8cb6b89a18718b74fb7f53d94d3f194f19c75f450b6e4f8bb7ea38275bacb0c0

Sharing

Copy URL Twitter E-mail

General

Target

8cb6b89a18718b74fb7f53d94d3f194f19c75f450b6e4f8bb7ea38275bacb0c0
Size

444KB
MD5

1238e4504dcad06042a7b37cf584cdaf
SHA1

0d6d5f3dc6e3dd19b46002ff633b1fb5dbb4b356
SHA256

8cb6b89a18718b74fb7f53d94d3f194f19c75f450b6e4f8bb7ea38275bacb0c0
SHA512

60541bf7979138c509332a50eb1d4c698fcea61290978b6c36750b7856815d0ddac7ce5f2e7658fcb1952fe6baff47999b324b5d7792ea066b7e13ef52551416
SSDEEP

6144:xb6qDZxQ6IGh8dYPISKz8mr8ChcviEOLhYnT5lhPJe4Acy9HOkGSlkpU0Zdrs3iI:xXZxdX1VO89OLhYDFJeb9HOkhFEwy2m

Score

N/A

Malware Config

Signatures

Files

8cb6b89a18718b74fb7f53d94d3f194f19c75f450b6e4f8bb7ea38275bacb0c0
.dll windows x86

823db647e23248a90fc3c3a352bacada

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkColor
CreateSolidBrush

shlwapi

PathCompactPathExW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

advapi32

LookupPrivilegeValueW
StartServiceW
SetTokenInformation
SetSecurityDescriptorSacl
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
AdjustTokenPrivileges
AllocateAndInitializeSid
CheckTokenMembership
CloseServiceHandle
ControlService
CreateProcessAsUserW
DuplicateTokenEx
FreeSid
GetUserNameW
InitializeSecurityDescriptor
OpenProcessToken
OpenSCManagerW
OpenServiceW
QueryServiceStatusEx
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW

wininet

HttpAddRequestHeadersA
HttpOpenRequestW
HttpQueryInfoW
HttpSendRequestW
InternetCloseHandle
InternetConnectW
InternetOpenW
InternetQueryDataAvailable
InternetQueryOptionW
InternetReadFile
InternetSetOptionW
InternetSetStatusCallbackW

kernel32

WriteFile
WriteConsoleW
WriteConsoleA
WideCharToMultiByte
WaitNamedPipeW
WaitForSingleObject
WaitForMultipleObjects
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateThread
TerminateProcess
SystemTimeToFileTime
SetUnhandledExceptionFilter
AllocConsole
CancelIo
CloseHandle
CompareStringA
CompareStringW
CopyFileW
CreateEventA
CreateEventW
CreateFileA
CreateMutexW
CreateProcessW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileW
DisconnectNamedPipe
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesW
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeExW
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenEventA
OpenMutexW
OpenProcess
OutputDebugStringW
Process32FirstW
Process32NextW
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
ResetEvent
RtlUnwind
SearchPathW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle

rpcrt4

UuidCreate
UuidFromStringW
UuidToStringW
RpcStringFreeW

user32

SetActiveWindow
SendMessageW
PostMessageW
SetTimer
SetDlgItemTextW
SetWindowPos
SetWindowTextW
ShowWindow
wsprintfW
SetForegroundWindow
BringWindowToTop
CopyRect
CreateDialogParamW
CreateWindowExW
DestroyWindow
DialogBoxParamW
EnableWindow
EndDialog
ExitWindowsEx
OffsetRect
GetDesktopWindow
GetDlgItem
GetDlgItemTextW
GetParent
GetSystemMetrics
GetWindowRect
IsWindow
KillTimer
LoadImageW
LoadStringW
MessageBoxW
GetClientRect

shell32

SHGetFolderPathW
ShellExecuteExW
ShellExecuteW
CommandLineToArgvW
SHCreateDirectoryExW

ole32

CoUninitialize
CoInitializeEx

Exports

Exports

DeprecationWarning
read_init_2
set_sRGB
write_chunk_start

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

823db647e23248a90fc3c3a352bacada

Headers

File Characteristics

Imports

gdi32

shlwapi

version

advapi32

wininet

kernel32

rpcrt4

user32

shell32

ole32

Exports

Exports

Sections

.text Size: 81KB - Virtual size: 80KB

.rdata Size: 260KB - Virtual size: 259KB

.data Size: 69KB - Virtual size: 71KB

.rsrc Size: 27KB - Virtual size: 27KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 81KB - Virtual size: 80KB

.rdata
Size: 260KB - Virtual size: 259KB

.data
Size: 69KB - Virtual size: 71KB

.rsrc
Size: 27KB - Virtual size: 27KB

.reloc
Size: 5KB - Virtual size: 5KB