89ce674cb4927b4f382d9c78ff34abfc0d7372111c527f21a04bf9196330e713

Sharing

Copy URL

Twitter E-mail

General

Target

89ce674cb4927b4f382d9c78ff34abfc0d7372111c527f21a04bf9196330e713
Size

327KB
MD5

049176566530952269a2a56419c1fe10
SHA1

24ee57a7df42df2cb39c55df871f4805a18faf48
SHA256

89ce674cb4927b4f382d9c78ff34abfc0d7372111c527f21a04bf9196330e713
SHA512

7c9622de228eea378657ea7bde53c81be17d536acc64eb6d7aa8262563941ff7c4fd04420da35116da03a12006d0dde790c597f5cbb8dfedbcd92bf9409e2072
SSDEEP

6144:vRnoB4Mf41XFXKi/TuowF4I5tLWITlTBJZRzZmOjU3o0Iduvz3PP:84Mf4tFXKirwFD5tialTrNmB9QWbH

Score

N/A

Malware Config

Signatures

Files

89ce674cb4927b4f382d9c78ff34abfc0d7372111c527f21a04bf9196330e713
.exe windows x86

2a54b06c7c7ea33bb09a50bd772fa2af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MiniDumpWriteDump

kernel32

RaiseException
Sleep
GetVersionExW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
lstrcpynW
lstrcpyW
CreateMutexW
OpenMutexW
FreeLibrary
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
LoadLibraryW
lstrlenW
MoveFileExW
ExitProcess
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
SetLastError
GetLastError
GlobalFree
GlobalAlloc
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
FileTimeToDosDateTime
FileTimeToLocalFileTime
GlobalMemoryStatus
GetSystemInfo
GetSystemTimeAsFileTime
FormatMessageW
GetModuleHandleW
VirtualQuery
GetFileTime
GetFileSize
IsBadReadPtr
IsBadWritePtr
GetCurrentThread
SetUnhandledExceptionFilter
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
GetLocaleInfoW
CreateFileA
WriteConsoleW
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
MoveFileW
CreateFileW
CreateDirectoryW
CloseHandle
GetModuleFileNameW
LockFile
WriteFile
UnlockFile
ReadFile
SetFilePointerEx
GetFileSizeEx
SetFilePointer
SetEndOfFile
GetFileAttributesW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetTickCount
QueryPerformanceCounter
GetCommandLineW
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetModuleHandleA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
GetStdHandle
GetConsoleMode
GetConsoleCP
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
ExitThread
CreateThread
GetStartupInfoW
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapCreate
VirtualFree
VirtualAlloc

user32

wsprintfW
wvsprintfW

advapi32

GetUserNameW
RegOpenKeyExW
RegDeleteValueW
RegOpenKeyW
RegQueryValueExW
RegCloseKey

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW

shlwapi

PathRemoveFileSpecW
PathIsDirectoryW
PathFileExistsW
StrStrW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

wininet

InternetReadFile
InternetQueryOptionW
HttpQueryInfoW
InternetCloseHandle
InternetOpenUrlW
InternetSetOptionW
InternetOpenW
InternetGetLastResponseInfoW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetConnectW
InternetCrackUrlW
InternetAttemptConnect
HttpSendRequestW
InternetSetOptionA

psapi

GetModuleInformation

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2a54b06c7c7ea33bb09a50bd772fa2af

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

kernel32

user32

advapi32

shell32

shlwapi

version

wininet

psapi

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 7KB - Virtual size: 23KB

.rsrc Size: 78KB - Virtual size: 80KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 7KB - Virtual size: 23KB

.rsrc
Size: 78KB - Virtual size: 80KB