecuteW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemRealloc

oleaut32

SysAllocStringByteLen
SysStringByteLen
VarUI4FromStr
VariantInit
SysStringLen
SysFreeString
SysAllocString
VariantClear

shlwapi

PathFileExistsW
SHGetValueW
PathIsRelativeW
PathRemoveFileSpecW
PathAppendW
StrCmpIW
PathFindExtensionW
PathCombineW

comctl32

_TrackMouseEvent
InitCommonControlsEx

wininet

HttpOpenRequestW
InternetOpenW
InternetSetOptionW
InternetConnectW
HttpSendRequestW
InternetCloseHandle

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 259KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

..
Size: 35KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

df1dbf61ab867029dc532204d67b9a35

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

wininet

version

Sections

.text Size: 259KB - Virtual size: 259KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 7KB - Virtual size: 16KB

.rsrc Size: 37KB - Virtual size: 36KB

.reloc Size: 15KB - Virtual size: 15KB

.. Size: 35KB - Virtual size: 56KB

.text
Size: 259KB - Virtual size: 259KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 7KB - Virtual size: 16KB

.rsrc
Size: 37KB - Virtual size: 36KB

.reloc
Size: 15KB - Virtual size: 15KB

..
Size: 35KB - Virtual size: 56KB