46b80666c31b32efceb87d315b0f9192a9dcda3f4ba8c259d41a35d3c12529cc

Sharing

Copy URL Twitter E-mail

General

Target

46b80666c31b32efceb87d315b0f9192a9dcda3f4ba8c259d41a35d3c12529cc
Size

1004KB
MD5

0e44e379406456dcde9ecb955b5f9730
SHA1

98808277916f33c7cef606ba94b4c62f0387d188
SHA256

46b80666c31b32efceb87d315b0f9192a9dcda3f4ba8c259d41a35d3c12529cc
SHA512

67ed97564777c5385b7775a2dbb5e07eaca454ae0bf2630d903b969a0e7f1f3d5774be93fd117c4943a757aea41d111e298dfa3e214f168e53e1dffecf7c4c97
SSDEEP

12288:LMfln7pnplGKogAq3h7yYkRXBPeJZ9AV3fF7Vyof1j0T:4l7zY8B3h7yYkRXBA9A99Jywy

Score

N/A

Malware Config

Signatures

Files

46b80666c31b32efceb87d315b0f9192a9dcda3f4ba8c259d41a35d3c12529cc
.exe windows x86

bc5b29bfef58330ec4a4f0ecc244cbbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
GetFileSize
ReadFile
MultiByteToWideChar
GetFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
CreateMutexW
GetPrivateProfileStringW
CreateThread
WaitForSingleObject
WriteFile
GetLocalTime
GetCommandLineW
GetTickCount
SetFilePointer
GetUserDefaultLangID
GetUserDefaultUILanguage
GetVersion
ConvertDefaultLocale
GetLocaleInfoW
EnumResourceLanguagesW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
TerminateProcess
CreateProcessW
GetExitCodeProcess
GetVersionExW
GetCurrentProcess
GetSystemInfo
GetSystemWow64DirectoryW
OpenProcess
ExitProcess
CreateEventW
SetEvent
GlobalAlloc
GlobalLock
LoadLibraryW
GlobalFree
GetSystemDirectoryW
LoadLibraryA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
GetOEMCP
GetACP
HeapSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStartupInfoA
SetHandleCount
GetCurrentThreadId
GetFileType
GetModuleFileNameA
GetStdHandle
HeapCreate
HeapDestroy
SetLastError
FindNextFileW
SetFileAttributesW
FindFirstFileW
GetCurrentDirectoryW
MoveFileExW
DeleteFileW
GetEnvironmentVariableW
GlobalUnlock
GetWindowsDirectoryW
RemoveDirectoryW
MoveFileW
FreeLibrary
GetProcAddress
TlsGetValue
LoadLibraryExW
SetErrorMode
Sleep
GetFileAttributesW
CompareFileTime
CopyFileW
GetTempFileNameW
GetTempPathW
FindClose
LocalFree
GetModuleFileNameW
WideCharToMultiByte
CloseHandle
GetLastError
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceW
HeapReAlloc
VirtualAlloc
VirtualFree
GetModuleHandleA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCPInfo
GetModuleHandleW
TlsFree
TlsSetValue
TlsAlloc
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetEndOfFile
RtlUnwind
RaiseException
GetStartupInfoW
GetProcessHeap
GetVersionExA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetConsoleMode
GetConsoleCP
HeapFree
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
InterlockedCompareExchange

user32

KillTimer
MessageBoxW
DialogBoxParamW
EndDialog
SetTimer
SetDlgItemTextW
wsprintfW
SendDlgItemMessageW
DialogBoxIndirectParamW
SetWindowPos
GetClientRect
MonitorFromWindow
GetMonitorInfoW
OffsetRect
GetWindowLongW
AdjustWindowRect
GetWindowRect
GetDlgItem
DrawTextW
SetWindowTextW
LoadIconW
MessageBoxIndirectW
SetRectEmpty
LoadImageW
PostMessageW
EnableWindow
ReleaseDC
GetDC
SetFocus
ShowWindow
GetWindowThreadProcessId
GetWindowModuleFileNameW
SendMessageTimeoutW
ExitWindowsEx
EnumWindows
SendMessageW
LoadStringW

gdi32

SetBkMode
SetTextColor
DeleteDC
GetTextExtentPoint32W
SelectObject
CreateCompatibleDC
DeleteObject
CreateFontW
GetStockObject

advapi32

RegSetValueExW
SetNamedSecurityInfoW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegCloseKey
IsTextUnicode
RegQueryInfoKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
ControlService
QueryServiceConfigW
StartServiceW
CloseServiceHandle
ChangeServiceConfigW
ChangeServiceConfig2W
CreateServiceW
OpenServiceW
OpenSCManagerW
QueryServiceStatus
DeleteService
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
GetNamedSecurityInfoW

shell32

SHCreateDirectoryExW
SHGetFolderPathW
CommandLineToArgvW
SHCreateDirectoryExA

ole32

CoInitialize
CoUninitialize
PropVariantClear
CoCreateInstance

cabinet

ord22
ord23
ord20
ord21

shlwapi

PathStripToRootW
PathMatchSpecA
PathIsDirectoryW
SHStrDupW
PathAddBackslashW
PathCombineW
PathRemoveBackslashW
PathIsRootW
PathFindExtensionW
PathIsSystemFolderW
PathRenameExtensionW
PathRemoveFileSpecW
SHDeleteKeyW
PathFileExistsW
PathAppendW
PathFindFileNameA
PathAddBackslashA
PathRemoveFileSpecA
PathAppendA
PathFindFileNameW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExW
EnumProcessModules

Sections

.text
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 520KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc5b29bfef58330ec4a4f0ecc244cbbe

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

cabinet

shlwapi

version

psapi

Sections

.text Size: 280KB - Virtual size: 276KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 8KB - Virtual size: 17KB

.rsrc Size: 520KB - Virtual size: 516KB

.text Size: 136KB - Virtual size: 136KB

.text
Size: 280KB - Virtual size: 276KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 8KB - Virtual size: 17KB

.rsrc
Size: 520KB - Virtual size: 516KB

.text
Size: 136KB - Virtual size: 136KB