a390056a404fd24308d3cf031ebb3a219b037fdb6633c140e2a0f1dd5c487e6c

Sharing

Copy URL Twitter E-mail

General

Target

a390056a404fd24308d3cf031ebb3a219b037fdb6633c140e2a0f1dd5c487e6c
Size

374KB
MD5

364813ad12506ef7f4c8e3693fb22de0
SHA1

21410c15d728dd09bf4575452018cf063e5cfed5
SHA256

a390056a404fd24308d3cf031ebb3a219b037fdb6633c140e2a0f1dd5c487e6c
SHA512

8f5c38db78848d6939d8ed3dc34fed749f685dbc52ea521dd0f4e6a1dec459f1e13cfe3317ef755b5e6c3f842adad956bc0c15c86bf02bdf87972760a3f31c13
SSDEEP

6144:R5ug+rCKkngkU4fqUv79no8N66Xfb8TfdMKeUwdAy4EyzLgIqC2Ss5jk:3ufrCKkng69n6Gf4TfgxAy9yzUISpdk

Score

N/A

Malware Config

Signatures

Files

a390056a404fd24308d3cf031ebb3a219b037fdb6633c140e2a0f1dd5c487e6c
.exe windows x86

70e3ae54495534dc9334cb6399bc95c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
WritePrivateProfileStringW
OutputDebugStringA
GetModuleFileNameW
GetPrivateProfileStringW
lstrlenA
GetFileAttributesW
WideCharToMultiByte
GetPrivateProfileStringA
MultiByteToWideChar
GetPrivateProfileIntW
GetCurrentProcessId
LoadLibraryW
EnterCriticalSection
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
LoadLibraryExW
GetSystemDirectoryW
CreateDirectoryW
DeleteCriticalSection
CreateProcessW
GetTempFileNameW
CopyFileW
DeleteFileW
FreeLibrary
GetCommandLineW
GetTempPathW
InitializeCriticalSection
FindNextFileW
FindClose
FindFirstFileW
FileTimeToSystemTime
ReadFile
GetLocalTime
GetFileInformationByHandle
SetFilePointer
SystemTimeToFileTime
WriteFile
GetUserDefaultUILanguage
GlobalMemoryStatusEx
GetVersionExW
GetSystemDefaultUILanguage
GetThreadLocale
IsProcessorFeaturePresent
InterlockedCompareExchange
CreateFileA
FlushFileBuffers
RaiseException
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
InterlockedExchange
LoadLibraryA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
ExitProcess
GetModuleFileNameA
GetStdHandle
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
TlsFree
TlsSetValue
OpenProcess
GetModuleHandleW
GetProcAddress
GetExitCodeThread
FlushInstructionCache
Sleep
GetCurrentProcess
TerminateThread
GetTickCount
LeaveCriticalSection
CreateFileMappingW
lstrcpyW
FindResourceExW
LoadResource
LockResource
SizeofResource
CreateThread
WaitForSingleObject
FindResourceW
lstrlenW
GetLastError
CreateFileW
UnmapViewOfFile
TlsAlloc
TlsGetValue
GetModuleHandleA
GetStartupInfoW
GetProcessHeap
GetVersionExA
GetSystemTimeAsFileTime
HeapReAlloc
HeapFree
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileSize
MapViewOfFile
CloseHandle

user32

ReleaseDC
PeekMessageW
TranslateMessage
DispatchMessageW
SetDlgItemTextW
EnableWindow
SetWindowLongW
GetDlgItem
EndDialog
InvalidateRect
DrawIcon
UpdateWindow
ShowWindow
ScreenToClient
SendMessageW
DefWindowProcW
GetSystemMenu
GetWindowLongW
MoveWindow
GetMenuItemCount
GetMenuItemID
CallWindowProcW
GetWindowRect
EnableMenuItem
SetForegroundWindow
GetMessageW
PostMessageW
GetWindowTextLengthW
wvsprintfW
DialogBoxParamW
CreateDialogParamW
DestroyWindow
BeginPaint
SetWindowTextW
GetWindowTextW
GetDesktopWindow
wvsprintfA
CharNextW
MessageBoxW
PostQuitMessage
IsWindowVisible
wsprintfA
LoadBitmapW
wsprintfW
UnregisterClassA
LoadCursorW
LoadStringW
SetCursor
GetWindowDC
RedrawWindow
EndPaint
GetActiveWindow
GetCursorPos
GetDlgCtrlID

gdi32

CreateSolidBrush
SelectObject
SetBkMode
SetTextColor
CreateFontW
DeleteObject
BitBlt
CreateCompatibleDC
CreateBitmap
DeleteDC
SetBkColor
TextOutW

advapi32

RegSetValueExW
RegQueryValueExW
RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW

shell32

CommandLineToArgvW
ShellExecuteW
SHGetFolderPathW
SHGetFileInfoW
ShellExecuteA

ole32

CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc

oleaut32

VarUI4FromStr

shlwapi

PathFindExtensionW
PathFileExistsW
PathAppendW
PathRemoveFileSpecW
PathStripPathW
PathFindFileNameW

comctl32

ImageList_DrawEx
ImageList_Destroy
ImageList_LoadImageW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

ws2_32

htons
setsockopt
socket
WSACleanup
closesocket
inet_addr
WSAAsyncSelect
gethostbyname
connect
WSAStartup
WSAGetLastError
send

psapi

GetProcessMemoryInfo
GetModuleFileNameExW
EnumProcesses

wininet

InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetReadFile
InternetCloseHandle
InternetOpenW
InternetSetOptionW

dbghelp

StackWalk64
MiniDumpReadDumpStream

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

70e3ae54495534dc9334cb6399bc95c0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

version

ws2_32

psapi

wininet

dbghelp

Sections

.text Size: 224KB - Virtual size: 222KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 92KB - Virtual size: 92KB

.text
Size: 224KB - Virtual size: 222KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 92KB - Virtual size: 92KB