4d3d2c8fc828be23cd765118c8ec4ace5944a50380580e7668a79772eff56d7a

Sharing

Copy URL Twitter E-mail

General

Target

4d3d2c8fc828be23cd765118c8ec4ace5944a50380580e7668a79772eff56d7a
Size

1.1MB
MD5

289843f46682ff608482e5c547b2b560
SHA1

1b7bae4af506a5b0c79a3d30e17077a0bb90a1f8
SHA256

4d3d2c8fc828be23cd765118c8ec4ace5944a50380580e7668a79772eff56d7a
SHA512

9c1e90d730cadf47537a5bccba4baa80a30a22fbf04ffd3d5587f1743302fe01bd2cc9446b1947845b7a06e85b19f74206b5dbb4596029de9047595fb01bce0c
SSDEEP

24576:Auu2p1cB4AZmRdiQ+Eo9pE4S04pE4S0wyE:FusCDZ+kQy7fif

Score

N/A

Malware Config

Signatures

Files

4d3d2c8fc828be23cd765118c8ec4ace5944a50380580e7668a79772eff56d7a
.exe windows x86

dfda9dd782df139a140c1260644c11c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
WriteFile
FindClose
FindNextFileW
FindFirstFileW
SearchPathW
GetLongPathNameW
CreateMutexW
Process32NextW
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
OpenFileMappingA
QueryDosDeviceW
GetLogicalDriveStringsW
Module32NextW
Module32FirstW
GetModuleHandleW
GetModuleFileNameW
GetFileAttributesW
GetCurrentThreadId
DeleteFileW
OpenMutexW
FreeLibrary
GetCommandLineW
GetCurrentProcessId
lstrlenW
WideCharToMultiByte
CreateFileW
GetFileSize
CloseHandle
CopyFileW
CreateFileMappingW
MapViewOfFile
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
FlushFileBuffers
GetProcessHeap
SetEndOfFile
SetStdHandle
HeapReAlloc
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
HeapCreate
SetFilePointer
SetHandleCount
UnmapViewOfFile
SetFileAttributesW
GetPrivateProfileIntW
SetLastError
WritePrivateProfileStringW
GetLastError
lstrlenA
MultiByteToWideChar
OutputDebugStringW
LoadLibraryW
GetProcAddress
ReadFile
GetCurrentDirectoryW
GetFileType
PeekNamedPipe
GetFileInformationByHandle
GetFullPathNameW
InitializeCriticalSectionAndSpinCount
GetStringTypeW
ExitProcess
GetModuleHandleA
LoadLibraryA
GetCurrentProcess
FlushInstructionCache
VirtualAlloc
CreateFileMappingA
CreateFileA
VirtualFree
lstrcmpiA
VirtualProtect
VirtualQuery
GetCurrentDirectoryA
GetUserDefaultLCID
GetSystemDefaultLCID
GetThreadLocale
lstrcmpA
MulDiv
lstrcpyA
lstrcpyW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
RtlUnwind
DecodePointer
EncodePointer
RaiseException
GetLocalTime
GetTimeZoneInformation
GetSystemTimeAsFileTime
CreateDirectoryW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileExW
HeapAlloc
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetStdHandle
GetLocaleInfoW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
Sleep
HeapSize
GetPrivateProfileStringW

user32

SetWindowPos
IsWindow
PostQuitMessage
SetCursor
ClipCursor
EndDialog
DialogBoxParamW
BeginPaint
GetClientRect
DrawTextW
EndPaint
LoadIconW
LoadCursorW
RegisterClassExW
LoadStringW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
UpdateWindow
DefWindowProcW
MessageBoxW
KillTimer
SendMessageA
RegisterWindowMessageA
RedrawWindow
RegisterClassExA
wsprintfA
UnregisterClassA
CreateIconFromResource
LookupIconIdFromDirectory
LoadMenuIndirectA
DefWindowProcA
GetParent
InvalidateRect
ReleaseCapture
SetCapture
GetWindowLongA
ReleaseDC
GetDC
CreateAcceleratorTableA
FillRect
InvalidateRgn
PostMessageA
GetWindowDC
GetUpdateRect
GetWindow
IsChild
GetFocus
SetFocus
DestroyAcceleratorTable
SetWindowLongA
CallWindowProcA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
SetTimer
PostMessageW
DestroyWindow
SendMessageW
ShowWindow
FindWindowExW
GetDesktopWindow
GetWindowRect
CreateWindowExW
SetWindowTextW
MoveWindow
GetWindowLongW
SetWindowLongW
SetForegroundWindow

shell32

ShellExecuteExW

bugrpt

BR_pfPreBugReport
BR_pfPostBugReport
BR_Init
BR_SetUin
BR_SetVersion
BR_SetLogSession
BR_SetLcid
BR_SetSender
BR_SetSenderExtCmd
BR_SetLogFileMd5Dir

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

psapi

GetModuleFileNameExA
GetProcessImageFileNameW

ws2_32

inet_addr
ntohl
inet_ntoa

gdi32

DeleteDC
GetDeviceCaps
CreateDCA
DeleteObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetRgnBox
SelectClipRgn
CreateRectRgnIndirect
CreateDIBSection
CreateSolidBrush

ole32

CreateStreamOnHGlobal
OleLockRunning
CoCreateGuid
CoInitialize
CoUninitialize

oleaut32

SysFreeString
SysAllocString

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Sections

.text
Size: 542KB - Virtual size: 541KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 79KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 407KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dfda9dd782df139a140c1260644c11c3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

bugrpt

version

psapi

ws2_32

gdi32

ole32

oleaut32

advapi32

Sections

.text Size: 542KB - Virtual size: 541KB

.rdata Size: 97KB - Virtual size: 97KB

.data Size: 79KB - Virtual size: 106KB

.rsrc Size: 407KB - Virtual size: 408KB

.text
Size: 542KB - Virtual size: 541KB

.rdata
Size: 97KB - Virtual size: 97KB

.data
Size: 79KB - Virtual size: 106KB

.rsrc
Size: 407KB - Virtual size: 408KB