9c20a3003b90000d862144817f13b781505c9ca6f8711d5e20f31ee4da7dff54

Sharing

Copy URL Twitter E-mail

General

Target

9c20a3003b90000d862144817f13b781505c9ca6f8711d5e20f31ee4da7dff54
Size

312KB
MD5

218d036e607d7d96d4c9a11c7ea0d8d0
SHA1

0e467631221196d5fba538a8a2290dbc62d3645b
SHA256

9c20a3003b90000d862144817f13b781505c9ca6f8711d5e20f31ee4da7dff54
SHA512

fffe5dbb14e6e67d93d4a487667f78bcfc89c1de93e65c5301dadb1b1e23c3ec9320be318fd19085cbac5e2b5b3ae00ded4496d5eb7b561b08d4dc9ef30d740b
SSDEEP

6144:/o6DlXn0pYRlq2dQMis9pBrdOLh4NILA7nDworz+5n:/o6DlXHlFd9is9pBYuN3bX+n

Score

N/A

Malware Config

Signatures

Files

9c20a3003b90000d862144817f13b781505c9ca6f8711d5e20f31ee4da7dff54
.exe windows x86

c195c1fb6d343fb2383ec5d2986b8f4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
CloseHandle
MultiByteToWideChar
GetModuleFileNameW
GetCurrentThreadId
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
Sleep
InterlockedIncrement
InterlockedDecrement
lstrlenW
lstrcpyW
GetModuleHandleW
GetLastError
FreeLibrary
LoadLibraryExW
lstrcmpiW
lstrcpynW
CreateMutexW
GetFileAttributesW
WideCharToMultiByte
WaitForSingleObject
ReleaseMutex
CreateFileW
WriteFile
FlushFileBuffers
TerminateThread
TerminateProcess
GetExitCodeProcess
CreateProcessW
GetCurrentProcessId
GetDiskFreeSpaceExW
ReadFile
CreateFileA
GetModuleFileNameA
DeleteFileW
GetDriveTypeW
GetLogicalDrives
GetSystemDefaultLangID
GetProcAddress
GetSystemInfo
GlobalMemoryStatus
GetComputerNameW
CreateThread
ResumeThread
lstrlenA
SetLastError
LocalFree
FindResourceExW
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetFilePointer
LoadLibraryA
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
LCMapStringW
LCMapStringA
VirtualProtect
UnhandledExceptionFilter
GetCPInfo
GetOEMCP
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
VirtualQuery
GetTickCount
QueryPerformanceCounter
GetStartupInfoW
ExitThread
GetModuleHandleA
GetSystemTimeAsFileTime
FindResourceW
LoadResource
InterlockedExchange
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
RtlUnwind
ExitProcess
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetACP

user32

DestroyWindow
RegisterWindowMessageW
SetWindowLongW
GetWindowLongW
SendMessageW
SetWindowTextW
ShowWindow
SetTimer
GetDlgItem
SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoW
GetWindowRect
GetWindow
GetParent
KillTimer
LoadMenuW
PostQuitMessage
UnregisterClassW
EnableMenuItem
DialogBoxParamW
GetActiveWindow
LoadStringW
wsprintfW
GetTopWindow
IsDialogMessageW
FindWindowW
DefWindowProcW
CharNextW
CreateDialogParamW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
MonitorFromPoint
GetMonitorInfoW
MessageBoxW
GetSubMenu
GetCursorPos
SetForegroundWindow
SetMenuDefaultItem
TrackPopupMenu
PostMessageW
DestroyMenu
GetSystemMetrics
LoadImageW
SetDlgItemTextW
EndDialog
PostThreadMessageW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegSetValueExW
RegCreateKeyW
GetUserNameW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyW
RegDeleteValueW

shell32

Shell_NotifyIconW
ShellExecuteW
SHCreateDirectoryExW
SHGetFolderPathW
SHGetMalloc
SHGetDesktopFolder
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantClear
VarBstrCmp
SysStringByteLen
SysFreeString
VarUI4FromStr
SysAllocStringLen
SysAllocString
SysAllocStringByteLen

shlwapi

PathRemoveFileSpecW

comctl32

InitCommonControlsEx

winmm

timeGetTime

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

InternetOpenUrlW
InternetOpenW
InternetCloseHandle
HttpQueryInfoW
InternetReadFile
HttpSendRequestW
InternetConnectW
HttpOpenRequestW
InternetQueryOptionW
InternetSetOptionW

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c195c1fb6d343fb2383ec5d2986b8f4d

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

winmm

version

wininet

iphlpapi

Sections

.text Size: 144KB - Virtual size: 141KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 72KB - Virtual size: 68KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 144KB - Virtual size: 141KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 72KB - Virtual size: 68KB

.rmnet
Size: 60KB - Virtual size: 60KB