833f50ac070b2c8b05fa27d99b825815454d18f56cbcf9df88613b664e93953d

Sharing

Copy URL Twitter E-mail

General

Target

833f50ac070b2c8b05fa27d99b825815454d18f56cbcf9df88613b664e93953d
Size

156KB
MD5

059818e829bf95e3ede973568a01e980
SHA1

a7bd5ad1839915fafd27778a2ccfc7e0f6343990
SHA256

833f50ac070b2c8b05fa27d99b825815454d18f56cbcf9df88613b664e93953d
SHA512

7eb89e9abd79b2cd69aaeb5d7cb41fda86af39b43eb948fb83efaf5861db50691d920ef2b717326f017deb2bac14abeb943283c1f62c07d6d664d7a8a8ff4939
SSDEEP

3072:/TQ0LeP+zeq9cMEXRtqfWlG+2/9VPOqAFFF1Lo//1bdMHdTs8ha4H:/76P7MERtMaaQK/Khss

Score

N/A

Malware Config

Signatures

Files

833f50ac070b2c8b05fa27d99b825815454d18f56cbcf9df88613b664e93953d
.exe windows x86

4db8e79b9b2d3e4fca9cf0211a90ba6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GlobalFindAtomA
GetPrivateProfileIntA
WritePrivateProfileStringA
Sleep
GetModuleHandleA
GlobalAddAtomA
GetCurrentThreadId
GetTempPathA
lstrcmpA
GlobalUnlock
GlobalLock
GlobalAlloc
WriteFile
GlobalDeleteAtom
GetWindowsDirectoryA
GetTickCount
MoveFileExA
GetFileSize
lstrcatA
CreateFileA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetVersionExA
SetFilePointer
SetEndOfFile
GetProcessHeap
LoadLibraryA
GetProcAddress
FreeLibrary
HeapAlloc
HeapFree
DeleteFileA
GetTempFileNameA
CloseHandle
GetStringTypeW
ReadFile
GetLastError
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
RtlUnwind
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
FlushFileBuffers
VirtualAlloc
IsBadWritePtr
SetStdHandle
SetUnhandledExceptionFilter
IsBadReadPtr
OpenProcess
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStringTypeA

user32

ReleaseCapture
SetWindowsHookExA
GetMessageA
GetCapture
TranslateMessage
DispatchMessageA
LoadIconA
wsprintfA
MessageBoxA
GetActiveWindow
GetWindowThreadProcessId
UpdateWindow
ShowWindow
CreateWindowExA
GetSystemMetrics
RegisterClassA
LoadCursorA
PostMessageA
SetCapture
FindWindowA
GetClassNameA
InvalidateRect
SetRect
SendMessageA
GetClientRect
MoveWindow
GetParent
InflateRect
LoadBitmapA
BeginPaint
EndPaint
PostQuitMessage
GetFocus
SetCursor
SetCursorPos
ClientToScreen
WindowFromPoint
GetDC
ReleaseDC
SetRectEmpty
UnionRect
RedrawWindow
DestroyWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
FillRect
RegisterClipboardFormatA
DefWindowProcA
MapVirtualKeyA
UnhookWindowsHookEx
SetFocus

gdi32

SelectObject
MoveToEx
DeleteObject
LineTo
Polygon
Ellipse
CreatePen
GetStockObject
LineDDA
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
CloseMetaFile
SetWindowOrgEx
GetDeviceCaps
CreateMetaFileA
RectVisible
SetWindowExtEx
GetDIBits
GetObjectA
Rectangle

ole32

OleUninitialize
OleInitialize
CLSIDFromProgID

pptltc32

??0PPToolBar@@QAE@PAUHWND__@@KFFF@Z
?setEnable@PPToolBar@@QAEXFH@Z
?enableBalloon@BalloonManager@@QAEXH@Z
?showIt@PPToolBar@@QAEXXZ
??1PPToolBar@@QAE@XZ
?FloatBanner@@YGXPAUHDC__@@UtagRECT@@HK@Z
?GrayBanner@@YGXPAUHDC__@@UtagRECT@@HK@Z
?DrawTransparentBitmap@@YGXPAUHDC__@@PAUHBITMAP__@@HHK@Z
?getDX@PPButton@@UAEHXZ
?getDY@PPButton@@UAEHXZ
??0PPButton@@QAE@FPAUHINSTANCE__@@PBDIHF@Z
?appendElement@PPToolBar@@QAEXPAVAbstractButton@@@Z
?setPressState@PPButton@@UAEXF@Z
?getPressState@PPButton@@UAEFXZ
?enableButton@PPButton@@UAEXH@Z
?isEnable@PPButton@@UAEHXZ
?isStatic@PPButton@@UAEHXZ
?getText@AbstractButton@@UAEXPADF@Z
?setText@AbstractButton@@UAEXPBD@Z
?getTextW@AbstractButton@@UAEXPAGF@Z
?setTextW@AbstractButton@@UAEXPBG@Z
?attachBalloonManager@PPButton@@UAEXPAUHWND__@@UtagRECT@@PAVBalloonManager@@@Z
??1PPButton@@UAE@XZ
?moveTo@AbstractButton@@UAEXHH@Z
?paint@PPButton@@UAEXPAUHDC__@@HH@Z
?setBitmap@PPButton@@UAEXPAUHBITMAP__@@@Z
?getControlID@PPButton@@UAEFXZ

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nupqotc
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4db8e79b9b2d3e4fca9cf0211a90ba6d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

pptltc32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 36KB - Virtual size: 36KB

nupqotc Size: - Virtual size: 4KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 36KB - Virtual size: 36KB

nupqotc
Size: - Virtual size: 4KB