58a1c6f3a8ed7a7d0c1ad88f84254dce17315b386887c321a7285198a336db50

Sharing

Copy URL Twitter E-mail

General

Target

58a1c6f3a8ed7a7d0c1ad88f84254dce17315b386887c321a7285198a336db50
Size

203KB
MD5

051187e6b5d0613ee33565a449af3d50
SHA1

cac12871964f1b6c3ec5422a7ae389a111f7ad69
SHA256

58a1c6f3a8ed7a7d0c1ad88f84254dce17315b386887c321a7285198a336db50
SHA512

f7c0005caca59ccc10ae111b00200cc238bf0eb0193be93f9594c020c512202dd18c13658670162b6990633bf72cd94e34a883756687156b637de14d54982724
SSDEEP

3072:g7aQvS4bjMcNIQrK5OzWiJ1OosqhPH2GE9dBiplDXLlSvFDX7N:YS4UcNIQrKsW8O73GUQlrxSvBX7

Score

N/A

Malware Config

Signatures

Files

58a1c6f3a8ed7a7d0c1ad88f84254dce17315b386887c321a7285198a336db50
.exe windows x86

f4e0201adc9f838a6fa502f66a02a091

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
FindResourceW
FindResourceExW
CreateFileW
GetFileSize
SetFilePointerEx
WriteFile
DeleteFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
GetProcAddress
GetModuleHandleW
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
lstrlenW
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
GetTempPathW
WaitForSingleObject
GetExitCodeProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CreateEventW
GetTickCount
TerminateThread
GetExitCodeThread
SetEvent
Sleep
EnterCriticalSection
LeaveCriticalSection
GetVersionExW
GetVersion
SizeofResource
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
RtlUnwind
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
ExitProcess
LCMapStringW
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetLastError
CreateMutexW
WriteConsoleW
CloseHandle
GetStartupInfoW
HeapSetInformation
GetCommandLineW
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
CreateThread
GetCurrentThreadId
FlushFileBuffers
ExitThread
HeapSize
HeapDestroy
RaiseException
ReleaseMutex
LocalFree
LocalAlloc
FreeLibrary
LoadLibraryW
GetSystemDirectoryW

user32

DefWindowProcW
RemovePropW
PostQuitMessage
GetWindowLongW
LoadImageW
SetTimer
MsgWaitForMultipleObjects
IsWindow
PostMessageW
RegisterWindowMessageW
SendMessageW
LoadMenuW
GetSubMenu
LoadStringW
RegisterClassExW
CreateWindowExW
DestroyMenu
SetMenuDefaultItem
SetForegroundWindow
GetMenuItemID
KillTimer
DispatchMessageW
TranslateMessage
DestroyWindow
UnregisterClassW
SetPropW
SetWindowLongW
ShowWindow
GetCursorPos
TrackPopupMenu
GetDoubleClickTime
GetMessageW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

CommandLineToArgvW
ShellExecuteW
ShellExecuteExW
Shell_NotifyIconW

ole32

CoUninitialize
CreateStreamOnHGlobal
CoInitialize

shlwapi

PathFileExistsW
wnsprintfW
PathAppendW

gdiplus

GdipCreateHICONFromBitmap
GdipGetImageWidth
GdiplusShutdown
GdiplusStartup
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromScan0
GdipFree
GdipGetImageHeight
GdipDeleteGraphics
GdipDrawImageRectI
GdipLoadImageFromStream
GdipDrawImageRectRectI
GdipAlloc
GdipGetImageGraphicsContext

wininet

HttpQueryInfoW
InternetSetOptionW
InternetConnectW
HttpOpenRequestW
InternetCloseHandle
HttpAddRequestHeadersW
HttpSendRequestW
InternetReadFile
InternetGetCookieW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetOpenW

imagehlp

UnMapAndLoad
MapAndLoad

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f4e0201adc9f838a6fa502f66a02a091

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

gdiplus

wininet

imagehlp

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 80KB - Virtual size: 80KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 80KB - Virtual size: 80KB