98fb7951653e4a0cf70659f0edc7b5e4904c7e676b1dcff227c3f5428d93e9eb

Sharing

Copy URL Twitter E-mail

General

Target

98fb7951653e4a0cf70659f0edc7b5e4904c7e676b1dcff227c3f5428d93e9eb
Size

266KB
MD5

04d45ddb11ffb14d2602838a416612dd
SHA1

42b4d706654369933acf16945ac9a745980853fa
SHA256

98fb7951653e4a0cf70659f0edc7b5e4904c7e676b1dcff227c3f5428d93e9eb
SHA512

22e8cb98d29e89583516268476c1741a0dd1a9123bec7ed9eb695505458b9b9cdc715a6a716cc60f74d773e63dd07be32a4f11ada691e0f618667c13d85d5b3e
SSDEEP

6144:05rBhCLwaxjJSs2zCVo2XN+3YlXtGPSLlWOY0:SBYkaFJSPs9meXm

Score

N/A

Malware Config

Signatures

Files

98fb7951653e4a0cf70659f0edc7b5e4904c7e676b1dcff227c3f5428d93e9eb
.exe windows x86

7e223382ea11caff34fede9b37c35f12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExA
RegSetValueA
RegCloseKey
RegQueryValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
CryptEncrypt
RegSetValueExA
GetFileSecurityA
RegCreateKeyExA
SetFileSecurityA
CryptReleaseContext
GetUserNameA
RegDeleteValueA
RegCreateKeyA
RegDeleteKeyA
RegOpenKeyA
CryptDecrypt
CryptDestroyKey
RegQueryValueExA

ole32

OleLockRunning
CoDisconnectObject
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
GetClassFile
CLSIDFromString
CreateFileMoniker
ReleaseStgMedium
OleQueryCreateFromData
OleInitialize
OleUninitialize
OleSave
StringFromGUID2
StgCreateDocfile
WriteClassStm
OleFlushClipboard
CoCreateInstance
StgCreateDocfileOnILockBytes
OleSaveToStream
OleQueryLinkFromData
CLSIDFromProgID
OleIsRunning
WriteClassStg
StgOpenStorage
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateLinkFromData
CreateGenericComposite
StringFromCLSID
CreateItemMoniker
StgIsStorageILockBytes
OleLoad
OleCreateFromData
OleRun
CoTaskMemAlloc
OleCreateFromFile
CreateStreamOnHGlobal
CoGetClassObject
OleSetMenuDescriptor
CoRevokeClassObject
OleCreate
CreateILockBytesOnHGlobal
OleSetClipboard
GetRunningObjectTable
CoTaskMemFree
CoLockObjectExternal
OleGetIconOfClass

user32

FillRect
RegisterClassExW
SetCapture
IsDlgButtonChecked
CreateWindowExW
SetTimer
GetClientRect
SendDlgItemMessageW
SetDlgItemInt
ShowWindow
GetDlgItemTextW
GetMenuStringW
RegisterClipboardFormatW
GetDesktopWindow
DestroyWindow
UpdateWindow
GetActiveWindow
SetFocus
GetDC
RegisterClassW
MapVirtualKeyW
GetWindowThreadProcessId
DefWindowProcW
RedrawWindow
LoadIconW
MessageBoxW
PostThreadMessageW
DrawFocusRect
CharNextW

comdlg32

GetOpenFileNameA
GetSaveFileNameA

kernel32

LCMapStringW
RtlUnwind
TlsGetValue
GetACP
GetOEMCP
HeapCreate
WriteFile
HeapAlloc
GetCurrentProcess
GetStringTypeW
GetDateFormatA
HeapFree
GetCurrentThreadId
VirtualFree
TlsSetValue
LoadLibraryA
GetStdHandle
QueryPerformanceCounter
GetCPInfo
GetStartupInfoA
CreateMutexW
SetEnvironmentVariableA
FlushFileBuffers
GetStartupInfoW
FreeEnvironmentStringsA
GetTimeFormatA
GetSystemInfo
ReadFile
GetModuleHandleA
CompareStringW
DeleteCriticalSection
SetHandleCount
IsValidLocale
GetEnvironmentStringsW
SetFilePointer
FreeEnvironmentStringsW
VirtualAlloc
GetModuleHandleW
GetSystemTimeAsFileTime
LeaveCriticalSection
TlsAlloc
GetLastError
GetCommandLineW
GetModuleFileNameA
SetLastError
GetTickCount
HeapReAlloc
WideCharToMultiByte
GetTimeZoneInformation
GetStringTypeA
GetVersionExA
CompareStringA
GetEnvironmentStrings
TlsFree
GetLocaleInfoA
EnterCriticalSection
GetProcAddress
GetFileType
CloseHandle
MultiByteToWideChar
ExitProcess
UnhandledExceptionFilter
SetStdHandle
IsBadWritePtr
GetCommandLineA
FatalAppExitA
VirtualProtect
GetCurrentProcessId
HeapSize
HeapDestroy
GetModuleFileNameW
VirtualQuery
IsValidCodePage
GetUserDefaultLCID
LCMapStringA
InitializeCriticalSection
GetLocaleInfoW
TerminateProcess
InterlockedExchange
GetCurrentThread

comctl32

ImageList_AddMasked
InitCommonControlsEx
ImageList_GetIcon

wininet

InternetOpenA
InternetGetConnectedState
InternetCloseHandle
HttpSendRequestA
InternetTimeToSystemTime
InternetReadFile
InternetErrorDlg
HttpOpenRequestA
InternetCrackUrlA
HttpQueryInfoA
InternetConnectA
HttpAddRequestHeadersA
InternetTimeFromSystemTime

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e223382ea11caff34fede9b37c35f12

Headers

File Characteristics

Imports

advapi32

ole32

user32

comdlg32

kernel32

comctl32

wininet

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 92KB - Virtual size: 92KB

.data Size: 53KB - Virtual size: 60KB

.rsrc Size: 46KB - Virtual size: 45KB

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 92KB - Virtual size: 92KB

.data
Size: 53KB - Virtual size: 60KB

.rsrc
Size: 46KB - Virtual size: 45KB