dfc4578087a0cc2c6cbc4bd6cd4d42bc2f57f0b776491cd48586067b08571ea5

Sharing

Copy URL Twitter E-mail

General

Target

dfc4578087a0cc2c6cbc4bd6cd4d42bc2f57f0b776491cd48586067b08571ea5
Size

724KB
MD5

199559ebca3cf5c9ac4ae6cdf7e3dd20
SHA1

b60b1f02b4331c22f7e09fba8eaf72ede2ee1573
SHA256

dfc4578087a0cc2c6cbc4bd6cd4d42bc2f57f0b776491cd48586067b08571ea5
SHA512

3807cc2f54dbe8dfe7f0be83ff190b89e4fe2b6e1cbf0548d5b3f0b754d4d626cddaf1bc52b57d0ba6775f79370ca05c860aada9372f544b209461106c90a635
SSDEEP

12288:A3yb7dIGT/BihVmiXp+Q9S/XfXDHpiNohfuJHMqAsJGR7JIXnZdS7tu1UtqaNx0n:A3ybau/BihVmiv9wfzHpiNPHjAFR70dH

Score

N/A

Malware Config

Signatures

Files

dfc4578087a0cc2c6cbc4bd6cd4d42bc2f57f0b776491cd48586067b08571ea5
.exe windows x86

07f8c77db7eddc2d4891169bc3ed6c29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractAssociatedIconExA
SheChangeDirA
ShellAboutW
SHGetPathFromIDListA
SheChangeDirExW

advapi32

RegSaveKeyW
LookupAccountSidA
ReportEventA
CryptReleaseContext
RegQueryValueExW
CryptGetUserKey
GetUserNameW
CreateServiceW
CryptExportKey
RegOpenKeyA
RegNotifyChangeKeyValue
CryptDestroyKey
RegEnumKeyA
DuplicateTokenEx
StartServiceA
CryptAcquireContextA
InitiateSystemShutdownA
RegSetValueA
CryptCreateHash

wininet

InternetOpenW

comctl32

ImageList_DragShowNolock
ImageList_GetBkColor
MakeDragList
ImageList_GetImageCount
ImageList_SetFlags
CreateStatusWindow
ImageList_LoadImage
ImageList_SetImageCount
ImageList_AddMasked
CreatePropertySheetPageA
InitCommonControlsEx
_TrackMouseEvent
ImageList_Write
ImageList_DragMove
DrawStatusTextW
ImageList_Remove
ImageList_DragLeave
CreateUpDownControl
ImageList_SetOverlayImage
ImageList_Replace
ImageList_GetDragImage

comdlg32

GetSaveFileNameW
LoadAlterBitmap

user32

CreatePopupMenu
SetKeyboardState
CloseDesktop
SetCapture
DrawMenuBar
DestroyWindow
RegisterClassExA
CreateWindowExW
SendNotifyMessageW
GetSubMenu
SetCaretBlinkTime
RegisterClassA
GetClassInfoW
CreateDialogParamA
TranslateAcceleratorW
SetRect
SetProcessDefaultLayout
DispatchMessageW
MessageBoxW
GetKeyState
EnableWindow
SetMessageQueue
ShowWindow
DefWindowProcW

kernel32

MultiByteToWideChar
GetVersionExA
EnterCriticalSection
TlsGetValue
SetFilePointer
GetCommandLineA
HeapLock
InterlockedDecrement
SetEnvironmentVariableA
VirtualAlloc
TlsAlloc
GetEnvironmentVariableW
SetHandleCount
SetConsoleCtrlHandler
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetConsoleOutputCP
GetStringTypeA
GetConsoleMode
IsValidCodePage
EnumResourceLanguagesW
GetUserDefaultLCID
HeapSize
GetAtomNameA
HeapReAlloc
InitializeCriticalSection
RemoveDirectoryA
ReadConsoleInputA
GetProcAddress
LeaveCriticalSection
HeapFree
OpenMutexA
GetDateFormatA
ResetEvent
GetDiskFreeSpaceExW
GetFileType
WriteConsoleA
LoadResource
EnumDateFormatsA
GetExitCodeProcess
GetCurrentProcess
SetConsoleTitleA
VirtualQueryEx
GetShortPathNameW
GetStartupInfoA
GlobalGetAtomNameA
GetPrivateProfileIntA
CompareStringA
SetUnhandledExceptionFilter
DeleteCriticalSection
GetConsoleCP
FileTimeToSystemTime
CloseHandle
CreateToolhelp32Snapshot
LCMapStringW
CreateMutexA
GetEnvironmentStringsW
GetModuleFileNameW
GetEnvironmentStrings
VirtualUnlock
GetStartupInfoW
GetModuleHandleA
EnumCalendarInfoA
GetCommandLineW
LoadModule
MoveFileA
CreateFileA
SetLastError
lstrcpynA
GetSystemDefaultLangID
TlsFree
GetCurrencyFormatW
GetCurrentThread
SetStdHandle
FindFirstFileExW
WriteConsoleOutputAttribute
HeapCreate
TerminateProcess
GetCurrentProcessId
VirtualAllocEx
InterlockedIncrement
GetDiskFreeSpaceExA
CompareStringW
LCMapStringA
LocalShrink
QueryPerformanceCounter
IsValidLocale
FreeLibrary
UnhandledExceptionFilter
GetThreadTimes
HeapDestroy
WideCharToMultiByte
Sleep
ReleaseMutex
GetComputerNameW
FreeEnvironmentStringsW
EnumResourceNamesA
VirtualFreeEx
GetLocalTime
SetCurrentDirectoryA
GetProfileStringW
GetOEMCP
DuplicateHandle
IsDebuggerPresent
LoadLibraryA
GetLocaleInfoW
GetTimeFormatA
RtlUnwind
GetTickCount
WriteConsoleW
ReadFile
TlsSetValue
VirtualFree
RtlZeroMemory
GetModuleFileNameA
HeapAlloc
CreateProcessA
GetCurrentThreadId
GetLastError
VirtualProtectEx
GetACP
EnumSystemLocalesA
FreeEnvironmentStringsA
WriteFile
GetProcessHeap
GetAtomNameW
GetLocaleInfoA
FlushFileBuffers
WaitForMultipleObjectsEx
GetCPInfo
CommConfigDialogW
InterlockedExchange
CreateSemaphoreA
GetTimeZoneInformation
VirtualQuery
GetProcAddress
ExitProcess

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07f8c77db7eddc2d4891169bc3ed6c29

Headers

File Characteristics

Imports

shell32

advapi32

wininet

comctl32

comdlg32

user32

kernel32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 452KB - Virtual size: 448KB

.data Size: 140KB - Virtual size: 162KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 452KB - Virtual size: 448KB

.data
Size: 140KB - Virtual size: 162KB

.rsrc
Size: 32KB - Virtual size: 30KB