a7318c514dc592f418ea93736d2012ce20d7539ef4b75717e9c280cc160c4838

Sharing

Copy URL Twitter E-mail

General

Target

a7318c514dc592f418ea93736d2012ce20d7539ef4b75717e9c280cc160c4838
Size

438KB
MD5

1001e2551b1bfa10174af5cae73fbb70
SHA1

f6161557ea98a15ebb65b7cc0548295e230c81c5
SHA256

a7318c514dc592f418ea93736d2012ce20d7539ef4b75717e9c280cc160c4838
SHA512

ea73636336c678b7fac4957d9ccad0b99a066d84660e197697e3640f81cf432abd866331e088c40e7679f49deb5b3872079d013bfbdd34b89199d97bd1e6cbce
SSDEEP

12288:/AqFjqUZxx5e2txQvxO+CoF4hhhhhhhhhOssR78:/Rj5xOcQvMSiW4

Score

N/A

Malware Config

Signatures

Files

a7318c514dc592f418ea93736d2012ce20d7539ef4b75717e9c280cc160c4838
.exe windows x86

0003a47d5858211c7f04045032bc172c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
WritePrivateProfileStringA
GetPrivateProfileIntW
GetPrivateProfileStringA
GetPrivateProfileStringW
CopyFileW
MoveFileW
InterlockedExchangeAdd
InitializeCriticalSection
ExitProcess
MapViewOfFile
ReleaseMutex
CreateFileMappingW
WaitForSingleObject
CreateMutexW
TerminateProcess
GetCurrentProcess
TlsSetValue
FindCloseChangeNotification
FindFirstChangeNotificationW
GetLocalTime
TlsGetValue
TlsAlloc
LoadLibraryW
GetSystemInfo
FreeLibrary
UnmapViewOfFile
InterlockedDecrement
TlsFree
DeleteCriticalSection
lstrlenW
RaiseException
GetProcAddress
GetModuleHandleW
Sleep
FlushInstructionCache
HeapFree
GetProcessHeap
HeapAlloc
VerifyVersionInfoW
VerSetConditionMask
lstrcpyW
lstrlenA
LockResource
LoadResource
FindResourceW
GetTickCount
CreateThread
DeleteFileA
GetExitCodeProcess
FreeResource
SizeofResource
FindResourceA
MoveFileExA
CreateEventW
InterlockedIncrement
SetLastError
RemoveDirectoryW
GetTempPathA
OutputDebugStringW
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetCurrentDirectoryA
GetFullPathNameW
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetModuleFileNameA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
GetModuleHandleA
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
LCMapStringA
LCMapStringW
SetFilePointer
GetCPInfo
WriteFile
GetTimeZoneInformation
GetCurrentDirectoryW
VirtualProtect
SetStdHandle
GetDriveTypeA
WritePrivateProfileStringW
FlushFileBuffers
GetFileAttributesW
CreateDirectoryW
GetFileAttributesA
CreateDirectoryA
CloseHandle
GlobalAlloc
GlobalLock
FindFirstFileW
GetLastError
DeleteFileW
FindNextFileW
FindClose
GetCurrentProcessId
MultiByteToWideChar
GetCurrentThreadId
GetModuleFileNameW
GlobalUnlock
GlobalFree
LeaveCriticalSection
EnterCriticalSection
VirtualQuery
WideCharToMultiByte
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetOEMCP
InterlockedExchange

user32

FindWindowW
MapDialogRect
SetWindowContextHelpId
DefWindowProcW
CreateWindowExW
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
GetFocus
GetClassInfoW
RegisterClassW
SetFocus
IsDialogMessageW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
CreateDialogParamW
LoadMenuW
GetSubMenu
ModifyMenuW
GetCursorPos
SetForegroundWindow
TrackPopupMenuEx
DestroyMenu
BeginPaint
DrawTextW
EndPaint
FindWindowExW
EnableMenuItem
wsprintfW
GetActiveWindow
SendDlgItemMessageW
EndDialog
DialogBoxParamW
PostQuitMessage
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
GetDlgItem
EnableWindow
IsWindowEnabled
KillTimer
SetTimer
ShowWindow
InvalidateRect
SetWindowPos
GetSystemMenu
SetWindowTextW
SendMessageW
GetWindowLongW
SetWindowLongW
DestroyWindow
LoadIconW
GetSystemMetrics
LoadImageW
PostMessageW
MessageBoxW
GetMenuState

gdi32

BitBlt
DeleteDC
StretchBlt
CreateFontW
DeleteObject
GetObjectW
SetBkColor
SelectObject
CreateCompatibleDC
SetTextColor
SetBkMode

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW

shell32

ord680
ShellExecuteExA
Shell_NotifyIconW
SHGetFolderPathW
ShellExecuteW

ole32

CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
StringFromIID
CoTaskMemFree
CoInitialize

oleaut32

SysFreeString
SysAllocString
OleLoadPicture
SysAllocStringLen
SysStringLen

atl71

ord61
ord64
ord44
ord43
ord23
ord37
ord66
ord42
ord60
ord48
ord65

shlwapi

PathRemoveFileSpecW
PathFileExistsA
PathAppendA
PathFileExistsW
PathAppendW
PathAddBackslashA
StrCmpW

comctl32

InitCommonControlsEx

msimg32

TransparentBlt

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

urlmon

URLDownloadToFileA
URLDownloadToCacheFileW

wintrust

WTHelperGetProvCertFromChain
WTHelperProvDataFromStateData
WinVerifyTrust
WTHelperGetProvSignerFromChain

crypt32

CertGetNameStringW

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0003a47d5858211c7f04045032bc172c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

atl71

shlwapi

comctl32

msimg32

version

urlmon

wintrust

crypt32

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 256KB - Virtual size: 256KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 256KB - Virtual size: 256KB