de1dc4b1189aed94ac98690d4a04de0eb4cb41ead1592b97e8b1d120d2093738

Sharing

Copy URL Twitter E-mail

General

Target

de1dc4b1189aed94ac98690d4a04de0eb4cb41ead1592b97e8b1d120d2093738
Size

832KB
MD5

319d946f082acd4d2379007c49c97d70
SHA1

1fd59b53bebc6173b5298bb9ac65e87e3613073b
SHA256

de1dc4b1189aed94ac98690d4a04de0eb4cb41ead1592b97e8b1d120d2093738
SHA512

22d73e19e087df89fa9d7d2a619f74137bbfda872ff1f7cb537ae83a512735f9e04df3f75c68eea325f3616d22bcea67d6d873f9685a53b222e40c83b537e566
SSDEEP

12288:ygzgL8Cf/GJ39tt6M+YRNBNtAZxi+tcpKZcpI9wNxRhTKj60CCM:ygMACnG311RNBNtAZxRC8zWNxujS

Score

N/A

Malware Config

Signatures

Files

de1dc4b1189aed94ac98690d4a04de0eb4cb41ead1592b97e8b1d120d2093738
.exe windows x86

fee22b10341be3351829cb47fbdf780c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegQueryValueA
CryptDestroyHash
CryptDestroyKey
CryptAcquireContextA
CryptReleaseContext
CryptImportKey
CryptVerifySignatureA
CryptHashData
CryptCreateHash

crypt32

CertCloseStore
CryptMsgClose
CryptQueryObject
CertFreeCertificateContext
CertGetNameStringA
CertFindCertificateInStore
CryptMsgGetParam

kernel32

OpenEventA
FreeLibrary
GetProcAddress
LoadLibraryA
LoadResource
FindResourceExA
GlobalLock
LockResource
FindResourceA
LocalFree
FormatMessageA
GetUserDefaultLangID
FlushInstructionCache
GetCurrentProcess
InterlockedIncrement
Sleep
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
lstrcmpiA
InterlockedDecrement
CreateProcessA
SetUnhandledExceptionFilter
GetCommandLineA
SizeofResource
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcatA
FindFirstFileA
GetFileAttributesA
FindClose
FindNextFileA
GetWindowsDirectoryA
GetSystemDirectoryA
MoveFileA
DeleteFileA
WriteFile
CreateFileA
GlobalSize
GlobalFree
lstrcmpA
ReadFile
GlobalAlloc
GetFileSize
SetFilePointer
GetPrivateProfileStringA
WritePrivateProfileStringA
WritePrivateProfileSectionA
GetPrivateProfileSectionNamesA
CreateDirectoryA
CopyFileA
LocalAlloc
RemoveDirectoryA
GetTempPathA
ResetEvent
GetTempFileNameA
OutputDebugStringA
GetLocalTime
QueryPerformanceFrequency
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
SetEndOfFile
VirtualQuery
VirtualProtect
SearchPathA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
QueryPerformanceCounter
SystemTimeToFileTime
GlobalReAlloc
IsBadReadPtr
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
SetStdHandle
FlushFileBuffers
GetStringTypeW
GetStringTypeA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
LCMapStringW
SetEnvironmentVariableA
LCMapStringA
HeapSize
TerminateProcess
TlsGetValue
TlsAlloc
TlsSetValue
ExitProcess
GetVersion
GetStartupInfoA
GetTimeZoneInformation
HeapReAlloc
HeapAlloc
HeapFree
RaiseException
RtlUnwind
InterlockedExchange
CreateThread
SetEvent
WaitForSingleObject
CloseHandle
CreateEventA
lstrcpyA
EnterCriticalSection
LeaveCriticalSection
GetTickCount
GetCurrentThreadId
GetLastError
SetLastError
lstrlenA
GetVersionExA
CompareStringW
CompareStringA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
GlobalUnlock

user32

GetActiveWindow
EndDialog
DialogBoxParamA
GetSysColor
LoadStringA
CharLowerA
LoadCursorA
GetDlgItem
PtInRect
GetWindowRect
ClientToScreen
SetCursor
UpdateWindow
wsprintfA
MessageBoxA
SendDlgItemMessageA
GetDesktopWindow
ReleaseDC
GetDC
PostThreadMessageA
CharNextA
GetMessageA
CreateWindowExA
DestroyCursor
PostMessageA
RegisterClassExA
GetClassInfoExA
DefWindowProcA
CallWindowProcA
SetWindowTextA
ExitWindowsEx
KillTimer
SetWindowRgn
EnableMenuItem
RemovePropA
SetPropA
GetPropA
IsDialogMessageA
CharLowerBuffA
IsDlgButtonChecked
GetWindowLongA
InvalidateRect
ScreenToClient
FillRect
EndPaint
CreateDialogIndirectParamA
CreateDialogParamA
GetDlgCtrlID
SetWindowLongA
GetSysColorBrush
DialogBoxIndirectParamA
GetParent
GetWindow
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
PeekMessageA
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageA
DestroyWindow
EnableWindow
SetDlgItemTextA
SendMessageA
GetSystemMenu
AppendMenuA
ShowWindow
SetForegroundWindow
BeginPaint
IsWindow
LoadImageA

gdi32

CreateSolidBrush
SetBkColor
SetTextColor
CreateFontIndirectA
GetObjectA
RestoreDC
TextOutA
SetBkMode
SelectObject
SaveDC
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
GetStockObject
CreateRectRgn
DeleteObject

shell32

ShellExecuteA
ShellExecuteExA

ole32

CoLoadLibrary
CLSIDFromString
StgOpenStorage
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
StringFromCLSID
CoCreateInstance
CLSIDFromProgID
CoCreateGuid
StringFromGUID2
CoFreeUnusedLibraries
CoInitialize
CoUninitialize
ProgIDFromCLSID
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SafeArrayDestroy
DispCallFunc
SysStringByteLen
SysAllocStringByteLen
SafeArrayCreate
SafeArrayPutElement
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElement
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
VariantChangeType
VariantInit
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
GetErrorInfo
CreateErrorInfo
SetErrorInfo
VariantCopy
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString
SysAllocString

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 392KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�L��J�
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fee22b10341be3351829cb47fbdf780c

Headers

File Characteristics

Imports

advapi32

crypt32

kernel32

user32

gdi32

shell32

ole32

oleaut32

version

Sections

.text Size: 392KB - Virtual size: 390KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 32KB - Virtual size: 44KB

.rsrc Size: 100KB - Virtual size: 98KB

�L��J� Size: 228KB - Virtual size: 228KB

.text
Size: 392KB - Virtual size: 390KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 32KB - Virtual size: 44KB

.rsrc
Size: 100KB - Virtual size: 98KB

�L��J�
Size: 228KB - Virtual size: 228KB