af0309c7640fced1053e033574b59515f7f40a0fa9c587935b88d0e10d8c59f2

Sharing

Copy URL Twitter E-mail

General

Target

af0309c7640fced1053e033574b59515f7f40a0fa9c587935b88d0e10d8c59f2
Size

270KB
MD5

08e0cdb389c15246f344724ddadcb8d0
SHA1

074670e856eb6eab8cf9db8ae4de9200dc5568b8
SHA256

af0309c7640fced1053e033574b59515f7f40a0fa9c587935b88d0e10d8c59f2
SHA512

f09281fbef93d2ae95616d8e5d4ba67ae2bcef658f9f35c638c83d4a11375bcb6902cc3161cb5f72251110e52feb741e360d656fe613d34ed5cdc9b00b599259
SSDEEP

3072:0DsAHjWUYFehUvfmVQNbREgWVMjtUrYfp2UbSQUt/aIa2KZtsruglU8wVVCGA9l4:07HjUFehwKYbWgRpAFxKYNU84VCGA9S

Score

N/A

Malware Config

Signatures

Files

af0309c7640fced1053e033574b59515f7f40a0fa9c587935b88d0e10d8c59f2
.exe windows x86

01d4d685e84502d0b3b5834921cc85b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DebugBreak
GetCurrentProcess
GetModuleHandleW
GetProcAddress
GetTickCount
Sleep
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
VirtualFreeEx
DeleteFileW
GetPrivateProfileIntW
ReadProcessMemory
WritePrivateProfileStringW
WriteProcessMemory
VirtualAllocEx
OpenProcess
Process32NextW
CloseHandle
Process32FirstW
CreateToolhelp32Snapshot
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetFileAttributesW
FindFirstFileW
FindNextFileW
FindClose
RemoveDirectoryW
CreateDirectoryW
GetVersion
GetLastError
SetFilePointer
LoadLibraryW
GetCurrentProcessId
QueryDosDeviceW
WaitForSingleObject
TerminateProcess
GetTempFileNameW
MoveFileExW
SetLastError
GetSystemDirectoryW
GetModuleFileNameW
FreeLibrary
GetVersionExW
CreateMutexW
SetEvent
GetLocalTime
ReleaseMutex
MoveFileW
MultiByteToWideChar
GetUserDefaultUILanguage
GetLocaleInfoW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleA
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
GetFullPathNameW
GetCurrentThreadId
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
WriteFile
GetStdHandle
GetModuleFileNameA
LoadLibraryA
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
LCMapStringW
VirtualFree
VirtualAlloc
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
FlushFileBuffers
VirtualQuery

user32

UnregisterClassA
RegisterClassExW
LoadStringW
LoadIconW
LoadCursorW
PostQuitMessage
ExitWindowsEx
ScreenToClient
ClientToScreen
SendMessageTimeoutW
InvalidateRect
GetClientRect
FindWindowExW
FindWindowW
MessageBoxW
ShowWindow
GetWindowThreadProcessId
GetDesktopWindow
SendMessageW
CreateWindowExW
GetParent
DefWindowProcW

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyW

shell32

SHGetSpecialFolderPathW
ShellExecuteW
SHChangeNotify

oleaut32

VariantClear
SysFreeString
SysAllocString

shlwapi

PathFileExistsW
SHDeleteKeyW
SHDeleteValueW

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

01d4d685e84502d0b3b5834921cc85b4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

oleaut32

shlwapi

ole32

Sections

.text Size: 128KB - Virtual size: 126KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 96KB - Virtual size: 96KB

.text
Size: 128KB - Virtual size: 126KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 96KB - Virtual size: 96KB