15480ce989c577d0370658b1e379f393adf6d740efb6448a7f975278cb2327cb

Sharing

Copy URL Twitter E-mail

General

Target

15480ce989c577d0370658b1e379f393adf6d740efb6448a7f975278cb2327cb
Size

327KB
MD5

0d922dc0f425f98c58de2e2ceb726120
SHA1

6f09d970c1ebedc7780e19a864fb32b0a82c6005
SHA256

15480ce989c577d0370658b1e379f393adf6d740efb6448a7f975278cb2327cb
SHA512

3db9a3b1df05fb3b214334e199545a30766b3456a056415d5c4f988521bb5b1fd4033b4913c2f48c17919186d2ba97216b23f760caa1a78ecec3379ae8b42c20
SSDEEP

6144:Jo7ix/WyfnKhWEueoV+P121nFyhLvmc0u/Hm0FZOO9BOj7f8KHly1f7H7ZFg8Ey:9WUKhGeoV+PUy1mLu/HmIZOwKfxHlyhx

Score

N/A

Malware Config

Signatures

Files

15480ce989c577d0370658b1e379f393adf6d740efb6448a7f975278cb2327cb
.exe windows x86

8ffa102655b3cfc5c47cd28a667aacc5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
OpenProcess
GetProcessHeap
HeapAlloc
HeapFree
ReleaseMutex
CreateMutexW
LoadLibraryExW
DeleteFileW
CreateDirectoryW
CopyFileW
WideCharToMultiByte
MultiByteToWideChar
ResumeThread
GetFileSize
FindNextFileW
GetLongPathNameW
SetEndOfFile
GetWindowsDirectoryW
GetTempPathW
SetFileAttributesW
GetFullPathNameW
GetTempFileNameW
InterlockedExchangeAdd
GetPrivateProfileStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetThreadLocale
GetLocaleInfoA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
GetVersionExA
Sleep
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
SetFilePointer
LoadLibraryW
FindFirstFileW
GetFileSizeEx
InitializeCriticalSection
WriteFile
GetACP
CreateFileW
GetModuleFileNameW
ReadFile
GetComputerNameW
GetFileAttributesW
LoadLibraryA
ExpandEnvironmentStringsW
FindClose
OpenFileMappingW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
ResetEvent
InterlockedExchange
GetLastError
FindResourceW
GetVersionExW
lstrlenW
GetVolumeInformationW
CreateEventW
lstrcpyW
WaitForSingleObject
WaitForMultipleObjects
GetProcAddress
FreeLibrary
SetEvent
GetModuleHandleW
LeaveCriticalSection
GetCurrentProcess
EnterCriticalSection
SetLastError
RaiseException
GetCurrentThreadId
CloseHandle
FlushInstructionCache
MoveFileExW
MoveFileW

user32

UnregisterClassA
GetActiveWindow
RemovePropW
SetPropW
GetClassLongW
GetPropW
SendMessageW
SetWindowLongW
CheckMenuItem
SetTimer
PostQuitMessage
GetCursorPos
SetForegroundWindow
SetCursor
LoadCursorW
GetSubMenu
TrackPopupMenu
PeekMessageW
SetRect
DefWindowProcW
CallWindowProcW
RegisterClassExW
AppendMenuW
ReleaseDC
KillTimer
DrawTextW
DestroyWindow
GetSystemMetrics
DestroyIcon
GetClassInfoExW
GetMenuState
CreatePopupMenu
RegisterWindowMessageW
DestroyMenu
CreateWindowExW
wsprintfW
GetWindowDC
AttachThreadInput
GetWindowThreadProcessId
GetDC
ShowScrollBar
ShowWindow
SetScrollRange
LoadStringW
MessageBoxW
BeginPaint
EndPaint
DrawIcon
DrawIconEx
CopyRect
GetSysColor
IsMenu
DrawStateW
FillRect
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
EndDialog
IsWindow
GetWindowRect
SetWindowTextW
GetWindow
GetDlgItem
SetWindowPos
GetWindowLongW
MapWindowPoints
SystemParametersInfoW
GetParent
GetClientRect
TranslateMessage
GetForegroundWindow
GetMessageW
DialogBoxParamW
LoadIconW
DispatchMessageW

gdi32

GetBkMode
GetCurrentObject
CreatePen
CreateCompatibleBitmap
SetTextColor
BitBlt
SetBkMode
GetObjectW
CreateCompatibleDC
ExtTextOutW
CreateSolidBrush
SetViewportOrgEx
CreateFontIndirectW
GetTextMetricsW
DeleteObject
SelectObject
GetTextExtentPoint32W
SetBkColor
DeleteDC

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCloseKey
RegCreateKeyW
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
GetUserNameW
RegOpenKeyW

shell32

SHGetPathFromIDListW
SHFileOperationW
SHGetSpecialFolderLocation
ShellExecuteExW
Shell_NotifyIconW

ole32

OleInitialize
StringFromGUID2
CoInitialize
CoUninitialize
CoCreateGuid
CoCreateInstance
CoTaskMemFree
OleUninitialize

shlwapi

StrCpyNW

comctl32

ImageList_GetIcon
ImageList_Create
ImageList_ReplaceIcon
ImageList_Remove
ImageList_GetIconSize

msvcr80

_wcsicmp
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
abort
__uncaught_exception
_malloc_crt
_free_locale
_ui64toa_s
_create_locale
__crtLCMapStringW
___mb_cur_max_l_func
_calloc_crt
___lc_handle_func
___lc_codepage_func
__pctype_func
setlocale
__iob_func
fclose
fsetpos
fseek
fgetpos
fwrite
fgetc
ungetc
setvbuf
fflush
ungetwc
fputwc
fgetwc
memset
__crtGetStringTypeW
__CxxFrameHandler3
_CxxThrowException
_beginthreadex
signal
memmove
towlower
wcschr
_vsnwprintf_s
_errno
towupper
wcsncpy_s
_splitpath_s
_stricmp
wcsncpy
wcsstr
wcsrchr
memcpy
??3@YAXPAX@Z
memmove_s
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
memcpy_s
??_V@YAXPAX@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
realloc
_purecall
malloc
_invalid_parameter_noinfo
free
swprintf_s
_recalloc
sprintf
strlen
_controlfp_s

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8ffa102655b3cfc5c47cd28a667aacc5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

comctl32

msvcr80

version

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 96KB - Virtual size: 96KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 96KB - Virtual size: 96KB