628a10c04bc1dedb03d4373718e02a089c7905103574005cec4ca191164aec1c

Sharing

Copy URL

Twitter E-mail

General

Target

628a10c04bc1dedb03d4373718e02a089c7905103574005cec4ca191164aec1c
Size

384KB
MD5

0e90b68b20189a644078942bc62e2ebb
SHA1

a39fa494b73b300ebe1c0c609f86808d56e05d58
SHA256

628a10c04bc1dedb03d4373718e02a089c7905103574005cec4ca191164aec1c
SHA512

9756bfd4c9c98332323aa03cfd0662cf50ca826b55c4a57eed532112d9a158adfa70ad86860e9469ce0cbb493fdc725a44c8f5abd1680f1400229b91b0d72aff
SSDEEP

6144:ezI2Mls713PJG4A6FJWU2Yg5DKOeFhCqZCSe+qHIT:ezIyzPJWjB5S/Xe7E

Score

N/A

Malware Config

Signatures

Files

628a10c04bc1dedb03d4373718e02a089c7905103574005cec4ca191164aec1c
.exe windows x86

a372081afd36810a21a8a4ea73f88676

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetDiskFreeSpaceA
GetFileTime
SetCurrentDirectoryA
HeapDestroy
HeapAlloc
HeapCreate
GetSystemDirectoryA
GetShortPathNameA
GetLocaleInfoA
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
GetModuleFileNameA
IsDBCSLeadByte
GetComputerNameA
GetLocalTime
GlobalFree
lstrcpynA
GetVersion
LoadLibraryA
FindFirstFileA
SetFileTime
GetProcAddress
FreeLibrary
SetErrorMode
GetDriveTypeA
GetVolumeInformationA
GetTimeZoneInformation
VirtualAlloc
VirtualFree
GetFileType
GetStdHandle
UnhandledExceptionFilter
RtlUnwind
GetCPInfo
GetOEMCP
GetACP
WideCharToMultiByte
GetCommandLineA
GetEnvironmentStrings
GetStartupInfoA
SetEnvironmentVariableA
GetFullPathNameA
FindNextFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitProcess
lstrcpyA
FindResourceA
FindClose
GetCurrentDirectoryA
FreeResource
LoadResource
LockResource
SetFileAttributesA
GetLogicalDrives
GetLogicalDriveStringsA
CreateFileA
DeleteFileA
GlobalMemoryStatus
OpenFile
ReadFile
SetFilePointer
MultiByteToWideChar
WriteFile
CloseHandle
GetLastError
GetPrivateProfileStringA
lstrcmpiA
GetModuleHandleA
GetWindowsDirectoryA
GetTempPathA
lstrcmpA
LoadLibraryExA
GetTickCount
lstrcatA
lstrlenA

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumValueA
GetUserNameA
RegDeleteValueA
RegCreateKeyA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

user32

CharLowerA
CallWindowProcA
GetClientRect
GetClassLongA
CopyRect
SendNotifyMessageA
SetCursor
ShowCursor
GetSysColor
InvalidateRect
ScreenToClient
ClientToScreen
GetDlgItemTextA
GetDialogBaseUnits
wsprintfA
ReleaseDC
CharPrevA
SetWindowTextA
EndPaint
GetDC
DefWindowProcA
GetWindowTextA
DrawIcon
LoadIconA
GetWindowLongA
BeginPaint
SetWindowLongA
GetActiveWindow
DrawFocusRect
SetRect
LoadCursorA
EndDialog
RegisterClassA
CharUpperBuffA
LoadStringA
LoadBitmapA
GetSystemMetrics
SetFocus
GetDlgItemInt
CheckRadioButton
GetFocus
CharUpperA
FillRect
InflateRect
GetDlgCtrlID
InvertRect
MessageBeep
BroadcastSystemMessage
GetSystemMenu
SetDlgItemTextA
DestroyWindow
GetParent
CharNextA
SendDlgItemMessageA
PostMessageA
SendMessageA
DrawTextA
GetWindowRect
SetWindowPos
GetKeyState
MessageBoxA
RemoveMenu
FindWindowA
SetForegroundWindow
IsWindowEnabled
EnableWindow
GetDlgItem
ShowWindow

gdi32

DeleteObject
GetTextExtentPointA
SelectObject
GetObjectA
GetNearestColor
SetTextColor
SetBkColor
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
CreateDiscardableBitmap
CreateDIBitmap
BitBlt
GetStockObject
AddFontResourceA
GetTextMetricsA
CreateScalableFontResourceA
PatBlt
RemoveFontResourceA
CreatePatternBrush
CreateBitmap
CreateSolidBrush
StretchBlt
IntersectClipRect
RestoreDC
GetPixel
SaveDC
ExtTextOutA
CreateFontIndirectA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

mpr

WNetCancelConnection2A
WNetAddConnectionA
WNetCancelConnectionA
WNetConnectionDialog
WNetGetLastErrorA
WNetAddConnection2A
WNetGetConnectionA

mssetup

GetRegKeyValue32
SetAdminMode
FRegCloseKey
WriteLogDivider
SetRegKeyValue32Ex
SetErrorParamConst
PrependToPath
FWriteToLogFile
RenameFile
GetEnvVariableValue
AddShareToAutoexec
FReadResource
CompareFileVersions
StampResource
EercOpenFile
LfaSeekFile
SetErrorParamInt
FCloseFile
CbStrCopyToBuffer
CbReadFile
FChmodFile
AddLineToRestartFile
FLanguageMismatchInf
FGetKeyInfo
GetVersionNthField
GetSectionKeyFilename
DoesInfSectionExist
DoesInfSectionKeyExist
GetSectionKeyVersion
SetErrorParamCopy
CreateProgmanItem
EnsurePathExists
DeleteProgmanItem
MakeListFromProgmanGroups
ShowProgmanGroup
DoesIniKeyExist
RemoveIniKey
IsFileInUseBySystem
FRemoveOurDir
CreateDir
RemoveDir
DoesDirExist
GetNthFieldFromIniString
HmodUIHookDll
RemoveSectionFilesToCopyList
MakeListFromSectionSize
BindImage
LogValidate
AddSpecialFileToCopyList
AddSectionKeyFileToCopyList
RemoveSpecialFileToCopyList
RemoveSectionKeyFileToCopyList
ReactivateSetupScript
FSetSymbolValue
HdlgShowHelp
ProcessMessageId
UIPop
ForceNewDialog
GetScreenHeight
UIStartExeDlg
GetWindowsMode
SzLastChar
IsCtl3dEnabled
RemoveSymbol
GetListItem
GetListLength
UIStartExeDlgWinHelp
GetSymbolValue
SetPassInfo
HwndFrame
CopyFilesInCopyList
LogMessageId
Validate
GetCopyListCost
ClearCopyList
SetRestartDir
HandleOOM
PbAlloc
DoesFileExist
ReadInfFile
AddListItem
ClearBillboardList
SetCopyGaugePosition
ReplaceListItem
GetFreeSpaceForDrive
DriveNumToRootPath
SetErrorParam
FValidFilePath
IsDriveNetwork
CrcStringCompareI
CbGetListItem
GetNetworkDrivesList
SetSymbolValue
RestartListEmpty
GetWindowsSysDir
IsWindowsShared
ShowWaitCursor
RestoreCursor
GetSectionKeySize
AddSectionFilesToCopyList
GetRegKeyValue32Ex
FRegCreateKey32
DeleteRegKeyValue32
InitSetupToolkit
InitLongFileNames
SetAcmeInst
AddToBillboardList
GetScreenWidth
DoMsgBox
SuppressLongFileNames
FindFileUsingFileOpen
SetSilentMode
SetTitle
SetBitmap
SetSizeCheckMode
SetAbout
EndSetupToolkit
FCloseLogFile
FFree
ExitExecRestart
RemoveFile
GetDOSMajorVersion
IsDirWritable
GetWindowsDirPath
SetRegKeyValue32
FLongFileNamesSuppressed
CreateIniKeyValue
CrcStringCompare
GetIniKeyString
FOpenLogFile
SzGetLastSetupErrMsg
ForceRestartOn
CbGetSymbolValue
EercFindHddiFloppy
FCloseSrcFile
EercReadSrcFile
EercOpenSrcFileEx
EercWriteSrcFile
EercOpenSrcFile
IsDriveRemovable
SetErrorParamChar
GetVersionOfFile
IsDriveLocalHard
IsFileWritable
FindFileInTree
FindTargetOnEnvVar

shell32

ShellExecuteA

Sections

.text
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a372081afd36810a21a8a4ea73f88676

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

ole32

mpr

mssetup

shell32

Sections

.text Size: 198KB - Virtual size: 198KB

.bss Size: - Virtual size: 2KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 22KB - Virtual size: 21KB

.idata Size: 9KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 53B

.rsrc Size: 87KB - Virtual size: 88KB

.reloc Size: 16KB - Virtual size: 20KB

.text
Size: 198KB - Virtual size: 198KB

.bss
Size: - Virtual size: 2KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 22KB - Virtual size: 21KB

.idata
Size: 9KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 53B

.rsrc
Size: 87KB - Virtual size: 88KB

.reloc
Size: 16KB - Virtual size: 20KB