a1335376041cdfcab9c8620eed3639502efe31194d96424ef96c403fc895c6c0

Sharing

Copy URL

Twitter E-mail

General

Target

a1335376041cdfcab9c8620eed3639502efe31194d96424ef96c403fc895c6c0
Size

1.4MB
MD5

1a2f54c41cd250b09ef510d050edf1d0
SHA1

c902dfcce97b2a5aa9314c2e48372c7efd11b203
SHA256

a1335376041cdfcab9c8620eed3639502efe31194d96424ef96c403fc895c6c0
SHA512

95170bae682b14e9d72eda149218f5a2a8281aa5ca3060d23e45a1b505dd4e2c2af7ddb475b8820a66dbe4d9ea0283373076cead0cb2e35248ac0eb451074c02
SSDEEP

24576:1WLe3ALgHOiGxSdVRudb0RX3owL1PvXlTZOTSpS/e7+6Px+LTGJOp:1WHLjCRG0RX1OTSpS/e7Bp+LTGJO

Score

N/A

Malware Config

Signatures

Files

a1335376041cdfcab9c8620eed3639502efe31194d96424ef96c403fc895c6c0
.exe windows x86

1761e00ad8ae28b94c0359d8dcae82b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
HttpOpenRequestW
InternetSetOptionW
InternetOpenW
HttpSendRequestW

version

VerQueryValueW

kernel32

LoadLibraryW
Sleep
GetTempPathW
GetProcAddress
CloseHandle
CreateMutexW
WaitForSingleObject
OpenMutexW
ReleaseMutex
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
CreateFileW
FlushFileBuffers
HeapAlloc
HeapFree
GetProcessHeap
GetVersionExW
GetModuleHandleA
FindFirstFileW
GetTickCount
GetSystemTimeAsFileTime
GetFileSizeEx
FindClose
ExpandEnvironmentStringsW
LocalFree
LocalAlloc
InitializeCriticalSection
LoadLibraryA
FreeLibrary
TerminateProcess
GetVersion
GlobalFree
GlobalHandle
VirtualProtect
LoadLibraryExW
lstrcmpiW
GetFileType
GetStdHandle
QueryPerformanceCounter
GlobalMemoryStatus
GetVersionExA
FlushConsoleInputBuffer
WriteConsoleW
SetThreadPriority
FreeLibraryAndExitThread
GetThreadTimes
SetFilePointerEx
SetStdHandle
ReadConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
RegisterWaitForSingleObject
GetNumaHighestNodeNumber
ChangeTimerQueueTimer
UnregisterWaitEx
SwitchToThread
QueryDepthSList
InterlockedPopEntrySList
CreateEventW
ReleaseSemaphore
SetEvent
SetThreadAffinityMask
GetProcessAffinityMask
DeleteTimerQueueTimer
GetConsoleCP
GetTimeZoneInformation
GetOEMCP
GetACP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
CreateTimerQueue
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TlsGetValue
ExitThread
CreateThread
GetCPInfo
RtlUnwind
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
SetConsoleCtrlHandler
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetCommandLineA
MoveFileExW
CreateTimerQueueTimer
IsDebuggerPresent
GetLocalTime
GetStringTypeW
InterlockedExchange
EncodePointer
InterlockedPushEntrySList
GetCurrentThread
DuplicateHandle
GetModuleHandleW
DeleteCriticalSection
EnterCriticalSection
SetLastError
GetLastError
RaiseException
FlushInstructionCache
GlobalUnlock
lstrcmpW
GetModuleFileNameW
MulDiv
LeaveCriticalSection
GlobalLock
GlobalAlloc
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringW
LockResource
SizeofResource
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
LoadResource
FindResourceW
FindResourceExW
InitializeSListHead
InterlockedCompareExchange
UnregisterWait
SetEnvironmentVariableA
GetThreadPriority
SignalObjectAndWait
HeapSize
HeapReAlloc
HeapDestroy
DecodePointer
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedFlushSList

user32

MoveWindow
GetWindow
DefWindowProcW
CallWindowProcW
GetMonitorInfoW
SetWindowTextW
MapWindowPoints
UnregisterClassW
ReleaseCapture
CreateWindowExW
IsWindow
SetWindowPos
GetSysColor
GetDesktopWindow
SendDlgItemMessageW
RedrawWindow
SendMessageW
RegisterWindowMessageW
MessageBoxA
GetProcessWindowStation
MessageBoxW
GetMessageW
TranslateMessage
CreateDialogIndirectParamW
PeekMessageW
DispatchMessageW
EndPaint
ClientToScreen
DestroyWindow
GetWindowTextLengthW
DestroyAcceleratorTable
ScreenToClient
GetWindowRect
MapDialogRect
CharNextW
GetUserObjectInformationW
FillRect
IsChild
SetCapture
GetFocus
GetParent
InvalidateRgn
LoadCursorW
GetClientRect
CreateAcceleratorTableW
SetFocus
BeginPaint
GetClassInfoExW
GetDC
SetWindowContextHelpId
IsDialogMessageW
RegisterClassExW
InvalidateRect
GetWindowLongW
GetWindowTextW
GetClassNameW
ReleaseDC
MonitorFromWindow
GetDlgItem
SetWindowLongW
EndDialog

gdi32

BitBlt
DeleteDC
GetDeviceCaps
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
GetStockObject
CreateSolidBrush

advapi32

RegQueryValueExW
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegQueryInfoKeyW
RegEnumValueA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetSidSubAuthorityCount
GetSidSubAuthority
GetTokenInformation
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW
RegDeleteKeyW
RegCreateKeyExW

ole32

CoTaskMemFree
CoGetClassObject
CoTaskMemAlloc
CoUninitialize
OleUninitialize
OleRun
CoUnmarshalInterface
OleInitialize
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoTaskMemRealloc
CoInitialize
CoCreateInstance

oleaut32

GetErrorInfo
VariantClear
LoadTypeLi
DispCallFunc
VarUI4FromStr
LoadRegTypeLi
OleCreateFontIndirect
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString
VariantInit

comctl32

InitCommonControlsEx

Sections

.text
Size: 910KB - Virtual size: 910KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1761e00ad8ae28b94c0359d8dcae82b4

Headers

DLL Characteristics

File Characteristics

Imports

wininet

version

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 910KB - Virtual size: 910KB

.rdata Size: 291KB - Virtual size: 290KB

.data Size: 33KB - Virtual size: 59KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 137KB - Virtual size: 136KB

.rmnet Size: 54KB - Virtual size: 56KB

.text
Size: 910KB - Virtual size: 910KB

.rdata
Size: 291KB - Virtual size: 290KB

.data
Size: 33KB - Virtual size: 59KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 137KB - Virtual size: 136KB

.rmnet
Size: 54KB - Virtual size: 56KB