667c9e406948652fbc599db1360a45d841351a73c405d96dd80d55388ead2345

Sharing

Copy URL

Twitter E-mail

General

Target

667c9e406948652fbc599db1360a45d841351a73c405d96dd80d55388ead2345
Size

1.2MB
MD5

2c72267d76c74a23523e899d262f11e0
SHA1

af7b8e2ece95bc55e4147d9a899ecb8a6a409f68
SHA256

667c9e406948652fbc599db1360a45d841351a73c405d96dd80d55388ead2345
SHA512

5f2f1f0da699fc9db991385203628eca19876e753ff1c0bfe0db6af362415f20ddda2420bbec0b28e470fccf2a684370c92539969e7542dddb4842d977e0da08
SSDEEP

24576:nixdFM2AsQ9FA/jRIBdMSAa0Gf46yiTC/3Tz+8sHY:P2AsQzXACtCfv

Score

N/A

Malware Config

Signatures

Files

667c9e406948652fbc599db1360a45d841351a73c405d96dd80d55388ead2345
.exe windows x86

0a2d96bb7241807220f8eb62f276b869

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

storm

ord114
ord426
ord313
ord260
ord453
ord256
ord451
ord137
ord140
ord139
ord106
ord119
ord109
ord130
ord115
ord138
ord101
ord117
ord120
ord123
ord102
ord122
ord121
ord128
ord501
ord127
ord462
ord491
ord134
ord261
ord257
ord264
ord275
ord571
ord255
ord258
ord423
ord272
ord266
ord252
ord502
ord508
ord118
ord133
ord103
ord116
ord321
ord105
ord112
ord107
ord457
ord454
ord458
ord386
ord389
ord393
ord390
ord385
ord383
ord314
ord216
ord425
ord206
ord211
ord422
ord431
ord221
ord434
ord445
ord125
ord113
ord222
ord357
ord346
ord208
ord572
ord269
ord265
ord276
ord253
ord267
ord268
ord463
ord274
ord342
ord442
ord465
ord509
ord503
ord279
ord421
ord424
ord428
ord506
ord494
ord323
ord350
ord325
ord437
ord356
ord401
ord403
ord440
ord436
ord443
ord438
ord432
ord354
ord332
ord468
ord351
ord523
ord524
ord529
ord525
ord452
ord334
ord331

shell32

FindExecutableA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

kernel32

SetFileAttributesA
FileTimeToLocalFileTime
CreateProcessA
CreateDirectoryA
DeleteCriticalSection
LeaveCriticalSection
GetComputerNameA
GetSystemTime
GetLocalTime
InterlockedDecrement
InterlockedIncrement
CreateThread
TlsSetValue
ExitThread
SetConsoleCtrlHandler
GetStartupInfoA
GetVersion
ExitProcess
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
LCMapStringW
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
HeapFree
UnhandledExceptionFilter
RtlUnwind
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetEnvironmentVariableA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
VirtualAlloc
SetStdHandle
GetFileSize
FreeLibrary
FlushFileBuffers
CreateFileA
SetFilePointer
SetEndOfFile
ReadFile
GetLocaleInfoW
CompareStringA
CompareStringW
LoadLibraryA
GetProcAddress
GetCurrentThreadId
CompareFileTime
ResetEvent
SetEvent
FindResourceA
SizeofResource
LoadResource
GetSystemInfo
GetDiskFreeSpaceA
GlobalMemoryStatus
GetTimeZoneInformation
GetModuleFileNameA
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTickCount
Sleep
IsBadReadPtr
GetModuleHandleA
VirtualQuery
lstrcpynA
IsBadWritePtr
FormatMessageA
SetUnhandledExceptionFilter
InitializeCriticalSection
FileTimeToSystemTime
GetDateFormatA
EnterCriticalSection
GetLastError
CloseHandle
WaitForMultipleObjects
MulDiv
GetTimeFormatA
GetLogicalDriveStringsA
GetCommandLineA
RaiseException
LockResource
GetFileAttributesA
WaitForSingleObject
CreateEventA
GetDriveTypeA

user32

GetClientRect
LoadIconA
RegisterClassA
GetSystemMetrics
CreateWindowExA
GetLastActivePopup
GetTopWindow
EndDialog
SetWindowPos
SetDlgItemTextA
DialogBoxParamA
SetTimer
KillTimer
WaitForInputIdle
GetWindowThreadProcessId
EnumWindows
SetForegroundWindow
SetActiveWindow
SetWindowTextA
MessageBoxA
SetWindowLongA
ScreenToClient
GetSysColor
DrawTextA
UpdateWindow
EnableWindow
ShowWindow
SendDlgItemMessageA
GetWindowLongA
GetDlgItem
GetWindowRect
OffsetRect
InvalidateRect
GetFocus
GetParent
SendMessageA
GetDC
ReleaseDC
GetActiveWindow
SetRect
GetDesktopWindow
GetForegroundWindow
GetClassNameA
GetWindow
GetMessageA
PeekMessageA
DispatchMessageA
TranslateMessage
DefWindowProcA
EndPaint
LoadCursorA
SetCursor
GetCursorPos
FindWindowA
SetFocus
GetKeyState
PostMessageA
SetCapture
ReleaseCapture
DestroyAcceleratorTable
PtInRect
TranslateAcceleratorA
ShowCursor
SetCursorPos
BeginPaint
LoadStringA
IsIconic
LoadAcceleratorsA
ClipCursor

gdi32

SetTextColor
GetDeviceCaps
CreateFontA
MoveToEx
TextOutA
SetTextAlign
SetBkColor
GetPaletteEntries
GetTextExtentExPointA
ExtTextOutA
GetTextMetricsA
DeleteObject
GetObjectA
CreateFontIndirectA
CreateCompatibleDC
SelectObject
GetTextExtentPoint32A
DeleteDC
GetStockObject

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

advapi32

RegOpenKeyExA
RegDeleteValueA
GetUserNameA

Sections

.text
Size: 943KB - Virtual size: 943KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

efwhvbv
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tc
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0a2d96bb7241807220f8eb62f276b869

Headers

File Characteristics

Imports

storm

shell32

kernel32

user32

gdi32

version

advapi32

Sections

.text Size: 943KB - Virtual size: 943KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 90KB - Virtual size: 1.8MB

.rsrc Size: 5KB - Virtual size: 4KB

.tc Size: 87KB - Virtual size: 88KB

efwhvbv Size: - Virtual size: 4KB

.tc Size: 56KB - Virtual size: 60KB

.text
Size: 943KB - Virtual size: 943KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 90KB - Virtual size: 1.8MB

.rsrc
Size: 5KB - Virtual size: 4KB

.tc
Size: 87KB - Virtual size: 88KB

efwhvbv
Size: - Virtual size: 4KB

.tc
Size: 56KB - Virtual size: 60KB