812bab8d9bdb823063e1b41083a48e9fae5b5be4f6251c8289dc355a489b4ccd

Sharing

Copy URL Twitter E-mail

General

Target

812bab8d9bdb823063e1b41083a48e9fae5b5be4f6251c8289dc355a489b4ccd
Size

1.2MB
MD5

383021c8abd61821dc0f14b68eb01f90
SHA1

cca5818ede67134c19245dce77aed3611cde4c70
SHA256

812bab8d9bdb823063e1b41083a48e9fae5b5be4f6251c8289dc355a489b4ccd
SHA512

1e71d009c40aee51dd3228c14ed09434592c302a904b17b80434b8bbb5bf769613b886d7aebe77203e835a8621de8dc54c9f4130a05df9562bfd588dffadc0d1
SSDEEP

24576:LzKlBrfjrN5YJH3cZk4wcCgKjhyxXGbu9ASv+CqxkIG+3Qw:8fvNaMW4fPGjSvxqxkIGYQ

Score

N/A

Malware Config

Signatures

Files

812bab8d9bdb823063e1b41083a48e9fae5b5be4f6251c8289dc355a489b4ccd
.exe windows x86

677985dd414b6f56ecd6b5b040c4588e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle
HttpQueryInfoW
InternetSetOptionW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

msimg32

AlphaBlend

comctl32

_TrackMouseEvent

riched20

ord4

kernel32

GetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
SetFileAttributesW
GetCurrentThreadId
ResumeThread
ResetEvent
CreateEventW
SetEvent
WideCharToMultiByte
MultiByteToWideChar
FindClose
FindNextFileW
FindFirstFileW
LoadLibraryW
GetProcAddress
FreeLibrary
GetFullPathNameW
GetWindowsDirectoryW
GetCurrentDirectoryW
GetLongPathNameW
MoveFileW
MoveFileExW
SetCurrentDirectoryW
GetVersionExW
GetSystemInfo
InterlockedDecrement
GetCurrentProcess
TerminateProcess
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WriteProcessMemory
VirtualQueryEx
ReadProcessMemory
SetLastError
lstrcmpW
VirtualAllocEx
GetEnvironmentVariableW
GlobalUnlock
GlobalFree
GlobalLock
GlobalAlloc
MulDiv
InterlockedIncrement
FreeResource
FindResourceW
LoadResource
LockResource
SizeofResource
HeapFree
GetProcessHeap
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetCPInfo
LCMapStringW
LCMapStringA
ExitProcess
GetModuleHandleA
RaiseException
HeapReAlloc
RtlUnwind
CreateThread
ExitThread
GetStartupInfoW
GetVersionExA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
SetHandleCount
GetFileType
GetStartupInfoA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
QueryPerformanceCounter
GetCurrentProcessId
GetModuleHandleW
GetModuleFileNameW
Sleep
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetEnvironmentVariableW
GetModuleFileNameA
GetTempFileNameW
GetTempPathW
GetLocalTime
GetCommandLineW
GetLastError
OpenMutexW
GetExitCodeProcess
ReleaseMutex
CreateMutexW
OpenProcess
GetPrivateProfileIntW
WriteFile
GetPrivateProfileStringW
WritePrivateProfileStringW
DeleteFileW
GetFileSize
SetEndOfFile
lstrlenW
lstrlenA
SetFilePointer
CreateFileW
ReadFile
CreateProcessW
GetTickCount
CloseHandle
WaitForSingleObject
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetStdHandle
LoadLibraryA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
VirtualProtectEx

user32

GetMonitorInfoW
ShowCaret
SetCapture
BeginPaint
CreateCaret
GetKeyState
GetUpdateRect
GetFocus
ReleaseCapture
EndPaint
SetCaretPos
DestroyWindow
RegisterClassExW
GetMessageW
LoadImageW
IsWindow
CreateWindowExW
RegisterClassW
SendMessageW
SetFocus
EnableWindow
GetClassInfoExW
DestroyIcon
CharNextA
GetDC
ReleaseDC
MoveWindow
RedrawWindow
PtInRect
IntersectRect
IsRectEmpty
SetCursor
CharNextW
LoadCursorW
MonitorFromWindow
ScreenToClient
HideCaret
SetWindowRgn
UpdateLayeredWindow
TranslateAcceleratorW
LoadStringW
GetActiveWindow
GetParent
AttachThreadInput
MapWindowPoints
GetWindowTextLengthW
GetWindowTextW
GetWindowRect
IsIconic
IsChild
IsZoomed
SetForegroundWindow
SetWindowTextW
ShowWindow
GetForegroundWindow
PostQuitMessage
SetWindowsHookExW
InvalidateRect
LoadBitmapW
OffsetRect
FillRect
CharPrevW
CopyImage
ChildWindowFromPointEx
ClientToScreen
GetSysColor
GetCursorPos
IsWindowEnabled
FindWindowW
MessageBoxW
GetSystemMetrics
GetWindowThreadProcessId
IsWindowVisible
CallNextHookEx
EnumThreadWindows
GetClientRect
SystemParametersInfoW
GetDesktopWindow
wsprintfA
wsprintfW
PeekMessageW
PostMessageW
KillTimer
TranslateMessage
SetWindowPos
DispatchMessageW
SetTimer
SetWindowLongW
GetClassNameW
CallWindowProcW
DefWindowProcW
GetWindow
SetPropW
GetWindowLongW
GetPropW
GetAsyncKeyState
InvalidateRgn
CreateAcceleratorTableW
DestroyAcceleratorTable
DrawTextW
DrawIconEx
DrawFocusRect

gdi32

CreatePen
CreateRectRgnIndirect
ExtSelectClipRgn
GetClipBox
CreateFontIndirectW
MoveToEx
CombineRgn
GetStockObject
GetTextExtentPoint32W
SetBitmapBits
GetBitmapBits
TextOutW
SetBkMode
RoundRect
SetBkColor
StretchBlt
SetStretchBltMode
GetCharABCWidthsW
CreateSolidBrush
CreateCompatibleBitmap
Rectangle
ExtTextOutW
BitBlt
GetTextMetricsW
LineTo
CreateRoundRectRgn
CreateRectRgn
EnumFontsW
CreateCompatibleDC
CreateEllipticRgn
DeleteDC
CreateDIBSection
GetDeviceCaps
DeleteObject
SelectObject
SelectClipRgn
SetTextColor
GetObjectW

advapi32

RegSetValueExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

ShellExecuteExW
SHGetSpecialFolderPathW
CommandLineToArgvW
SHGetFolderPathW
ShellExecuteW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
CoUninitialize
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
OleDuplicateData
ReleaseStgMedium

oleaut32

SysFreeString
SysAllocString
VariantClear
OleLoadPicture

shlwapi

StrStrIA
StrStrIW

Sections

.text
Size: 848KB - Virtual size: 845KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

677985dd414b6f56ecd6b5b040c4588e

Headers

File Characteristics

Imports

wininet

version

msimg32

comctl32

riched20

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 848KB - Virtual size: 845KB

.rdata Size: 148KB - Virtual size: 145KB

.data Size: 12KB - Virtual size: 19KB

.tls Size: 4KB - Virtual size: 9B

.rsrc Size: 128KB - Virtual size: 127KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 848KB - Virtual size: 845KB

.rdata
Size: 148KB - Virtual size: 145KB

.data
Size: 12KB - Virtual size: 19KB

.tls
Size: 4KB - Virtual size: 9B

.rsrc
Size: 128KB - Virtual size: 127KB

.rmnet
Size: 60KB - Virtual size: 60KB