be4f6504faf713fc5e1f07d83fec2270b472bd3f7b42f495a4c3b083592cbcbb

Sharing

Copy URL Twitter E-mail

General

Target

be4f6504faf713fc5e1f07d83fec2270b472bd3f7b42f495a4c3b083592cbcbb
Size

672KB
MD5

0d65494b40ceb811e67142cf963d0a5c
SHA1

0366eaf9948dd2603be8f292842bc0cecbda2bac
SHA256

be4f6504faf713fc5e1f07d83fec2270b472bd3f7b42f495a4c3b083592cbcbb
SHA512

f78754876a6b7d3859c0f7be42fcde9dc718222ee47d78ebbf94a9187c7a3e60352a5f4f38203d75de8a5c27b54d83e4437aa63e0c8eeebc21923e719d9457db
SSDEEP

6144:XTqa+rypBCk+Fx7/BCttXXikQklSn8nbFpBJkCcjalJ/M6HnpJpsijgBwTFg56l2:Cr/SlSBUJjnNjjpTWamBndcgt

Score

N/A

Malware Config

Signatures

Files

be4f6504faf713fc5e1f07d83fec2270b472bd3f7b42f495a4c3b083592cbcbb
.exe windows x86

137a6297126a17a7aeda4ea49a1fa223

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

lstrcmpA
FindFirstFileA
SystemTimeToFileTime
GetSystemTime
FileTimeToDosDateTime
FindNextFileA
FileTimeToLocalFileTime
GetFileSize
GetFileTime
WriteFile
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetDiskFreeSpaceA
GetTempPathA
GetWindowsDirectoryA
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryExA
WaitForSingleObject
CreateProcessA
LoadLibraryA
lstrcmpiA
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileSectionA
GetPrivateProfileStringA
SetEvent
CreateThread
Sleep
GetCurrentThreadId
CreateEventA
CreateDirectoryA
GetShortPathNameA
GetModuleHandleA
FindClose
HeapDestroy
DeleteCriticalSection
lstrcatA
OpenEventA
SetFilePointer
ReadFile
LockResource
LoadResource
SizeofResource
FindResourceA
SetFileAttributesA
GetCurrentProcess
GetVersionExA
WritePrivateProfileStringA
GetSystemDirectoryA
WinExec
SetFileTime
MoveFileExA
IsBadWritePtr
IsBadReadPtr
GetPrivateProfileSectionNamesA
WritePrivateProfileSectionA
RemoveDirectoryA
InitializeCriticalSection
QueryPerformanceFrequency
CreateFileA
CloseHandle
GetFileAttributesA
MoveFileA
DeleteFileA
CopyFileA
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
InterlockedDecrement
LocalFree
InterlockedIncrement
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
lstrlenW
WideCharToMultiByte
lstrcpyA
MultiByteToWideChar
lstrlenA
GetLastError
SetLastError
SetErrorMode
GetCommandLineA
GetACP
HeapSize
HeapReAlloc
GetCPInfo
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadCodePtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
HeapCreate
LCMapStringW
UnhandledExceptionFilter
TerminateProcess
TlsGetValue
TlsAlloc
ExitProcess
GetVersion
GetStartupInfoA
HeapAlloc
HeapFree
ExitThread
TlsSetValue
RaiseException
RtlUnwind
InterlockedExchange
GetCurrentThread
LCMapStringA
lstrcpynA
CreateFileMappingA
ResetEvent
UnmapViewOfFile
SearchPathA
VirtualQuery
QueryPerformanceCounter
GetOEMCP
MapViewOfFile
VirtualProtect

user32

GetDesktopWindow
PostThreadMessageA
wsprintfA
PeekMessageA
CharNextA
DispatchMessageA
GetMessageA
MsgWaitForMultipleObjects
LoadStringA
CharLowerBuffA
TranslateMessage
ExitWindowsEx
CharUpperA

advapi32

RegCloseKey
GetFileSecurityA
IsValidSecurityDescriptor
SetFileSecurityA
RegEnumValueA
RegConnectRegistryA
RegDeleteValueA
RegQueryInfoKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCreateKeyA
RegSetValueA
RegOpenKeyA
RegQueryValueExA
RegQueryValueA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA

ole32

CoGetClassObject
StgOpenStorage
CLSIDFromString
WriteClassStm
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID
CoUninitialize
CoTreatAsClass
CoInitialize
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
StgCreateDocfile
CreateStreamOnHGlobal
OleLoadFromStream
StringFromGUID2
CoCreateGuid
OleSaveToStream

oleaut32

RegisterTypeLi
LoadTypeLi
SafeArrayGetUBound
SafeArrayGetDim
SafeArrayCopy
SafeArrayCreate
SafeArrayGetLBound
SysAllocStringByteLen
SafeArrayDestroy
SafeArrayPutElement
VariantChangeType
LoadRegTypeLi
SysReAllocStringLen
CreateErrorInfo
SetErrorInfo
VariantInit
VariantCopyInd
VariantCopy
SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString
VariantClear
SafeArrayGetElement
SysStringByteLen

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

137a6297126a17a7aeda4ea49a1fa223

Headers

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

shell32

ole32

oleaut32

version

Sections

.text Size: 428KB - Virtual size: 427KB

.rdata Size: 88KB - Virtual size: 85KB

.data Size: 20KB - Virtual size: 106KB

.rsrc Size: 132KB - Virtual size: 132KB

.text
Size: 428KB - Virtual size: 427KB

.rdata
Size: 88KB - Virtual size: 85KB

.data
Size: 20KB - Virtual size: 106KB

.rsrc
Size: 132KB - Virtual size: 132KB