a8b22c567ced716def25e0708eed2e480e34ff365ae2ce4b402ec15eab64723d

Sharing

Copy URL Twitter E-mail

General

Target

a8b22c567ced716def25e0708eed2e480e34ff365ae2ce4b402ec15eab64723d
Size

385KB
MD5

0d2e427e3eb1791a88945aa9512c4c00
SHA1

b7f01b43db31c030ec64f43098ac7a3ac50392e5
SHA256

a8b22c567ced716def25e0708eed2e480e34ff365ae2ce4b402ec15eab64723d
SHA512

e6f938fdf77bbde4b129b812331d3ca453c10af08e941152c00a41ca8a327e67e4281980e1fa370b003df5eaac605bc2f25f9b0ac42511178f7162cf3f47b274
SSDEEP

6144:JQW21tB5syMbHswy+/fWNl92rq39Kx3dgYrJmZ7q:921tbs7bM+/fG213dgAJcq

Score

N/A

Malware Config

Signatures

Files

a8b22c567ced716def25e0708eed2e480e34ff365ae2ce4b402ec15eab64723d
.exe windows x86

9abc81d48dfed4d8d74f9e2b754bbe80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
CreateDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
InterlockedIncrement
InterlockedDecrement
lstrcpyA
GetModuleHandleA
GetModuleFileNameA
GetUserDefaultLangID
LoadResource
FindResourceA
FindResourceExA
Sleep
lstrcmpiA
CreateProcessA
lstrlenA
GetShortPathNameA
SizeofResource
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
lstrcatA
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
CreateThread
CreateEventA
GlobalLock
GlobalUnlock
GlobalAlloc
lstrcmpA
FindClose
FindFirstFileA
LockResource
FreeResource
GlobalFree
GlobalHandle
ReadFile
CreateFileA
WriteFile
GetTempPathA
GetStdHandle
SetHandleCount
LoadLibraryA
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapCreate
GetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
VirtualFree
FlushFileBuffers
SetFilePointer
SetUnhandledExceptionFilter
HeapSize
GetCPInfo
LCMapStringW
LCMapStringA
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
HeapFree
GetSystemTime
GetTimeZoneInformation
HeapAlloc
HeapReAlloc
RaiseException
RtlUnwind
GetProcAddress
FreeLibrary
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetACP
GetOEMCP
SetEndOfFile
GetLocaleInfoW
GetFileType
SetEnvironmentVariableA
GetLastError
SetLastError
CreateMutexA
WaitForSingleObject
GetCurrentThreadId
GetLocalTime
ReleaseMutex
CloseHandle
GetVersionExA
GetCurrentProcess
FlushInstructionCache
CompareStringW
CompareStringA
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
SetEvent
CopyFileA
GetFileAttributesA
GetEnvironmentStringsW
GetTickCount

user32

GetWindowTextA
GetWindowTextLengthA
GetSysColor
SetFocus
RegisterWindowMessageA
GetClassInfoExA
GetParent
IsChild
MapWindowPoints
GetMenu
AdjustWindowRectEx
DialogBoxIndirectParamA
DialogBoxParamA
PostThreadMessageA
LoadStringA
RegisterClassA
GetDC
ReleaseDC
CreateWindowExA
SetWindowTextA
EndDialog
GetFocus
CallWindowProcA
EndPaint
BeginPaint
RedrawWindow
GetClassNameA
GetDesktopWindow
CreateAcceleratorTableA
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
CreateDialogIndirectParamA
GetWindow
GetActiveWindow
CharNextA
FindWindowA
SetForegroundWindow
MessageBoxA
DefWindowProcA
GetMessageA
GetSystemMetrics
LoadImageA
ShowWindow
PostQuitMessage
SetCursor
FillRect
KillTimer
GetWindowRect
GetDlgItem
SystemParametersInfoA
GetClientRect
SetWindowPos
GetWindowLongA
SetWindowLongA
SetTimer
IsWindow
DestroyWindow
LoadCursorA
wsprintfA
CharLowerA
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
SendMessageA
RegisterClassExA

gdi32

GetStockObject
GetObjectA
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
DeleteDC
GetDeviceCaps

advapi32

RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegCloseKey
RegEnumValueA

shell32

SHGetMalloc
ShellExecuteA
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoRevokeClassObject
CoRegisterClassObject
CLSIDFromProgID
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromString
OleLockRunning
StringFromCLSID

oleaut32

SysStringLen
SafeArrayCreate
SafeArrayPutElement
OleCreateFontIndirect
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
DispCallFunc
SysStringByteLen
LoadRegTypeLi
VariantClear
SysAllocStringLen
SysFreeString
SysAllocString

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9abc81d48dfed4d8d74f9e2b754bbe80

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

version

Sections

.text Size: 212KB - Virtual size: 210KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 24KB - Virtual size: 28KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 212KB - Virtual size: 210KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 24KB - Virtual size: 28KB

.rsrc
Size: 104KB - Virtual size: 104KB