c399585aba8b0355acd109dd87f911d1f4c3a3fafd266f248f497842d8810d39

Sharing

Copy URL

Twitter E-mail

General

Target

c399585aba8b0355acd109dd87f911d1f4c3a3fafd266f248f497842d8810d39
Size

228KB
MD5

00f7278f4a5635132e4418dbdc873fc1
SHA1

83452dd33f697dfed5d3e66c37ff3e7ecf839671
SHA256

c399585aba8b0355acd109dd87f911d1f4c3a3fafd266f248f497842d8810d39
SHA512

432b2892f50ce806198ddc908bdf1d2a48792747e3046439fdf51e84bcd19f0a067ce1f2448cdcbdca01f1c3e2a8a4a0d80de73e1f5ada0d37b777c46126d17d
SSDEEP

6144:HglubXTC9794r4IrNX4zIYHJbMhoJEqb+aE64PuJX04kG5N8z:Rz+yr9rLkfJEqb+al4PKX04p+

Score

N/A

Malware Config

Signatures

Files

c399585aba8b0355acd109dd87f911d1f4c3a3fafd266f248f497842d8810d39
.exe windows x86

61e12c6e513b819a53569373e9056878

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__p__commode
_controlfp
calloc
??1type_info@@UAE@XZ
_onexit
__dllonexit
_except_handler3
__set_app_type
realloc
wcscat
_XcptFilter
_exit
_ltow
__getmainargs
exit
_acmdln
_adjust_fdiv
_initterm
__setusermatherr
?terminate@@YAXXZ
wcscpy
__p__fmode
wcscmp
malloc
wcslen
_ftol
free
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
_EH_prolog
__CxxFrameHandler
_wcsicmp
towlower
iswspace
towupper
memmove
_mbsinc
_CxxThrowException
vswprintf
iswdigit
_wtoi
isdigit
tolower
isupper
isxdigit
_wsplitpath
mbstowcs
_mbstrlen
atol
wcsncpy
sprintf
_wtoi64
_ultow
wcstoul
wcstol

advapi32

RegOpenKeyExW
RegConnectRegistryW
RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyExW
RegEnumValueW
GetUserNameW
RegCreateKeyExW
RegSetValueExW
RegConnectRegistryA
RegQueryValueA
GetUserNameA
RegQueryValueW
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryInfoKeyA
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
OpenProcessToken

kernel32

GetFileAttributesA
CopyFileA
CreateMutexA
WaitForMultipleObjects
LocalFree
ReleaseMutex
GetProcAddress
LoadLibraryA
GetEnvironmentVariableA
GetTempFileNameW
GetTempPathW
CopyFileW
InterlockedDecrement
CloseHandle
FormatMessageA
lstrcmpiA
GetCurrentThreadId
CreateEventA
GetCurrentProcessId
GetCommandLineA
SetPriorityClass
OpenProcess
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
MapViewOfFile
GetLastError
OpenFileMappingA
lstrlenW
UnmapViewOfFile
Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemTime
SetEvent
OpenEventA
ResetEvent
GetVersionExA
SetThreadPriority
HeapAlloc
GetProcessHeap
WaitForSingleObject
GetTickCount
lstrlenA
lstrcpynA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
CreateFileA
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetCurrentProcess
lstrcpyA
lstrcatA
PulseEvent
GetStartupInfoA
GetShortPathNameA
CreateDirectoryW
RemoveDirectoryW
CreateFileW
GetModuleFileNameW
SetFileAttributesW
GetModuleHandleW
RemoveDirectoryA
CreateThread
ResumeThread
GetExitCodeThread
SetCurrentDirectoryA
GetCurrentDirectoryA
MoveFileA
SearchPathA
FindClose
CreateProcessA
GetTimeFormatA
GetDateFormatA
GetACP
GetFullPathNameA
FindNextFileA
FindFirstFileA
CompareStringA
DeleteFileA
SetLastError
LocalAlloc
GetComputerNameA
GetFileAttributesW
GetTimeFormatW
CreateProcessW
CreateDirectoryA
SetFileAttributesA
GetDateFormatW
GetTempPathA
GetTempFileNameA
GetSystemDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
MoveFileW
SearchPathW
FindResourceW
GetSystemDirectoryW
GetShortPathNameW
CompareStringW
GetFullPathNameW
GetEnvironmentVariableW
FindNextFileW
FindFirstFileW
DeleteFileW
LoadLibraryExW
LoadLibraryW
FormatMessageW
GetComputerNameW

gdi32

ExtTextOutW
GetTextExtentPoint32W
CreateFontIndirectW
ExtTextOutA
GetTextExtentPoint32A
CreateFontIndirectA

user32

CreateDialogIndirectParamA
DialogBoxIndirectParamA
TabbedTextOutA
CreateDialogParamA
DialogBoxParamA
CharNextExA
LoadImageA
SetWindowTextA
RegisterWindowMessageA
GrayStringA
DrawTextExA
CreateDialogIndirectParamW
DialogBoxIndirectParamW
TabbedTextOutW
CreateDialogParamW
PeekMessageA
LoadImageW
GetWindowTextA
PostThreadMessageA
DialogBoxParamW
MsgWaitForMultipleObjects
LoadStringA
CharNextA
MessageBoxA
GetMessageA
DispatchMessageA
DrawTextExW
MessageBoxW
LoadStringW
GetWindowTextW
GrayStringW
RegisterWindowMessageW
SetWindowTextW

oleaut32

VarI4FromStr
UnRegisterTypeLi
SetErrorInfo
GetErrorInfo
SysAllocString
SysFreeString
SysAllocStringLen
LoadTypeLi
SysStringByteLen
VariantInit
VariantClear
VariantChangeType
RegisterTypeLi

ole32

CoSuspendClassObjects
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
WriteClassStm
CoTaskMemFree
CoTaskMemRealloc
IIDFromString
CoCreateInstance
CoGetInterfaceAndReleaseStream
CoTaskMemAlloc
CoMarshalInterThreadInterfaceInStream
StringFromGUID2
CLSIDFromString
OleSaveToStream
CoInitializeSecurity
CoInitialize

shell32

ExtractIconExA
SHBrowseForFolderA
SHGetFileInfoA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetSaveFileNameW
GetOpenFileNameW

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

61e12c6e513b819a53569373e9056878

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

oleaut32

ole32

shell32

comdlg32

Sections

.text Size: 124KB - Virtual size: 122KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 12KB - Virtual size: 11KB

.cdata Size: 76KB - Virtual size: 76KB

.text
Size: 124KB - Virtual size: 122KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 12KB - Virtual size: 11KB

.cdata
Size: 76KB - Virtual size: 76KB