b696847eabf9b18e9b00c830b8299a0ab73c9d759e875c8cfef64053fde3700e

Sharing

Copy URL Twitter E-mail

General

Target

b696847eabf9b18e9b00c830b8299a0ab73c9d759e875c8cfef64053fde3700e
Size

905KB
MD5

33b8fc8b272e0694b03ca97cef81d966
SHA1

ca00d6430d7871c003eda172bf55adc947d581a7
SHA256

b696847eabf9b18e9b00c830b8299a0ab73c9d759e875c8cfef64053fde3700e
SHA512

a02bb757a5ad850e4607d278a3ca62876bf9983d613892fcb81f1c78099df2d69025886fe173f17f18056670d7972a5e0d06e40b3b2d05157580b637e7eab60a
SSDEEP

6144:JkeNJXEFVTOGA97NXJyL2oYpx2+F2Uj3XmseXd8b2Vx47KeeVSRiPKgU74EDMoIZ:eoHtLXmseXd8Z7KdIRvgU74EDMo+l7j

Score

N/A

Malware Config

Signatures

Files

b696847eabf9b18e9b00c830b8299a0ab73c9d759e875c8cfef64053fde3700e
.exe windows x86

67692b41def485cd897380c6f05e7fdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalFree
VirtualAlloc
DisableThreadLibraryCalls
ExpandEnvironmentStringsW
GetDateFormatA
GetModuleFileNameW
GetTickCount
GlobalUnWire
InterlockedDecrement
InterlockedIncrement
lstrcatW
lstrcpyW
lstrlenW
GetDriveTypeW
GetFullPathNameW
GetLogicalDrives
GetProcAddress
GetSystemInfo
GetVolumeInformationW
HeapCreate
LoadLibraryW
MultiByteToWideChar
Sleep
WideCharToMultiByte
lstrcmpW
lstrcmpiW
lstrcpyA
lstrcpynW
CloseHandle
FreeLibrary
GetCurrentProcess
GetModuleHandleW
GlobalLock
GlobalReAlloc
GlobalUnlock
InterlockedExchange
OutputDebugStringA
ReadFile
SetEvent
SetFilePointer
SetUnhandledExceptionFilter
TerminateProcess
TlsFree
UnhandledExceptionFilter
UnmapViewOfFile
WriteFile
lstrlenA
CreateFileMappingA
CreateMutexA
GetProcessTimes
Heap32ListFirst
MapViewOfFile
OpenFileMappingA
OpenMutexA
ReleaseMutex
SetThreadContext
CreateFileW
CreateMutexW
ExpandEnvironmentStringsA
FillConsoleOutputCharacterA
FoldStringA
GetComputerNameA
GetComputerNameW
GetCurrentThread
GetCurrentThreadId
GetFileSizeEx
GetLocalTime
GetProcessHeap
GetSystemTimeAsFileTime
SetVolumeMountPointW
WaitForSingleObject
WriteConsoleOutputW
InterlockedCompareExchange
SetConsoleCursorPosition
GetCurrentProcessId
QueryPerformanceCounter
CancelTimerQueueTimer
CompareFileTime
CreateDirectoryW
CreateProcessW
CreateThread
FindFirstVolumeW
FormatMessageW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetSystemDirectoryW
GetUserDefaultLangID
GetVersionExW
IsDBCSLeadByte
LocalAlloc
LocalFree
OpenEventW
SearchPathW
SetConsoleTitleW
SetCurrentDirectoryW
SetEnvironmentVariableW
SetThreadPriority
GetCompressedFileSizeW
GetProcessHeaps
GetFileSize
GetModuleHandleA
GetStartupInfoW
OpenFile
Process32FirstW
_lclose
_lread
HeapAlloc
HeapFree
VirtualFree
HeapReAlloc
IsBadWritePtr
GetTimeZoneInformation
GetConsoleCP
ReadConsoleInputA
GetLastError
ReadConsoleInputW
SetConsoleMode
GetConsoleMode
HeapSize
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapDestroy
GetACP
GetOEMCP
GetCPInfo
MoveFileW
DeleteFileW
ExitProcess
WriteConsoleA
CompareStringA
CompareStringW
PeekConsoleInputA
GetNumberOfConsoleInputEvents
SetConsoleCtrlHandler
TlsAlloc
SetLastError
TlsSetValue
TlsGetValue
GetFileAttributesW
GetStdHandle
GetModuleFileNameA
RaiseException
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
LCMapStringA
LCMapStringW
CreateFileA
GetConsoleOutputCP
WriteConsoleW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
VirtualProtect
VirtualQuery
GetLocaleInfoA
GetExitCodeProcess
LoadLibraryA
InitializeCriticalSection
GetTimeFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
CreateProcessA
GetFileAttributesA
SetEnvironmentVariableA
FlushFileBuffers

ole32

StgCreateStorageEx
ReadClassStg
HGLOBAL_UserMarshal
MonikerRelativePathTo
HMETAFILE_UserUnmarshal
HMENU_UserSize
CoRevokeClassObject
CoGetCallContext
CoUninitialize
CoSetState
DoDragDrop
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance

oleaut32

VarBoolFromUI4
VarNeg
VarUI2FromUI4
VarR4FromCy
VarI2FromBool
VarDateFromStr
VarI1FromCy
VarFormatCurrency

shell32

SHGetFileInfo
SHQueryRecycleBinW
SHAddToRecentDocs
ShellExecuteW

user32

SetCursorPos
ChildWindowFromPoint
CreateDialogParamW
DdeEnableCallback
DdeGetData
ExitWindowsEx
GetSystemMetrics
GetThreadDesktop
IMPGetIMEA
LoadStringW
RegisterClassExW
SystemParametersInfoW
PostMessageA
SendMessageW
ToAscii
CreatePopupMenu
GetMenuDefaultItem
PrivateExtractIconsA
wsprintfW
CharNextW
CharPrevW
CharUpperW
IsCharAlphaW
IsWindow
SystemParametersInfoA
GetTabbedTextExtentW
MessageBoxW
GetClassInfoA
GetKeyboardLayout
DefWindowProcW
DrawTextExW
EmptyClipboard
IMPQueryIMEW
IntersectRect
PostMessageW

Sections

.text
Size: 280KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 344KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

67692b41def485cd897380c6f05e7fdd

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

shell32

user32

Sections

.text Size: 280KB - Virtual size: 278KB

.rdata Size: 344KB - Virtual size: 340KB

.data Size: 276KB - Virtual size: 287KB

.text
Size: 280KB - Virtual size: 278KB

.rdata
Size: 344KB - Virtual size: 340KB

.data
Size: 276KB - Virtual size: 287KB