000434582c609fd4580d1647eed3e16ed121874789e1237468629c769ce478d3

Sharing

Copy URL Twitter E-mail

General

Target

000434582c609fd4580d1647eed3e16ed121874789e1237468629c769ce478d3
Size

600KB
MD5

0e67d91207037c4550e12d86d60ca830
SHA1

bc8ed9d56d7a9b74463d777b25a27a647e6d26ef
SHA256

000434582c609fd4580d1647eed3e16ed121874789e1237468629c769ce478d3
SHA512

6176d12b4f3dab46937aed8d85b3943635d2533bda84a77af6663b59960bb702714025f10910a966357560bfee3b85a7c4e24241c37d6ec5546235cc8a2bebd3
SSDEEP

12288:hxk01UU2ZA7o3O9n1mWSnnN7caRdc+PecwfqWM6xwndbmVh3Ll985xBu8Ulpywe:hgU2S0e5FUN7cmi0fWM6xwndbmU5eJyw

Score

N/A

Malware Config

Signatures

Files

000434582c609fd4580d1647eed3e16ed121874789e1237468629c769ce478d3
.exe windows x86

c87e02b380962e4c71fecdf2144da350

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetDateFormatA
QueryPerformanceCounter
GetCPInfo
CreateMutexA
GetEnvironmentStrings
GetStartupInfoA
SetLastError
VirtualAlloc
GetCurrentProcessId
EnumSystemLocalesA
WriteFile
IsValidLocale
SetFilePointer
SetStdHandle
GetStringTypeA
ExitProcess
LeaveCriticalSection
MoveFileExA
GetModuleFileNameW
GetStringTypeW
HeapAlloc
VirtualFree
MultiByteToWideChar
GetCurrentThreadId
LCMapStringW
VirtualProtect
OpenMutexA
EnterCriticalSection
GetSystemInfo
ReadFile
GetStdHandle
RtlUnwind
InterlockedExchange
GetModuleFileNameA
HeapReAlloc
CloseHandle
UnhandledExceptionFilter
GetLocaleInfoA
TlsSetValue
GetCurrentThread
WideCharToMultiByte
DeleteCriticalSection
GetTimeFormatA
HeapDestroy
GetStartupInfoW
GetLastError
GetFileType
GetCommandLineW
FreeEnvironmentStringsW
GetProcAddress
TlsFree
TlsGetValue
GetOEMCP
IsBadWritePtr
GetLocaleInfoW
GetModuleHandleA
HeapSize
LCMapStringA
GetTimeZoneInformation
SetEnvironmentVariableA
SetHandleCount
IsValidCodePage
FlushFileBuffers
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
HeapCreate
GetEnvironmentStringsW
TlsAlloc
FreeEnvironmentStringsA
GetACP
TerminateProcess
VirtualQuery
GetCommandLineA
CompareStringA
GetCurrentProcess
CompareStringW
GetVersionExA
HeapFree

comctl32

ImageList_Merge
ImageList_GetImageRect
CreatePropertySheetPageA
InitCommonControlsEx
ImageList_LoadImage
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_Copy
ImageList_SetBkColor
ImageList_DragMove
CreateUpDownControl
ImageList_DrawIndirect
ImageList_GetImageInfo
CreateMappedBitmap
ImageList_Write
DrawInsert
GetEffectiveClientRect
ImageList_Draw
DestroyPropertySheetPage
ImageList_BeginDrag
ImageList_GetBkColor
ImageList_DragLeave
ImageList_EndDrag
_TrackMouseEvent

wininet

RetrieveUrlCacheEntryStreamA

shell32

DragQueryFileW
FreeIconList
ExtractIconW
ExtractIconEx
DoEnvironmentSubstA

advapi32

RegCreateKeyW
InitiateSystemShutdownA
CryptGetKeyParam
RegRestoreKeyA
CryptDuplicateKey
RegReplaceKeyA
CryptVerifySignatureA
RegDeleteKeyA
InitiateSystemShutdownW
GetUserNameA
RegEnumValueW
CryptEnumProvidersW
StartServiceW
LookupPrivilegeNameW
RegConnectRegistryA
RegLoadKeyA

user32

SetThreadDesktop
LoadStringA
VkKeyScanExA
GetFocus
SetMenu
CreatePopupMenu
SetParent
GetDoubleClickTime
InsertMenuW
GetUserObjectInformationW
TrackPopupMenu
LoadMenuIndirectW
IsCharUpperA
InvalidateRect
GetClassInfoA
VkKeyScanExW
SetProcessDefaultLayout
GetProcessWindowStation
DestroyAcceleratorTable
LoadIconW
GetOpenClipboardWindow
FillRect
DestroyMenu
SetDeskWallpaper
CallMsgFilterA
ExitWindowsEx
CloseClipboard
RegisterClassA
GetNextDlgGroupItem
InSendMessage
FindWindowA
GetActiveWindow
IsWindowUnicode
CreateIcon
ToAscii
GetMonitorInfoW
MessageBoxExW
CreateMDIWindowA
InvertRect
GetDCEx
DrawStateA
DdeDisconnectList
CallNextHookEx
GetMenuState
RegisterClassExA
GetWindowTextA
DrawEdge
PeekMessageA
MonitorFromWindow
SendMessageA
ActivateKeyboardLayout
CreateIconFromResourceEx
GetMenuItemInfoA
DefMDIChildProcA
DrawStateW
CharNextExA
SetRectEmpty
DefWindowProcA
GetClassNameA
EnumDesktopWindows
UnpackDDElParam
EnumPropsW
FindWindowExA
ShowWindowAsync
ClipCursor
CharToOemBuffW
GetClipboardOwner
ChildWindowFromPointEx
DdeInitializeW
GetClientRect
DrawIcon
CountClipboardFormats
LoadBitmapA
LoadStringW
SetUserObjectSecurity
ShowWindow
CopyRect
SetPropW
GetMenuItemInfoW
DrawTextExW
WaitMessage
GetClipCursor
IsDlgButtonChecked
MessageBoxIndirectW
SetClipboardData
CreateMDIWindowW
LoadCursorW
SetScrollInfo
SetWindowsHookExW
DdeCreateStringHandleW
CreateWindowExW
EnumDisplayMonitors
PostThreadMessageW
DispatchMessageW
EnumDisplayDevicesW
MenuItemFromPoint
SetDlgItemTextA
MessageBoxA
DestroyWindow
UnhookWinEvent
SetKeyboardState
OemToCharW
GetClipboardFormatNameW

comdlg32

GetSaveFileNameW
FindTextA

Sections

.text
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 304KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c87e02b380962e4c71fecdf2144da350

Headers

File Characteristics

Imports

kernel32

comctl32

wininet

shell32

advapi32

user32

comdlg32

Sections

.text Size: 148KB - Virtual size: 144KB

.rdata Size: 304KB - Virtual size: 301KB

.data Size: 128KB - Virtual size: 142KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 148KB - Virtual size: 144KB

.rdata
Size: 304KB - Virtual size: 301KB

.data
Size: 128KB - Virtual size: 142KB

.rsrc
Size: 16KB - Virtual size: 12KB