0859aa914198a42e043f47218368a7f10dac75eae1e19a572e733e6f1f8c41d9

Sharing

Copy URL

Twitter E-mail

General

Target

0859aa914198a42e043f47218368a7f10dac75eae1e19a572e733e6f1f8c41d9
Size

1.2MB
MD5

117fce8252a4ef54e0c95bc213d7cc50
SHA1

73260e29b084116905014928362ab7570764d2bc
SHA256

0859aa914198a42e043f47218368a7f10dac75eae1e19a572e733e6f1f8c41d9
SHA512

ee9c0080dea4d2b537d9cba701f9fb13306484812cd240a54eaca0c6c9befd7ef105823f481aac89cb1efa272b67733af64fa3dcd2b3e12c5420fd7c3a97d0e7
SSDEEP

24576:Rvxf9NfXB5klHwHYHD0zNCjllc+TKA5m1lcat0k6z3:RtOH6QjllVH5mcpk6T

Score

N/A

Malware Config

Signatures

Files

0859aa914198a42e043f47218368a7f10dac75eae1e19a572e733e6f1f8c41d9
.exe windows x86

ff6de64585fabd347950f29cc86f44dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

GetProcAddress
GetModuleHandleW
lstrlenW
FreeLibrary
LoadLibraryW
GetVersionExW
lstrlenA
MultiByteToWideChar
FindClose
FindFirstFileW
InterlockedDecrement
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
FreeResource
LockResource
CreateEventW
SetLastError
GetCurrentThreadId
Sleep
FlushInstructionCache
CloseHandle
CreateThread
WaitForSingleObject
SetEvent
CreateSemaphoreW
ReleaseSemaphore
AreFileApisANSI
GetFileAttributesA
DeleteFileA
GetFileAttributesW
GetTempPathA
GetTempPathW
SetFilePointer
GetPrivateProfileStringW
SetEndOfFile
GetFileSize
LockFile
LockFileEx
UnlockFile
GetFullPathNameA
GetFullPathNameW
LoadLibraryA
GetSystemTime
GetSystemTimeAsFileTime
TlsSetValue
TlsGetValue
TlsAlloc
CreateFileA
CreateFileW
CompareStringW
WriteConsoleW
SetStdHandle
SetConsoleCtrlHandler
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileType
SetHandleCount
GetLocaleInfoW
GetTimeZoneInformation
FatalAppExitA
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetConsoleMode
GetConsoleCP
GetStdHandle
ExitProcess
HeapDestroy
DeleteFileW
MoveFileW
WriteFile
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileIntW
ReadFile
InitializeCriticalSection
DeleteCriticalSection
lstrcpyW
LocalFree
GetModuleFileNameW
GetProcessHeap
GetCommandLineW
GetLastError
SetEnvironmentVariableA
HeapFree
InterlockedPushEntrySList
FlushFileBuffers
HeapCreate
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCurrentThread
TlsFree
LCMapStringW
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCPInfo
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
GetDateFormatA
GetTimeFormatA
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
InterlockedExchange
GetStringTypeW
EncodePointer
DecodePointer
RtlUnwind
InterlockedCompareExchange

user32

UnregisterClassA
wsprintfW
CharNextW
GetSysColor
LoadCursorW
PtInRect
GetWindowRect
GetSubMenu
LoadMenuW
LoadIconW
SetCursor
SendMessageW
LoadBitmapW
SetLayeredWindowAttributes
GetWindowLongW
GetClientRect
TrackPopupMenu
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItem
EndDialog
SetWindowLongW
PostThreadMessageW
DialogBoxParamW
DispatchMessageW
TranslateMessage
GetMessageW

gdi32

PaintRgn
FrameRgn
SetTextColor
SetBkColor
GetObjectW
CreateFontIndirectW
CreateSolidBrush
CreateRoundRectRgn

advapi32

RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey

shell32

CommandLineToArgvW

ole32

OleRun
CLSIDFromString
CLSIDFromProgID
CoReleaseServerProcess
CoAddRefServerProcess
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

UnRegisterTypeLi
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
SysStringLen
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SysAllocStringLen
SysFreeString
VariantCopy
VariantClear
SysAllocString
VariantInit
CreateErrorInfo
GetErrorInfo
SetErrorInfo
RegisterTypeLi

secur32

GetUserNameExW

winhttp

WinHttpReceiveResponse
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpGetProxyForUrl
WinHttpCrackUrl
WinHttpConnect
WinHttpOpenRequest
WinHttpSetStatusCallback
WinHttpSendRequest
WinHttpOpen
WinHttpSetOption
WinHttpCloseHandle

Sections

.text
Size: 896KB - Virtual size: 896KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ff6de64585fabd347950f29cc86f44dd

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

secur32

winhttp

Sections

.text Size: 896KB - Virtual size: 896KB

.rdata Size: 124KB - Virtual size: 124KB

.data Size: 11KB - Virtual size: 22KB

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 81KB - Virtual size: 80KB

.reloc Size: 29KB - Virtual size: 28KB

.text Size: 102KB - Virtual size: 104KB

.text
Size: 896KB - Virtual size: 896KB

.rdata
Size: 124KB - Virtual size: 124KB

.data
Size: 11KB - Virtual size: 22KB

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 81KB - Virtual size: 80KB

.reloc
Size: 29KB - Virtual size: 28KB

.text
Size: 102KB - Virtual size: 104KB