08652ad010bef12dd72f1cf498d55c18484e22c5c334ad478248d667d20e3e64

Sharing

Copy URL Twitter E-mail

General

Target

08652ad010bef12dd72f1cf498d55c18484e22c5c334ad478248d667d20e3e64
Size

340KB
MD5

2581090362fcbcdc68fe7c8cd3a8a6a6
SHA1

cf74a36ade19b87a775ade5ee637640b223940c4
SHA256

08652ad010bef12dd72f1cf498d55c18484e22c5c334ad478248d667d20e3e64
SHA512

f17a4b5590305471817af42b42c468a175ed049122eea7dd7c64e7a203a64b99981ecc20907f4cc170acca3d1588968ccad6de8e753ed6487ac9d4882d908b8b
SSDEEP

6144:u5b8zSgqnt/2br8d1wbT7e0X+LbHDv+5eQqJdzhDf1ln8pNrLciiec:u5ojqt/2br87wbu04v+5e3dzpdl8pRLC

Score

N/A

Malware Config

Signatures

Files

08652ad010bef12dd72f1cf498d55c18484e22c5c334ad478248d667d20e3e64
.exe windows x86

53991684058b6b21e7840a1995b2fbe2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetCurrentThreadId
OpenProcess
lstrcmpiA
GetFullPathNameA
GetWindowsDirectoryA
ExpandEnvironmentStringsA
GetSystemDefaultLangID
GetUserDefaultUILanguage
GetUserDefaultLangID
GetSystemDefaultUILanguage
CompareStringW
FlushFileBuffers
ReadFile
GetStringTypeW
GetStringTypeA
SetStdHandle
GetOEMCP
GetACP
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetCPInfo
SetFilePointer
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
HeapFree
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetModuleFileNameA
RtlUnwind
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
ExitThread
TlsGetValue
TlsSetValue
GetLocalTime
GetSystemTime
GetTimeZoneInformation
InterlockedIncrement
InterlockedDecrement
SleepEx
GetLastError
CreateFileMappingA
CreateThread
GetSystemDirectoryA
lstrcpynA
LoadLibraryA
GetProcAddress
FreeLibrary
lstrlenA
LocalFree
FindFirstFileA
LocalAlloc
CompareStringA
FindNextFileA
FindClose
lstrcmpA
SetEnvironmentVariableA
OutputDebugStringA
GetVersionExA
Sleep
CreateMutexA
OpenFileMappingA
MapViewOfFile
OpenEventA
WaitForSingleObject
SetEvent
ReleaseMutex
CloseHandle
UnmapViewOfFile
GetEnvironmentStrings
SetLastError

user32

RegisterWindowMessageA
FindWindowExA
GetTopWindow
GetWindow
IsWindowVisible
DestroyWindow
LoadBitmapA
GetWindowThreadProcessId
PostMessageA
SendMessageA
PostQuitMessage
CreateIconIndirect
ShowCursor
SetCursor
SetWindowRgn
LoadCursorFromFileA
DestroyCursor
ChildWindowFromPointEx
GetMessageExtraInfo
IsRectEmpty
GetSysColorBrush
GetSysColor
FillRect
DrawIconEx
DestroyIcon
GetDC
GetDesktopWindow
SetSystemCursor
CopyIcon
DefWindowProcA
GetSystemMetrics
LoadImageA
LoadCursorA
RegisterClassA
CreateWindowExA
SetDoubleClickTime
GetMessageA
TranslateMessage
DispatchMessageA
KillTimer
SetTimer
LoadMenuA
GetSubMenu
InsertMenuA
DeleteMenu
DrawMenuBar
TrackPopupMenu
mouse_event
MessageBeep
LoadStringA
GetParent
IsWindow
GetWindowDC
GetWindowRect
ReleaseDC
ClipCursor
SetRect
GetAsyncKeyState
SetForegroundWindow
TrackPopupMenuEx
GetWindowLongA
CreatePopupMenu
DestroyMenu
InsertMenuItemA
GetMenuItemCount
GetMenuItemInfoA
LockWorkStation
WindowFromPoint
GetForegroundWindow
GetAncestor
GetClassNameA
SystemParametersInfoA
GetCursorPos
GetWindowTextA
FindWindowA
MessageBoxA
SetCursorPos
AttachThreadInput
SendInput
ScreenToClient

gdi32

PatBlt
BitBlt
SetMapMode
GetMapMode
CreateCompatibleBitmap
GetTextExtentPoint32A
DPtoLP
GetObjectA
CombineRgn
GetPixel
CreateRectRgn
SelectObject
GetStockObject
TextOutA
SetTextAlign
SetTextColor
SetBkColor
DeleteDC
CreateBitmap
CreateCompatibleDC
DeleteObject

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA

shell32

Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteExA
SHGetFileInfoA
ShellExecuteA
SHGetFolderPathA

psapi

EnumProcessModules
EnumProcesses
GetModuleFileNameExA

winmm

PlaySoundA

shlwapi

PathFileExistsA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupOpenInfFileA
SetupCloseInfFile
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupGetLineTextA
SetupDiDestroyDeviceInfoList

powrprof

CallNtPowerInformation

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdata
Size: 4KB - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tsdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

53991684058b6b21e7840a1995b2fbe2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

psapi

winmm

shlwapi

setupapi

powrprof

Sections

.text Size: 120KB - Virtual size: 119KB

.sdata Size: 4KB - Virtual size: 348B

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 28KB - Virtual size: 45KB

.rsrc Size: 104KB - Virtual size: 101KB

.tsdata Size: 72KB - Virtual size: 72KB

.text
Size: 120KB - Virtual size: 119KB

.sdata
Size: 4KB - Virtual size: 348B

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 28KB - Virtual size: 45KB

.rsrc
Size: 104KB - Virtual size: 101KB

.tsdata
Size: 72KB - Virtual size: 72KB