b8e1d899c472e9f288e27d4a31a87586c2158cc932eb19e238e27f0284005b55

Sharing

Copy URL

Twitter E-mail

General

Target

b8e1d899c472e9f288e27d4a31a87586c2158cc932eb19e238e27f0284005b55
Size

265KB
MD5

b67dadb0adbc0a7cd57d05a610378cf5
SHA1

09ea2cbdc333d052cac05db8869c0820bea4f8c3
SHA256

b8e1d899c472e9f288e27d4a31a87586c2158cc932eb19e238e27f0284005b55
SHA512

0736a46ad27102c80978ac844869f713088b38e5e5c871d2ddb2a01e718b69acd206150228846d22811c553f6958292584fcdc5ef74a445713a06a8abf53f93b
SSDEEP

3072:LTKGg1Szz97REql9ZM4HVxKrkcP2JAHpAo9s0uqZr4KLJIpV70JLzIvEz6GPOulE:fKRGpREqHxg/uN00KLJy0JLnz63X3

Score

N/A

Malware Config

Signatures

Files

b8e1d899c472e9f288e27d4a31a87586c2158cc932eb19e238e27f0284005b55
.exe windows x86

72667109734f095c9d1eb99964c0568e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyW
SHEnumValueW
StrStrIW
StrToIntA
StrNCatA
StrFormatByteSizeA
SHRegDeleteUSValueA
SHRegGetUSValueA
StrToIntExA
SHRegSetUSValueA
PathSkipRootW
StrRChrA
SHRegCloseUSKey
StrStrA
SHRegGetBoolUSValueA
StrPBrkA
StrCmpW
StrCSpnIA
StrChrA
SHOpenRegStreamW
StrFromTimeIntervalW
PathRemoveBlanksA
StrTrimA
StrChrIA
PathRemoveExtensionA
StrCmpNIW
SHRegSetUSValueW
PathRenameExtensionA
PathSkipRootA
StrCatW
SHQueryValueExW
SHRegQueryUSValueA
StrToIntW
StrFromTimeIntervalA
PathUnquoteSpacesA
PathRenameExtensionW
PathRemoveArgsW
PathStripToRootA
SHCreateShellPalette
SHRegEnumUSKeyW
StrStrIA
StrCSpnA
StrIsIntlEqualW
SHRegQueryInfoUSKeyW
SHGetValueW
StrRStrIW
StrCmpNIA
PathSearchAndQualifyW
SHRegDeleteEmptyUSKeyW
SHRegDeleteUSValueW
StrIsIntlEqualA
SHRegGetUSValueW

user32

BeginPaint
DdeFreeStringHandle
CharPrevA
CheckDlgButton
BeginDeferWindowPos
DdeGetData
ClientToScreen
DdeInitializeA
DdeConnectList
CharUpperBuffA
ChangeMenuA
CopyAcceleratorTableW
ChangeDisplaySettingsExA
CreateWindowStationA
CharToOemBuffW
CreateDialogParamW
CharLowerW
CreateIconIndirect
CreateWindowExW
RegisterClassExA
DdeCmpStringHandles
CloseWindow
ChangeMenuW
CopyIcon
AnyPopup
ChildWindowFromPointEx
CreateAcceleratorTableA
AppendMenuW
CharUpperW
DdeFreeDataHandle
CreateCaret
CreateWindowExA
CharNextExA
DdeKeepStringHandle
DdeClientTransaction
ActivateKeyboardLayout
CharPrevW
CloseWindowStation
CallNextHookEx
AdjustWindowRectEx
CreateDesktopW
DdeGetLastError
DdeConnect
CreateIconFromResourceEx
CharLowerA
CloseDesktop
CountClipboardFormats
AttachThreadInput
DdeAddData
CallMsgFilterW
DdeDisconnectList
CreateMDIWindowA
CreateDialogParamA

urlmon

GetClassFileOrMime
RevokeFormatEnumerator
CopyStgMedium
RevokeBindStatusCallback
IsLoggingEnabledA
HlinkNavigateString
HlinkNavigateMoniker
CoInternetGetSession
CopyBindInfo
HlinkSimpleNavigateToString
FindMediaType
SetSoftwareUpdateAdvertisementState
URLDownloadToCacheFileA
CoGetClassObjectFromURL
ObtainUserAgentString
CreateFormatEnumerator
MkParseDisplayNameEx
CoInternetQueryInfo
HlinkGoForward
UrlMkSetSessionOption
URLOpenPullStreamW

gdi32

GetBkColor

imagehlp

ImageNtHeader

kernel32

Toolhelp32ReadProcessMemory
Thread32First
CreateToolhelp32Snapshot
VirtualProtect
GlobalAlloc
GetModuleHandleA
GetStartupInfoA

netapi32

NetShareGetInfo
NetSessionDel
NetSessionEnum
NetShareDel
NetServerGetInfo
NetShareEnum

msvcrt

_initterm
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
_exit
_XcptFilter
exit
_acmdln
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72667109734f095c9d1eb99964c0568e

Headers

File Characteristics

Imports

shlwapi

user32

urlmon

gdi32

imagehlp

kernel32

netapi32

msvcrt

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 1.8MB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1.8MB

.rsrc
Size: 28KB - Virtual size: 24KB