5652a52ff824a77feb57adcef71ddb8e38f6f4d6d43459d54378696584a10ee9

Sharing

Copy URL Twitter E-mail

General

Target

5652a52ff824a77feb57adcef71ddb8e38f6f4d6d43459d54378696584a10ee9
Size

1.1MB
MD5

11d6feb29f862f3fbf3a8040443e9200
SHA1

776f8cda1c37a00325d22f03abbe4ef97722280e
SHA256

5652a52ff824a77feb57adcef71ddb8e38f6f4d6d43459d54378696584a10ee9
SHA512

e7c82d5fd5aaa9b63eba73b3ffeed24187e59311bf6fa8ddc744a9a62abcfecafa243727eb4a2e93fecfb8702f1a941b9afc506e3adf83c96b200186ee59a438
SSDEEP

24576:fMl6HKpXlmzJrFr56f8H+fJ93MpdBsPLxCg:QSzFFN6f8H+fJ93MpdBsDsg

Score

N/A

Malware Config

Signatures

Files

5652a52ff824a77feb57adcef71ddb8e38f6f4d6d43459d54378696584a10ee9
.exe windows x86

08bf1babec59e1219eb589eb2a0941d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
FindFirstFileW
FindClose
SetFilePointer
SetEndOfFile
WriteFile
GetFileSize
ReadFile
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
GetTickCount
WaitForMultipleObjects
GetCurrentProcessId
LocalFree
OpenProcess
GetVersionExW
Process32NextW
TerminateProcess
Process32FirstW
CreateToolhelp32Snapshot
GetCurrentProcess
GlobalFree
GlobalAlloc
SetLastError
GetComputerNameW
InterlockedDecrement
DeviceIoControl
CreateEventW
SetEvent
lstrlenA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
HeapReAlloc
VirtualAlloc
GetTimeZoneInformation
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
CreateFileW
GetLongPathNameW
SetFileAttributesW
MoveFileExW
GetTempFileNameW
GetWindowsDirectoryW
GetFullPathNameW
GetTempPathW
lstrlenW
MoveFileW
WideCharToMultiByte
MultiByteToWideChar
GetACP
LoadLibraryA
GetModuleFileNameW
CreateDirectoryW
DeleteFileW
CopyFileW
FreeLibrary
RemoveDirectoryW
LoadLibraryW
GetFileAttributesW
CreateMutexW
CloseHandle
ReleaseMutex
WaitForSingleObject
GetLastError
GetProcAddress
GetModuleHandleW
InterlockedExchangeAdd
HeapSize
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitProcess
GetModuleHandleA
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoA
GetProcessHeap
HeapAlloc
GetVersionExA
GetCommandLineA
HeapFree

user32

MonitorFromWindow
MapWindowPoints
LoadImageW
DefWindowProcW
GetWindowRect
GetMonitorInfoW
LoadCursorW
GetSystemMetrics
RegisterClassW
ScreenToClient
SetTimer
ShowWindow
UnregisterClassW
LoadIconW
SystemParametersInfoW
BeginPaint
EndPaint
GetWindow
IsWindow
SetPropW
DestroyWindow
DispatchMessageW
GetDesktopWindow
GetWindowLongW
SetWindowPos
CreateWindowExW
GetDC
SetCursor
TranslateMessage
GetParent
GetCursorPos
GetClientRect
GetMessageW
GetPropW

gdi32

SelectObject
BitBlt
DeleteDC
CreateCompatibleDC
GetObjectW
DeleteObject

advapi32

RegEnumKeyW
RegQueryInfoKeyW
GetUserNameW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
ConvertSidToStringSidW
GetTokenInformation
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW
DeleteService
OpenServiceW
ControlService
QueryServiceStatusEx
CloseServiceHandle
OpenSCManagerW

shell32

ShellExecuteExW
SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoUninitialize
OleUninitialize
OleInitialize
CoInitializeSecurity
CoTaskMemFree
CoCreateInstance

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString

wininet

HttpQueryInfoW
InternetCrackUrlW
InternetWriteFile
HttpSendRequestExW
HttpEndRequestW
InternetConnectW
HttpOpenRequestW
InternetSetOptionW
InternetOpenW
InternetCloseHandle
InternetReadFile

Sections

.text
Size: 241KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 823KB - Virtual size: 824KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

08bf1babec59e1219eb589eb2a0941d0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wininet

Sections

.text Size: 241KB - Virtual size: 240KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 823KB - Virtual size: 824KB

.text
Size: 241KB - Virtual size: 240KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 823KB - Virtual size: 824KB