48ad6c60be6f55b4de810292774b08d810e67273665aaca0b2a5dbb9e185a98e

Sharing

Copy URL

Twitter E-mail

General

Target

48ad6c60be6f55b4de810292774b08d810e67273665aaca0b2a5dbb9e185a98e
Size

289KB
MD5

30d8838120dcb3dd6650d14311b29a10
SHA1

145973f20453d0c33583cb9dc5780d03181ee0e4
SHA256

48ad6c60be6f55b4de810292774b08d810e67273665aaca0b2a5dbb9e185a98e
SHA512

0775b58e7a9d1441140706362f94f4154aebba5ea98453379538cc9b59db42cf1dc571d131b798e151cffa8eba48f446166ae9876c995dfe067205c10fb2e7f9
SSDEEP

6144:oWByyF7fgMUnTwiYTXP5ItBzkPvTquBMkp:oanFUTXEKtmeqMg

Score

N/A

Malware Config

Signatures

Files

48ad6c60be6f55b4de810292774b08d810e67273665aaca0b2a5dbb9e185a98e
.exe windows x86

3db6a8a04f5e2fdb09541392d63c5209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameW
GetTempPathW
GetModuleFileNameW
InterlockedIncrement
DeleteFileW
LoadLibraryW
CreateThread
GetCurrentThreadId
GetCommandLineW
lstrcmpiA
ReadFile
CreateFileW
WideCharToMultiByte
GetProcAddress
OpenMutexW
CreateMutexW
InterlockedDecrement
OpenFileMappingW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
Sleep
WaitForMultipleObjects
ResetEvent
SetEvent
GetTickCount
OpenProcess
OpenEventW
lstrlenW
lstrlenA
MultiByteToWideChar
GetCurrentProcess
FlushInstructionCache
ReleaseMutex
lstrcmpiW
WaitForSingleObject
LCMapStringW
LCMapStringA
CompareStringA
FreeEnvironmentStringsW
GetCPInfo
IsBadWritePtr
FreeEnvironmentStringsA
VirtualFree
HeapCreate
EnterCriticalSection
CloseHandle
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
SetHandleCount
GetModuleHandleA
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
ExitThread
TlsGetValue
HeapFree
ResumeThread
RtlUnwind
TlsSetValue
LocalFree
GetEnvironmentStringsW
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
CreateEventW
GetModuleFileNameA
UnhandledExceptionFilter
TerminateThread
GetLastError
SetLastError
TlsAlloc
WriteFile
SetFilePointer
GetStartupInfoA
GetFileType
GetStdHandle
GetSystemTime
GetStringTypeA
IsBadCodePtr
InterlockedExchange
HeapSize
TerminateProcess
RaiseException
VirtualAlloc
GetLocalTime
GetStringTypeW
FlushFileBuffers
IsBadReadPtr
ExitProcess
GetVersion
GetCommandLineA
GetEnvironmentStrings
SetStdHandle
GetStartupInfoW
SetUnhandledExceptionFilter

user32

LoadStringW
GetClientRect
SetRectEmpty
PostMessageW
DefWindowProcW
DestroyWindow
SetTimer
SendMessageW
IsWindow
KillTimer
SetWindowLongW
GetWindowLongW
CallWindowProcW
CreateWindowExW
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
PeekMessageW
GetMessageW
PostThreadMessageW
CharNextW
EndPaint
IsChild
GetFocus
BeginPaint

gdi32

RestoreDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
GetDeviceCaps
DeleteDC

advapi32

RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegCreateKeyExW

ole32

CoCreateInstance
CoLoadLibrary
StringFromCLSID
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateGuid

oleaut32

VariantCopy
VariantChangeType
VariantInit
SysStringByteLen
LoadRegTypeLi
DispCallFunc
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
VariantClear
SysStringLen

atl

ord44
ord11
ord23
ord20
ord32
ord30
ord45
ord43
ord10
ord21
ord17
ord18
ord57
ord16
ord58
ord26
ord27

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shlwapi

PathFileExistsW

wininet

InternetSetCookieW
InternetCrackUrlA

ws2_32

gethostbyname
inet_addr
sendto
WSACleanup
closesocket
gethostname
htons
WSAGetLastError
socket
htonl
inet_ntoa
WSAStartup
ntohl
recvfrom
bind

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3db6a8a04f5e2fdb09541392d63c5209

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

atl

version

shlwapi

wininet

ws2_32

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 20KB - Virtual size: 22KB

.rsrc Size: 112KB - Virtual size: 112KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 20KB - Virtual size: 22KB

.rsrc
Size: 112KB - Virtual size: 112KB