49752434ece2967ff89c23d5f9447935a13963839d2713a5907e23fabc499cc2

Sharing

Copy URL Twitter E-mail

General

Target

49752434ece2967ff89c23d5f9447935a13963839d2713a5907e23fabc499cc2
Size

258KB
MD5

2bdcb3260d36f75270a4b688182a6570
SHA1

afbf29fafd4108889151d056706477b328f5537c
SHA256

49752434ece2967ff89c23d5f9447935a13963839d2713a5907e23fabc499cc2
SHA512

00bbcb251fc8bd7c0c66d4a70075b7a3af3eed242e4830d6e51e7a7f9bd6570a9c911aec5c330ced257daff1e34dc6d3660c4e5e87149c5b8c2c7add13099226
SSDEEP

6144:9WaoAn+dFBG8lIlCtukCoIx9ZxMfhIbP84I2Wm3N6C9oPg:RoW+dCLk/Ix1qhII1mIC9wg

Score

N/A

Malware Config

Signatures

Files

49752434ece2967ff89c23d5f9447935a13963839d2713a5907e23fabc499cc2
.exe windows x86

76eabba519900fb9d6b50d88be936ee4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DeregisterEventSource
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegQueryValueExW
RegCloseKey
ReportEventA
RegisterEventSourceW
RegEnumValueA
GetUserNameA

comctl32

ord17

gdi32

GetDeviceCaps
DeleteDC
RestoreDC
DeleteObject
GetTextFaceA
SelectObject
CreateFontA
GetTextMetricsA
SetMapMode
SaveDC
Polyline
CreatePen
ExtTextOutW
GetTextExtentPoint32W
SetTextAlign
SetBkMode
SetTextColor
CreateFontIndirectA
GetObjectA

kernel32

GetModuleHandleA
MultiByteToWideChar
GetCommandLineA
GetCommandLineW
MapViewOfFile
ReleaseMutex
WaitForSingleObject
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
ExitProcess
GetStartupInfoA
GetStartupInfoW
CloseHandle
CreateThread
Sleep
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
MulDiv
WideCharToMultiByte
GetModuleFileNameA
LoadLibraryA
GetSystemDefaultLangID
GetProcAddress
GetUserDefaultLangID
GetACP
GetSystemDefaultLCID
GetVersionExA
FreeLibrary
InitializeCriticalSection
GetProcessHeap
DeleteCriticalSection
lstrcpyA
GetLastError
GetProfileStringA
SetEvent
CreateSemaphoreA
CreateFileMappingA
GetFileSize
CreateFileA
UnmapViewOfFile
DeleteFileA
DeleteFileW
GetTickCount
SetEnvironmentVariableA
ReadProcessMemory
GetSystemInfo
GetFileAttributesA
CreateDirectoryA
WriteFile
SetFilePointer
CreateFileW
GetTempPathA
GetTempPathW
GetFileAttributesW
CreateDirectoryW
LockResource
LoadResource
FindResourceExA
GetSystemDirectoryA
SetEndOfFile
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
IsDBCSLeadByte
CreateProcessA
CreateProcessW
SuspendThread
GetSystemTime
GetComputerNameA
CreateMutexA
TlsAlloc
TlsFree
TlsSetValue
VirtualFree
TlsGetValue
VirtualQueryEx
HeapAlloc
SetLastError
GetLocaleInfoA
IsValidCodePage
VirtualAlloc
DuplicateHandle
lstrcmpW
TerminateThread
GetCurrentProcessId
GetThreadSelectorEntry
ResumeThread
GetCurrentThreadId
GetThreadContext
HeapFree
LCMapStringA
LCMapStringW
GetSystemTimeAsFileTime
OutputDebugStringA
DebugBreak
RtlUnwind
GetStringTypeA
GetStringTypeW

oleaut32

SysFreeString
SystemTimeToVariantTime
SysAllocString
VariantTimeToDosDateTime
SysStringLen

shell32

ShellExecuteExA
ExtractIconExA

shlwapi

wnsprintfA

user32

CheckDlgButton
DrawFocusRect
SetWindowTextW
GetWindow
LoadCursorA
DestroyIcon
GetWindowPlacement
IsIconic
LoadStringW
GetWindowThreadProcessId
EnumWindows
CharPrevA
CallWindowProcA
CallWindowProcW
IsWindowUnicode
GetSysColor
SendDlgItemMessageA
GetClientRect
SetScrollInfo
SystemParametersInfoA
GetScrollInfo
SetDlgItemTextA
IsDlgButtonChecked
LoadIconA
GetDlgItem
ShowWindow
SetCursor
InvalidateRect
DialogBoxParamW
DialogBoxParamA
CreateDialogParamW
CreateDialogParamA
SetWindowTextA
GetDC
MapWindowPoints
GetSysColorBrush
FillRect
ReleaseDC
GetSystemMetrics
SetForegroundWindow
GetWindowLongA
GetWindowRect
SetWindowPos
RegisterClassExA
CreateWindowExA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
KillTimer
SetTimer
SendMessageA
PostMessageA
EnableWindow
DrawIconEx
DestroyWindow
SetWindowLongA
SetFocus
EndDialog
DefWindowProcA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoW

wininet

InternetSetOptionA
InternetWriteFile
HttpSendRequestExA
InternetCanonicalizeUrlA
InternetReadFileExA
HttpEndRequestA
InternetOpenA
InternetSetStatusCallback
InternetAutodial
InternetGetConnectedState
InternetQueryOptionA
HttpQueryInfoA
InternetCloseHandle
HttpOpenRequestA
InternetConnectA

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

76eabba519900fb9d6b50d88be936ee4

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

oleaut32

shell32

shlwapi

user32

version

wininet

Sections

.text Size: 164KB - Virtual size: 160KB

.data Size: 4KB - Virtual size: 30KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 164KB - Virtual size: 160KB

.data
Size: 4KB - Virtual size: 30KB

.rsrc
Size: 80KB - Virtual size: 80KB