ef5b62e73c382f690655560cd49e056f4a47bddf61c7cf7489b9470ee9fb90c5

Sharing

Copy URL

Twitter E-mail

General

Target

ef5b62e73c382f690655560cd49e056f4a47bddf61c7cf7489b9470ee9fb90c5
Size

1.3MB
MD5

052c428011657d9b0085aab6467ff400
SHA1

2f257984cc663a5999d74203acb7170f2e165eaf
SHA256

ef5b62e73c382f690655560cd49e056f4a47bddf61c7cf7489b9470ee9fb90c5
SHA512

d056f7be56cd0e0d305c231575418e6b8cd20563ec4eda83c5950bda08abaf9ca5efa7ef6a38d386be494b4e79df76c722022288b02ceebeab7fb9773ffce55f
SSDEEP

24576:L0a1Gp1LZGbq+FA0b7LwA7jfJ5Y2bHgSirTh5GJGa2Kn:zadwLD70A7jfJGkITh5GJGarn

Score

N/A

Malware Config

Signatures

Files

ef5b62e73c382f690655560cd49e056f4a47bddf61c7cf7489b9470ee9fb90c5
.exe windows x86

3b2c9e9f3f00ab8d497358d6ae59d263

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MiniDumpWriteDump

kernel32

GetModuleHandleA
CreateDirectoryA
GetProcAddress
LoadLibraryA
lstrcatA
FreeLibrary
GetSystemDirectoryA
GlobalFree
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileA
GetLocalTime
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GlobalAlloc
GetTempPathA
ExitProcess
ReleaseMutex
GetLastError
CreateMutexA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
OutputDebugStringA
LocalFree
FormatMessageA
GetLongPathNameA
DeviceIoControl
IsDebuggerPresent
VirtualQuery
SetFilePointer
lstrcpyA
WriteFile
lstrlenA
RaiseException
GetSystemInfo
GetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
GlobalMemoryStatus
GetSystemTimeAsFileTime
GetVersionExA
lstrcpynA
SetLastError
GetComputerNameA
ExpandEnvironmentStringsA
WideCharToMultiByte
ReadProcessMemory
FlushViewOfFile
OpenFileMappingA
GetPrivateProfileStringA
DeleteFileA
FindClose
FindFirstFileA
WaitForSingleObject
ReadFile
CreateThread
CopyFileA
GetTickCount
lstrcmpiA
GetFileAttributesA
lstrlenW
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
GetModuleFileNameA
GetEnvironmentVariableA
MultiByteToWideChar
FindResourceA
SizeofResource
LoadResource
LockResource
FreeResource
CreateToolhelp32Snapshot
Process32First
Process32Next
Sleep
CreateProcessA
LCMapStringA
InterlockedExchange
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapAlloc
HeapFree
OpenProcess
CloseHandle
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
FlushFileBuffers
HeapSize
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
HeapDestroy
HeapCreate
HeapReAlloc
VirtualAlloc
VirtualFree
FatalAppExitA
GetCurrentThread
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
GetStartupInfoA
GetCommandLineA
FindNextFileA
FileTimeToSystemTime
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
ResumeThread

user32

SystemParametersInfoA
SendMessageA
GetSystemMetrics
PostThreadMessageA
DispatchMessageA
TranslateMessage
GetMessageA
GetForegroundWindow
ShowWindow
IsWindow
wsprintfA
wvsprintfA
SetWindowPos
GetClientRect
IsWindowVisible
GetParent
FindWindowExA
GetClassNameA
EnumWindows
GetWindowTextA
GetWindowThreadProcessId

advapi32

OpenProcessToken
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegCloseKey
GetUserNameA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExA
RegQueryValueExA
LookupPrivilegeValueA
AdjustTokenPrivileges

shell32

ShellExecuteExA
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CoInitialize
CoCreateInstance
OleUninitialize
OleInitialize

ws2_32

inet_ntoa
WSACleanup
closesocket
WSAGetLastError
setsockopt
socket
sendto
recvfrom
inet_addr
recv
send
htons
gethostbyname
bind
htonl
__WSAFDIsSet
select
connect
ioctlsocket
shutdown
getsockname
getpeername
listen
accept
WSAIoctl
gethostname
ntohs
WSAStartup

winmm

timeKillEvent

shlwapi

StrStrIA
UrlUnescapeA
PathIsDirectoryA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetGetConnectedState
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetSetOptionA
InternetConnectA
DeleteUrlCacheEntry

iphlpapi

GetTcpStatistics
GetUdpStatistics
GetIfTable
CreateIpNetEntry
GetBestRoute
GetPerAdapterInfo
GetIpAddrTable
GetIcmpStatistics
GetIpStatistics
GetAdaptersInfo

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExA

oleaut32

SysAllocString
GetErrorInfo
VariantChangeType
VariantInit
SetErrorInfo
CreateErrorInfo
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 881KB - Virtual size: 880KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b2c9e9f3f00ab8d497358d6ae59d263

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

kernel32

user32

advapi32

shell32

ole32

ws2_32

winmm

shlwapi

wininet

iphlpapi

version

psapi

oleaut32

Sections

.text Size: 333KB - Virtual size: 333KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 13KB - Virtual size: 51KB

.rsrc Size: 881KB - Virtual size: 880KB

.text
Size: 333KB - Virtual size: 333KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 13KB - Virtual size: 51KB

.rsrc
Size: 881KB - Virtual size: 880KB