b2417caa70ca16e5bfc5311f2ba72c94b462f3f57f30d9efe4113009c025c5b9

Sharing

Copy URL

Twitter E-mail

General

Target

b2417caa70ca16e5bfc5311f2ba72c94b462f3f57f30d9efe4113009c025c5b9
Size

676KB
MD5

3abcb1904fb21f213a0947297e3f5a60
SHA1

c8b719c4bd74d5640aa410992e357afa7dc0b8ae
SHA256

b2417caa70ca16e5bfc5311f2ba72c94b462f3f57f30d9efe4113009c025c5b9
SHA512

817a12e7c973ec5ada0e1f231a77c27481a0acb9f970c3ed48bc540137b12d37e512d7cdca85cc32ca29feb1f43accd3b0bf731441fa136a8373671b5f098acb
SSDEEP

6144:5Tqa+rypBCk+Fx7/BCttXXikQklSn8nbFpBJkCcjalJ/M6HnpJpGijgBwTFg56lf:sr/SlSBUJjnNFjpTWamBSSSMf+

Score

N/A

Malware Config

Signatures

Files

b2417caa70ca16e5bfc5311f2ba72c94b462f3f57f30d9efe4113009c025c5b9
.exe windows x86

137a6297126a17a7aeda4ea49a1fa223

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

lstrcmpA
FindFirstFileA
SystemTimeToFileTime
GetSystemTime
FileTimeToDosDateTime
FindNextFileA
FileTimeToLocalFileTime
GetFileSize
GetFileTime
WriteFile
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetDiskFreeSpaceA
GetTempPathA
GetWindowsDirectoryA
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryExA
WaitForSingleObject
CreateProcessA
LoadLibraryA
lstrcmpiA
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileSectionA
GetPrivateProfileStringA
SetEvent
CreateThread
Sleep
GetCurrentThreadId
CreateEventA
CreateDirectoryA
GetShortPathNameA
GetModuleHandleA
FindClose
HeapDestroy
DeleteCriticalSection
lstrcatA
OpenEventA
SetFilePointer
ReadFile
LockResource
LoadResource
SizeofResource
FindResourceA
SetFileAttributesA
GetCurrentProcess
GetVersionExA
WritePrivateProfileStringA
GetSystemDirectoryA
WinExec
SetFileTime
MoveFileExA
IsBadWritePtr
IsBadReadPtr
GetPrivateProfileSectionNamesA
WritePrivateProfileSectionA
RemoveDirectoryA
InitializeCriticalSection
QueryPerformanceFrequency
CreateFileA
CloseHandle
GetFileAttributesA
MoveFileA
DeleteFileA
CopyFileA
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
InterlockedDecrement
LocalFree
InterlockedIncrement
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
lstrlenW
WideCharToMultiByte
lstrcpyA
MultiByteToWideChar
lstrlenA
GetLastError
SetLastError
SetErrorMode
GetCommandLineA
GetACP
HeapSize
HeapReAlloc
GetCPInfo
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadCodePtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
HeapCreate
LCMapStringW
UnhandledExceptionFilter
TerminateProcess
TlsGetValue
TlsAlloc
ExitProcess
GetVersion
GetStartupInfoA
HeapAlloc
HeapFree
ExitThread
TlsSetValue
RaiseException
RtlUnwind
InterlockedExchange
GetCurrentThread
LCMapStringA
lstrcpynA
CreateFileMappingA
ResetEvent
UnmapViewOfFile
SearchPathA
VirtualQuery
QueryPerformanceCounter
GetOEMCP
MapViewOfFile
VirtualProtect

user32

GetDesktopWindow
PostThreadMessageA
wsprintfA
PeekMessageA
CharNextA
DispatchMessageA
GetMessageA
MsgWaitForMultipleObjects
LoadStringA
CharLowerBuffA
TranslateMessage
ExitWindowsEx
CharUpperA

advapi32

RegCloseKey
GetFileSecurityA
IsValidSecurityDescriptor
SetFileSecurityA
RegEnumValueA
RegConnectRegistryA
RegDeleteValueA
RegQueryInfoKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCreateKeyA
RegSetValueA
RegOpenKeyA
RegQueryValueExA
RegQueryValueA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA

ole32

CoGetClassObject
StgOpenStorage
CLSIDFromString
WriteClassStm
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID
CoUninitialize
CoTreatAsClass
CoInitialize
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
StgCreateDocfile
CreateStreamOnHGlobal
OleLoadFromStream
StringFromGUID2
CoCreateGuid
OleSaveToStream

oleaut32

RegisterTypeLi
LoadTypeLi
SafeArrayGetUBound
SafeArrayGetDim
SafeArrayCopy
SafeArrayCreate
SafeArrayGetLBound
SysAllocStringByteLen
SafeArrayDestroy
SafeArrayPutElement
VariantChangeType
LoadRegTypeLi
SysReAllocStringLen
CreateErrorInfo
SetErrorInfo
VariantInit
VariantCopyInd
VariantCopy
SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString
VariantClear
SafeArrayGetElement
SysStringByteLen

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

137a6297126a17a7aeda4ea49a1fa223

Headers

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

shell32

ole32

oleaut32

version

Sections

.text Size: 428KB - Virtual size: 427KB

.rdata Size: 88KB - Virtual size: 85KB

.data Size: 20KB - Virtual size: 106KB

.rsrc Size: 136KB - Virtual size: 136KB

.text
Size: 428KB - Virtual size: 427KB

.rdata
Size: 88KB - Virtual size: 85KB

.data
Size: 20KB - Virtual size: 106KB

.rsrc
Size: 136KB - Virtual size: 136KB