28ea2743b825f6322ca3675ffbc61956502da91fc8aa6c39f74b5d9de8fa516b

Sharing

Copy URL Twitter E-mail

General

Target

28ea2743b825f6322ca3675ffbc61956502da91fc8aa6c39f74b5d9de8fa516b
Size

1.0MB
MD5

022ee2f23a66e63d4c6b3c2819f11400
SHA1

2a73766616a04a13540b227707b10767f17e07f4
SHA256

28ea2743b825f6322ca3675ffbc61956502da91fc8aa6c39f74b5d9de8fa516b
SHA512

edace46d603e6e9269e75ee9159b96251ebf9b73eee43858fc327cf54e3db264d75484234cd76c9540e3ac02921f4a46d551f3b0a03e72abb5f79f975e6f5441
SSDEEP

24576:du4WMNFZDK+CwFM+GyVGqJLcuLfNnvTGVsG:JzCmGicuLfNvTssG

Score

N/A

Malware Config

Signatures

Files

28ea2743b825f6322ca3675ffbc61956502da91fc8aa6c39f74b5d9de8fa516b
.exe windows x86

da8b555e7142a10fbe793f0b1c32cc4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
GetModuleFileNameA
IsDBCSLeadByte
CreateDirectoryA
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrlenA
GetLastError
CreateProcessA
WideCharToMultiByte
GetExitCodeProcess
GetTickCount
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetCurrentDirectoryA
OpenMutexA
CreateMutexA
LoadLibraryA
GetProcAddress
FreeLibrary
CloseHandle
WinExec
ExitProcess
GetPrivateProfileStringA
GetModuleHandleA
WriteConsoleA
AllocConsole
FreeConsole
QueryPerformanceFrequency
ResetEvent
GetLocalTime
lstrcpyA
EnumResourceLanguagesA
ConvertDefaultLocale
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
GetCurrentThreadId
GetCurrentThread
GlobalAddAtomA
WaitForSingleObject
SetEvent
CreateEventA
lstrcpynA
lstrcatA
SetErrorMode
LocalFree
FormatMessageA
GlobalUnlock
GlobalFree
SetLastError
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
InterlockedDecrement
WritePrivateProfileStringA
InterlockedIncrement
GlobalFlags
RaiseException
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
CreateFileA
FileTimeToSystemTime
GetCPInfo
GetOEMCP
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapFree
HeapReAlloc
HeapAlloc
GetStartupInfoA
GetCommandLineA
TerminateProcess
ExitThread
CreateThread
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
Sleep
SetProcessWorkingSetSize
FindNextFileA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA

user32

UnhookWindowsHookEx
GetTopWindow
GetDlgItem
GetForegroundWindow
GetWindowTextA
SetFocus
IsWindow
RemovePropA
GetPropA
SetPropA
GetClassInfoExA
GetClassLongA
GetCapture
WinHelpA
RegisterWindowMessageA
ClientToScreen
GetDC
ReleaseDC
BeginPaint
EndPaint
wsprintfA
GetDesktopWindow
GetSysColorBrush
DestroyMenu
IsWindowUnicode
IsRectEmpty
ReleaseCapture
UnionRect
CharPrevA
WindowFromPoint
SetCapture
GetMenu
SetRectEmpty
GetSysColor
AdjustWindowRectEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScreenToClient
GetClassInfoA
SetWindowLongA
CallWindowProcA
GetWindowLongA
RegisterClassExA
DefWindowProcA
GrayStringA
DrawTextExA
TabbedTextOutA
GetClientRect
GetWindowRect
PtInRect
DestroyWindow
SetWindowTextA
SystemParametersInfoA
CharNextA
DrawTextA
OffsetRect
CharUpperA
EnableWindow
IsWindowVisible
EnumWindows
DestroyIcon
LoadMenuA
GetSystemMetrics
LoadImageA
RegisterHotKey
GetAsyncKeyState
GetCursorPos
GetSubMenu
TrackPopupMenu
PostMessageA
UnregisterHotKey
GetParent
GetClassNameA
ShowWindow
PeekMessageA
DispatchMessageA
SetRect
SendMessageA
CreateWindowExA
SetWindowPos
MessageBoxA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
IntersectRect
GetWindowPlacement
CopyRect
GetWindow
FindWindowA
IsIconic
FlashWindow
SetForegroundWindow
UpdateWindow
LoadIconA
LoadCursorA
GetMenuItemID
GetMenuItemCount
SetMenuItemBitmaps
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
GetActiveWindow
GetKeyState
ValidateRect
GetLastActivePopup
IsWindowEnabled
SetCursor
GetCursor
PostQuitMessage

gdi32

SetMapMode
GetObjectA
CreateDIBSection
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetClipBox
CreateCompatibleDC
CreateFontIndirectA
SetTextColor
SetBkColor
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
DeleteDC
GetGlyphOutlineA
SetDIBitsToDevice
GetTextMetricsA
GetStockObject
CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
DeleteObject
SelectObject

advapi32

RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ExtractIconA

ole32

OleUninitialize
OleInitialize
CoTaskMemAlloc
CoCreateInstance

comctl32

ord17

shlwapi

UrlUnescapeA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

wininet

FtpOpenFileA
InternetWriteFile
InternetSetFilePointer
FtpSetCurrentDirectoryA
InternetQueryDataAvailable
InternetSetOptionExA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetSetStatusCallback
InternetCloseHandle
InternetOpenA
InternetGetConnectedState
FtpGetFileSize
InternetGetLastResponseInfoA
InternetReadFile
HttpQueryInfoA
InternetErrorDlg
HttpSendRequestA
HttpOpenRequestA
InternetConnectA

oleacc

CreateStdAccessibleObject
LresultFromObject

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

oleaut32

VariantChangeType
VariantClear
SysFreeString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
SysAllocString
VariantInit

Sections

.text
Size: 780KB - Virtual size: 776KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da8b555e7142a10fbe793f0b1c32cc4d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

shlwapi

wininet

oleacc

winspool.drv

comdlg32

oleaut32

Sections

.text Size: 780KB - Virtual size: 776KB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 16KB - Virtual size: 32KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 780KB - Virtual size: 776KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 16KB - Virtual size: 32KB

.rsrc
Size: 120KB - Virtual size: 120KB