29f15005c5c89bc42e19f0bfdb829b3805e9a41ab264889fb7539a68d9e4e4ea

Sharing

Copy URL Twitter E-mail

General

Target

29f15005c5c89bc42e19f0bfdb829b3805e9a41ab264889fb7539a68d9e4e4ea
Size

176KB
MD5

096e67ddf8bbd3a20d40f6c6ea7a01d0
SHA1

904b1dbdac3e2e1428523dba17442e8ebbfe5b2f
SHA256

29f15005c5c89bc42e19f0bfdb829b3805e9a41ab264889fb7539a68d9e4e4ea
SHA512

707f9c6153b0109b3b4b16b362c5b6b248b36159178213575d22d9d96d0b61c66bd1bf43c521a170977f6f7c323c9abd476a621e148fa7e44980f7b0883f4225
SSDEEP

3072:vcd2Ol0WeoTDj8OH6X11TP9fG1F2FOrrNwxpx9pY6Ndut71a/TNRINBj:vcdl0DS/aDP1eEFOnspxc6NdGa/rK9

Score

N/A

Malware Config

Signatures

Files

29f15005c5c89bc42e19f0bfdb829b3805e9a41ab264889fb7539a68d9e4e4ea
.exe windows x86

000461eda513de5bce816147e2d51e61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalSize
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetStartupInfoA
CreatePipe
DisconnectNamedPipe
TerminateProcess
PeekNamedPipe
WaitForMultipleObjects
FreeLibrary
GlobalMemoryStatusEx
GetSystemInfo
OutputDebugStringA
ReleaseMutex
SetErrorMode
OpenEventA
CreateMutexA
GetCurrentThreadId
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
lstrcmpiA
SetEndOfFile
UnmapViewOfFile
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
InterlockedIncrement
InterlockedDecrement
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LeaveCriticalSection
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentVariableA
HeapSize
RaiseException
SetLastError
TlsAlloc
GetCommandLineA
ExitThread
TlsGetValue
TlsSetValue
HeapReAlloc
RtlUnwind
CreateFileMappingA
MapViewOfFile
GetLocalTime
lstrcatA
GetTickCount
Beep
GetProcessHeap
HeapAlloc
GetModuleHandleA
HeapFree
DeviceIoControl
GetVersion
GetCurrentProcess
ExitProcess
CopyFileA
SetFileAttributesA
GetSystemDirectoryA
GetModuleFileNameA
MoveFileA
WriteFile
SetFilePointer
ReadFile
CreateFileA
GetFileSize
RemoveDirectoryA
CreateEventA
LocalAlloc
FindFirstFileA
LocalReAlloc
FindNextFileA
LocalFree
FindClose
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
CreateProcessA
GetFileAttributesA
CreateDirectoryA
GetLastError
DeleteFileA
GetVersionExA
GetPrivateProfileStringA
lstrcmpA
MultiByteToWideChar
GetWindowsDirectoryA
lstrcpyA
GetPrivateProfileSectionNamesA
lstrlenA
Sleep
CancelIo
ResetEvent
WideCharToMultiByte
InterlockedExchange
VirtualAlloc
EnterCriticalSection
LoadLibraryA
GetProcAddress
VirtualFree
DeleteCriticalSection
InitializeCriticalSection
CreateThread
ResumeThread
SetEvent
WaitForSingleObject
TerminateThread
CloseHandle
LCMapStringW

user32

GetInputState
EnumWindows
CloseDesktop
SetThreadDesktop
TranslateMessage
GetMessageA
CreateWindowExA
GetClientRect
ReleaseDC
GetDC
wsprintfA
CharNextA
MessageBoxA
SendMessageA
GetWindowThreadProcessId
IsWindowVisible
PostThreadMessageA
ShowWindow
FindWindowA
GetWindowRect
SetProcessWindowStation
GetForegroundWindow
GetActiveWindow
GetKeyNameTextA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
LoadCursorA
GetCursorInfo
GetCursorPos
GetDesktopWindow
SetRect
DispatchMessageA
GetProcessWindowStation
ExitWindowsEx
OpenWindowStationA
OpenInputDesktop
GetUserObjectInformationA
GetThreadDesktop
CloseClipboard
SetCursorPos
PostMessageA
WindowFromPoint
GetSystemMetrics
GetClipboardData
DestroyCursor
OpenClipboard
SystemParametersInfoA
OpenDesktopA
SetCapture
EmptyClipboard
MoveWindow
SetClipboardData

gdi32

BitBlt
DeleteDC
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
GetDIBits
DeleteObject
CreateDIBSection

advapi32

SetEntriesInAclA
IsValidSid
LookupAccountNameA
GetTokenInformation
LookupAccountSidA
RegOpenKeyA
GetSecurityInfo
SetSecurityInfo
RegQueryInfoKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegEnumValueA
RegEnumKeyExA
RegQueryValueExA
AllocateAndInitializeSid
FreeSid
GetUserNameA
GetFileSecurityA
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
InitializeAcl
GetAce
EqualSid
AddAce
AddAccessAllowedAce
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyExA
RegQueryValueA
RegCloseKey
LsaFreeMemory
LsaOpenPolicy
LsaRetrievePrivateData
LsaClose

shell32

SHGetSpecialFolderPathA
SHGetFileInfoA

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitialize

oleaut32

SysFreeString

winmm

waveOutClose
mciSendStringA
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveOutWrite
waveInStop
waveInReset
waveInUnprepareHeader
waveInClose
waveOutReset
waveOutUnprepareHeader

ws2_32

getsockname
connect
htons
WSAStartup
WSACleanup
WSAIoctl
gethostname
__WSAFDIsSet
recvfrom
sendto
listen
accept
getpeername
bind
gethostbyname
ntohs
inet_addr
inet_ntoa
send
closesocket
select
socket
setsockopt

netapi32

NetUserAdd
NetApiBufferFree
NetUserGetLocalGroups
NetLocalGroupAddMembers

imm32

ImmGetCompositionStringA
ImmGetContext
ImmReleaseContext

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

avicap32

capGetDriverDescriptionA

psapi

GetModuleFileNameExA
EnumProcessModules

wtsapi32

WTSQuerySessionInformationA
WTSFreeMemory

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

000461eda513de5bce816147e2d51e61

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

winmm

ws2_32

netapi32

imm32

wininet

avicap32

psapi

wtsapi32

Sections

.text Size: 112KB - Virtual size: 108KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 20KB - Virtual size: 27KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 112KB - Virtual size: 108KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 20KB - Virtual size: 27KB

.rsrc
Size: 20KB - Virtual size: 16KB