1dc41b119910146f7449a86c25e894a703283e1da78f3bd1c0dd981c39db1543

Sharing

Copy URL Twitter E-mail

General

Target

1dc41b119910146f7449a86c25e894a703283e1da78f3bd1c0dd981c39db1543
Size

1.2MB
MD5

302e59d0c6e2d8699f24acfcb77052b0
SHA1

5f1fc492192933e8f17cfd537f767efbea87eb01
SHA256

1dc41b119910146f7449a86c25e894a703283e1da78f3bd1c0dd981c39db1543
SHA512

cd5ab645b84f837f1bbb9ea6488c519e5b76bce2a9d1458976b24b0055f54cb00ab191405556d79c446df8bc12667180a96908bdaf974a33cd3ea1eabbba4652
SSDEEP

24576:BgBQhvSdsnvvEbPpWN07TIjQ4y225hsuJF9ymkA3:2QscGZbsuJF9ymkG

Score

N/A

Malware Config

Signatures

Files

1dc41b119910146f7449a86c25e894a703283e1da78f3bd1c0dd981c39db1543
.exe windows x86

7a1d7915c5672e105e5b515bd1f9b7f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenW
InternetOpenUrlW
HttpQueryInfoW
InternetCloseHandle
InternetSetOptionW
InternetReadFile

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

msimg32

AlphaBlend

comctl32

_TrackMouseEvent

riched20

ord4

kernel32

CreateDirectoryW
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
GetCurrentThreadId
ResumeThread
ResetEvent
SetEvent
CreateEventW
MultiByteToWideChar
WideCharToMultiByte
FindNextFileW
FindFirstFileW
FindClose
FreeLibrary
GetProcAddress
LoadLibraryW
GetWindowsDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetLongPathNameW
MoveFileW
GetFullPathNameW
MoveFileExW
GetSystemInfo
GetVersionExW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetEnvironmentVariableW
VirtualProtectEx
VirtualAllocEx
WriteProcessMemory
VirtualQueryEx
ReadProcessMemory
TerminateProcess
SetLastError
GetTempFileNameW
GlobalLock
GlobalUnlock
GlobalAlloc
GetCurrentProcess
MulDiv
InterlockedDecrement
InterlockedIncrement
FreeResource
FindResourceW
LoadResource
LockResource
SizeofResource
HeapFree
GetProcessHeap
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
ExitProcess
GetModuleHandleA
GetCPInfo
LCMapStringW
LCMapStringA
RaiseException
HeapReAlloc
RtlUnwind
CreateThread
ExitThread
GetStartupInfoW
GetVersionExA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapAlloc
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
SetHandleCount
GetFileType
GetStartupInfoA
GetTimeZoneInformation
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
QueryPerformanceCounter
GetCurrentProcessId
SetEnvironmentVariableW
lstrcmpW
GetCommandLineW
GetModuleHandleW
GetModuleFileNameW
FreeEnvironmentStringsW
GetTempPathW
FlushFileBuffers
Sleep
GetLocalTime
GetEnvironmentStringsW
GetLastError
OpenMutexW
OpenProcess
ReleaseMutex
CreateMutexW
GetExitCodeProcess
lstrlenW
GetFileSize
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrlenA
WritePrivateProfileStringW
CreateFileW
SetFilePointer
ReadFile
DeleteFileW
SetEndOfFile
WriteFile
CreateProcessW
WaitForSingleObject
CloseHandle
GetTickCount
TlsSetValue
TlsFree
GetStdHandle
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalFree

user32

SetCapture
MonitorFromWindow
GetUpdateRect
TranslateAcceleratorW
GetCursorPos
UpdateLayeredWindow
SetWindowRgn
IsWindowEnabled
GetKeyState
HideCaret
ScreenToClient
IsWindow
CreateWindowExW
RegisterClassExW
RegisterClassW
SendMessageW
GetMessageW
EnableWindow
SetFocus
LoadImageW
DestroyIcon
GetClassInfoExW
CharNextA
MoveWindow
ReleaseDC
RedrawWindow
GetDC
SetCursor
DrawFocusRect
LoadCursorW
IsRectEmpty
IntersectRect
DestroyWindow
EndPaint
SetCaretPos
BeginPaint
ReleaseCapture
GetMonitorInfoW
ShowCaret
GetFocus
InvalidateRect
LoadStringW
GetActiveWindow
IsChild
MapWindowPoints
GetWindowTextW
IsZoomed
GetWindowTextLengthW
SetForegroundWindow
GetWindowRect
GetParent
AttachThreadInput
IsIconic
SetWindowTextW
GetWindowThreadProcessId
CreateCaret
LoadBitmapW
OffsetRect
CopyImage
DrawIconEx
DrawTextW
GetAsyncKeyState
ChildWindowFromPointEx
CharNextW
SetWindowsHookExW
EnumThreadWindows
FindWindowW
MessageBoxW
GetForegroundWindow
GetSystemMetrics
ShowWindow
IsWindowVisible
PostQuitMessage
CallNextHookEx
GetDesktopWindow
GetClientRect
SystemParametersInfoW
wsprintfA
wsprintfW
SetWindowPos
PostMessageW
KillTimer
TranslateMessage
PeekMessageW
DispatchMessageW
SetTimer
CallWindowProcW
DefWindowProcW
SetPropW
GetClassNameW
SetWindowLongW
GetPropW
GetWindow
GetWindowLongW
ClientToScreen
GetSysColor
CreateAcceleratorTableW
InvalidateRgn
DestroyAcceleratorTable
FillRect
CharPrevW
PtInRect

gdi32

CreateRoundRectRgn
EnumFontsW
GetTextExtentPoint32W
SetBkMode
CombineRgn
CreateRectRgn
Rectangle
DeleteDC
SetBitmapBits
RoundRect
GetBitmapBits
ExtTextOutW
CreateSolidBrush
GetClipBox
SetBkColor
SetStretchBltMode
SelectClipRgn
GetCharABCWidthsW
StretchBlt
CreateCompatibleBitmap
CreateDIBSection
ExtSelectClipRgn
CreateFontIndirectW
GetTextMetricsW
CreatePen
CreateEllipticRgn
MoveToEx
LineTo
GetStockObject
BitBlt
CreateCompatibleDC
CreateRectRgnIndirect
GetDeviceCaps
DeleteObject
GetObjectW
TextOutW
SelectObject
SetTextColor

advapi32

RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey

shell32

SHGetSpecialFolderPathW
ShellExecuteExW
CommandLineToArgvW
SHGetFolderPathW
ShellExecuteW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
CoUninitialize
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
OleDuplicateData
ReleaseStgMedium

oleaut32

SysAllocString
SysFreeString
OleLoadPicture

shlwapi

StrStrIA
StrStrIW

Sections

.text
Size: 840KB - Virtual size: 840KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7a1d7915c5672e105e5b515bd1f9b7f7

Headers

File Characteristics

Imports

wininet

version

msimg32

comctl32

riched20

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 840KB - Virtual size: 840KB

.rdata Size: 160KB - Virtual size: 157KB

.data Size: 16KB - Virtual size: 25KB

.tls Size: 4KB - Virtual size: 9B

.rsrc Size: 160KB - Virtual size: 160KB

.text
Size: 840KB - Virtual size: 840KB

.rdata
Size: 160KB - Virtual size: 157KB

.data
Size: 16KB - Virtual size: 25KB

.tls
Size: 4KB - Virtual size: 9B

.rsrc
Size: 160KB - Virtual size: 160KB