ae953f775764b9d41a9f36947949f9d6b69ff19cc00079d882644d0f417627fc

Sharing

Copy URL

Twitter E-mail

General

Target

ae953f775764b9d41a9f36947949f9d6b69ff19cc00079d882644d0f417627fc
Size

560KB
MD5

0df512938aca27ba0ad7affec5ec48d0
SHA1

fb0edff57bb92a4635d766fe298ef28d48e1b85a
SHA256

ae953f775764b9d41a9f36947949f9d6b69ff19cc00079d882644d0f417627fc
SHA512

da23ba9b2e180c4ce00c547d270c7edb5a52d618030bdd4bd49fcc1e339350e5b66c8deee846956781b27e9ca4175b0f5dbf6d97bf3d864ae3833077c85839e9
SSDEEP

12288:XNejJ+qZWUZfvPx8zUFv2LOvGT11ebEPEBndJxnn:XIgyPWUFv2LtTO

Score

N/A

Malware Config

Signatures

Files

ae953f775764b9d41a9f36947949f9d6b69ff19cc00079d882644d0f417627fc
.exe windows x86

def163fa3a5d99c262119bf43a1406b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
HttpQueryInfoA
InternetSetOptionA
InternetOpenUrlA
InternetOpenA
InternetReadFile

kernel32

TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetModuleHandleA
InterlockedDecrement
FreeLibrary
InterlockedIncrement
GlobalGetAtomNameA
lstrcmpA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalFlags
GetLocaleInfoA
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
VirtualAlloc
HeapFree
CreateDirectoryA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSection
ExitThread
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
RtlUnwind
HeapSize
ExitProcess
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetDriveTypeA
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
SetEnvironmentVariableA
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
GetFileTime
GetCurrentThreadId
ResumeThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
GetProcAddress
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
LoadLibraryA
GetThreadLocale
MoveFileA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
SetLastError
CreateThread
GetVersionExA
LocalFree
Sleep
RemoveDirectoryA
FormatMessageA
CreateFileMappingA
CloseHandle
GetSystemInfo
CreateFileA
UnmapViewOfFile
MapViewOfFile
DeleteFileA
SizeofResource
GetLocalTime
CopyFileA
SetFileAttributesA
GetFileAttributesA
GetModuleFileNameA
GetFileSize
GetTickCount
LockResource
LoadResource
FindResourceA
GetVersion
InterlockedExchange
MultiByteToWideChar
TerminateProcess
lstrlenA
WaitForSingleObject
OpenProcess
CompareStringW
GetLastError
WideCharToMultiByte
CompareStringA
IsDebuggerPresent
CreateFileW

user32

DestroyMenu
ClientToScreen
UnregisterClassA
SetWindowTextA
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
CheckMenuItem
GetWindowTextA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetWindowsHookExA
CallNextHookEx
GetKeyState
PeekMessageA
ValidateRect
GetSystemMetrics
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetClassInfoExA
IsWindow
wsprintfA
TranslateAcceleratorA
PostQuitMessage
DispatchMessageA
ShowWindow
CharUpperA
LoadCursorA
TranslateMessage
UpdateWindow
CreateWindowExA
LoadAcceleratorsA
GetWindowThreadProcessId
GetMessageA
DefWindowProcA
SendMessageA
RegisterClassExA
LoadIconA
FindWindowA
MessageBoxA
LoadStringA
EnableMenuItem

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
DeleteObject
SetBkColor

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

shell32

SHCreateDirectoryExA

shlwapi

PathFileExistsA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

ole32

CoUninitialize
CoCreateGuid

oleaut32

VariantChangeType
VariantClear
VariantInit

ws2_32

WSACleanup
connect
inet_addr
closesocket
WSAStartup
htons
send
gethostbyname
socket
recv

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vdmbaue
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

def163fa3a5d99c262119bf43a1406b9

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

shlwapi

ole32

oleaut32

ws2_32

Sections

.text Size: 296KB - Virtual size: 295KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 12KB - Virtual size: 133KB

.tls Size: 4KB - Virtual size: 9B

.rsrc Size: 112KB - Virtual size: 112KB

vdmbaue Size: - Virtual size: 4KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 296KB - Virtual size: 295KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 12KB - Virtual size: 133KB

.tls
Size: 4KB - Virtual size: 9B

.rsrc
Size: 112KB - Virtual size: 112KB

vdmbaue
Size: - Virtual size: 4KB

.rmnet
Size: 60KB - Virtual size: 60KB