911dbd1ea00347f2224895ec044acd0a853faff2cfe24f87347ef897c37a8abe

Sharing

Copy URL Twitter E-mail

General

Target

911dbd1ea00347f2224895ec044acd0a853faff2cfe24f87347ef897c37a8abe
Size

401KB
MD5

214d5beeb7a8624e2ed65de024cb3830
SHA1

392d62a48072ea7c550fa390568a19023f02d46a
SHA256

911dbd1ea00347f2224895ec044acd0a853faff2cfe24f87347ef897c37a8abe
SHA512

7c3af955cb6144b5e21aeadbd534964acb8009e689be91f9cb47bf61f0b135b4db4bd318f928f945905abb63a0885c53bdd2ca66b0d5de617b246ec72db60e22
SSDEEP

6144:aiSdIQAdj5s2GaF2jKyB+s1Mo3vHzax6gphHYWBkIaaevp6q:aiSdIQAdju2e2yV1MezzykIaaeh6q

Score

N/A

Malware Config

Signatures

Files

911dbd1ea00347f2224895ec044acd0a853faff2cfe24f87347ef897c37a8abe
.exe windows x86

2308c04955b2a65afb32a5742808ca09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntW
WaitForSingleObject
FlushInstructionCache
CreateEventW
CreateDirectoryW
Sleep
SetEvent
GetTickCount
WaitForMultipleObjects
SetProcessWorkingSetSize
WideCharToMultiByte
GetStartupInfoW
CreateFileW
ReadFile
SetFilePointer
GetFileSize
VirtualAlloc
VirtualFree
GetCurrentProcessId
GetVersionExW
GetModuleHandleW
CreateProcessW
GetCurrentProcess
CloseHandle
MultiByteToWideChar
FindFirstFileW
FindClose
FindNextFileW
GetTempPathW
GetTempFileNameW
DeleteFileW
lstrlenA
InterlockedIncrement
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
GetModuleFileNameW
LoadLibraryW
GetProcAddress
FreeLibrary
EnterCriticalSection
GetCurrentThreadId
LeaveCriticalSection
LocalFree
lstrlenW
GetCommandLineW
InterlockedDecrement
CreateMutexW
GetLastError
WritePrivateProfileStringW

user32

GetDlgCtrlID
IsWindow
GetParent
GetWindowThreadProcessId
LoadBitmapW
CharNextW
LoadStringW
DestroyWindow
SetWindowLongW
LoadImageW
EnumWindows
SendMessageW
GetWindowLongW
IsWindowVisible
IsWindowEnabled
SetForegroundWindow
MessageBoxW
SwitchToThisWindow
PostMessageW
GetWindowRect
FindWindowW
SystemParametersInfoW
GetWindow
SetWindowTextW
GetClientRect
GetDlgItem
SetWindowPos
SetFocus
KillTimer
DrawTextW
CharLowerW
SetCursor
IntersectRect
MonitorFromPoint
GetMonitorInfoW
DrawEdge
DrawFocusRect
GetWindowTextLengthW
GetWindowTextW
GetSubMenu
LoadMenuW
GetSysColor
GetSysColorBrush
GetDC
SetCapture
GetCapture
ReleaseCapture
GetClassInfoExW
LoadCursorW
wsprintfW
RegisterClassExW
CallWindowProcW
BeginPaint
EndPaint
RedrawWindow
IsZoomed
PostQuitMessage
SendMessageTimeoutW
DialogBoxParamW
ClientToScreen
DeleteMenu
TrackPopupMenu
DestroyMenu
UpdateWindow
ScreenToClient
MoveWindow
MapWindowPoints
DestroyIcon
PtInRect
EnableWindow
InvalidateRect
InflateRect
CreateWindowExW
IsRectEmpty
GetMenu
AdjustWindowRectEx
GetActiveWindow
GetSystemMetrics
DispatchMessageW
TranslateMessage
SetTimer
GetMessageW
PeekMessageW
ShowWindow
DefWindowProcW
EndDialog

gdi32

DeleteDC
SetViewportOrgEx
CreateCompatibleBitmap
BitBlt
MoveToEx
LineTo
ExtTextOutW
CreatePen
CreateSolidBrush
GetClipBox
CreateCompatibleDC
SaveDC
RestoreDC
SetTextColor
SetBkMode
GetStockObject
SetBkColor
CreateFontW
GetObjectW
CreateFontIndirectW
StretchBlt
SelectObject
DeleteObject

advapi32

OpenProcessToken
GetTokenInformation

shell32

ord680
ShellExecuteExW
ShellExecuteW
CommandLineToArgvW

ole32

CoInitialize
CoUninitialize

oleaut32

VariantChangeType
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
VariantInit
VariantClear
SysFreeString
SysAllocString
SysStringLen

comctl32

ImageList_LoadImageW
ImageList_GetIconSize
_TrackMouseEvent
InitCommonControlsEx
ImageList_Destroy
ImageList_Draw

msimg32

TransparentBlt

shlwapi

StrChrW
StrStrIW
PathAppendW
SHGetValueW
PathIsRelativeW
PathRemoveFileSpecW
StrCmpNIW
PathCombineW
PathFileExistsW

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

msvcrt

__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
?terminate@@YAXXZ
_onexit
__dllonexit
_except_handler3
_CxxThrowException
_wcsnicmp
wcsncmp
wcschr
_beginthreadex
_purecall
__set_app_type
wcsstr
wcscpy
_wfopen
fwrite
fclose
wcscmp
wcsncpy
_vsnwprintf
_wtoi
iswdigit
wcslen
malloc
vswprintf
memmove
realloc
wcsncat
??2@YAPAXI@Z
free
_wcsicmp
__CxxFrameHandler
??1type_info@@UAE@XZ
_controlfp
iswspace

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2308c04955b2a65afb32a5742808ca09

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

msimg32

shlwapi

msvcp60

msvcrt

version

Sections

.text Size: 152KB - Virtual size: 149KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 212KB - Virtual size: 212KB

.text
Size: 152KB - Virtual size: 149KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 212KB - Virtual size: 212KB