b7ebd2a731f5e983dbe74805f7471b983a0aad4f7779f2bff0f6178dc9e77b50

Sharing

Copy URL Twitter E-mail

General

Target

b7ebd2a731f5e983dbe74805f7471b983a0aad4f7779f2bff0f6178dc9e77b50
Size

408KB
MD5

2cbe7759570179105a5dddfaf3da3c26
SHA1

ee6259ec187b74465321b9ac1fcba1585aa066eb
SHA256

b7ebd2a731f5e983dbe74805f7471b983a0aad4f7779f2bff0f6178dc9e77b50
SHA512

ef05f4e46d9932022bebbe87277412c7bfdc34cf67138d76c3c67e1b6164b808105155c292bebcb4d6a5b0e656ac5580ea3826fdcdb9d6782f17097966789a06
SSDEEP

6144:xRyvzCLROZd8ex/44h+/XcEy9zEdq9gVqKHapX/Q60FWgyM2vXoSVJ:7ybYO5pAq9EdSgVoJ9S0XoSb

Score

N/A

Malware Config

Signatures

Files

b7ebd2a731f5e983dbe74805f7471b983a0aad4f7779f2bff0f6178dc9e77b50
.exe windows x86

23d011901f94d392e7281cb037dcaf23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHEmptyRecycleBinA

wininet

InternetCrackUrlA
GopherFindFirstFileA

advapi32

RegSaveKeyA
CreateServiceA
CryptCreateHash
RegDeleteValueW
CryptSetProvParam
RegQueryInfoKeyW
CryptEnumProviderTypesA
RegEnumValueA
RegDeleteValueA
CryptSetProviderExA
RegSetValueExA
CryptSetProviderA
ReportEventA
DuplicateToken
RegEnumKeyW
RegCreateKeyA
RegQueryMultipleValuesA
AbortSystemShutdownA
CryptEnumProvidersA
LogonUserA
CryptEnumProviderTypesW
CryptVerifySignatureA
LookupPrivilegeValueA

comctl32

ImageList_SetFilter
ImageList_Copy
MakeDragList
InitCommonControlsEx
ImageList_Write
InitMUILanguage
CreateStatusWindowW
ImageList_ReplaceIcon
ImageList_DragMove
ImageList_BeginDrag
ImageList_DragEnter
ImageList_SetIconSize
CreatePropertySheetPageA
ImageList_Merge
ImageList_GetIcon
CreateStatusWindow
CreateMappedBitmap
ImageList_LoadImageA
ImageList_DragLeave
ImageList_SetOverlayImage
ImageList_LoadImageW
GetEffectiveClientRect
CreateToolbar
DrawStatusTextW

kernel32

OpenMutexA
SetLastError
SetEnvironmentVariableA
GetEnvironmentStrings
GetStringTypeW
GetFileAttributesExA
InterlockedIncrement
OpenMutexW
TlsFree
GetOEMCP
MultiByteToWideChar
TlsAlloc
GlobalAlloc
VirtualAllocEx
IsBadWritePtr
SetFilePointer
HeapCreate
FreeEnvironmentStringsW
SetHandleCount
DeleteCriticalSection
QueryPerformanceCounter
GetStringTypeA
ExitProcess
CompareStringW
GetSystemTimeAsFileTime
TlsSetValue
InitializeCriticalSection
VirtualFree
GetCurrentThread
GetLocalTime
EnterCriticalSection
WideCharToMultiByte
ReadFile
EnumResourceNamesA
GetCurrentThreadId
LoadLibraryA
TerminateProcess
SetStdHandle
CreateMutexA
LeaveCriticalSection
FlushFileBuffers
GetCommandLineA
RtlUnwind
GetCurrentProcessId
CloseHandle
FreeEnvironmentStringsA
GetTimeZoneInformation
GetFullPathNameW
GetModuleHandleA
InterlockedExchange
GetProcAddress
HeapAlloc
LCMapStringA
FlushConsoleInputBuffer
WriteFile
LCMapStringW
HeapReAlloc
GetVolumeInformationA
GetFileSize
GetCurrentProcess
GetEnvironmentStringsW
GetCPInfo
GetFileType
UnhandledExceptionFilter
HeapFree
GetStartupInfoA
GetLastError
VirtualAlloc
GetModuleFileNameA
GetSystemTime
TlsGetValue
GetACP
VirtualQuery
CompareStringA
InterlockedDecrement
GetStdHandle
HeapDestroy
GetTickCount
GetVersion

user32

OpenDesktopW
InvertRect
LockWindowUpdate
ClientToScreen
IsCharAlphaA
CopyIcon
GetClipboardData
DefFrameProcW
LoadImageA
GetInputDesktop
GetClassInfoExA
GetKBCodePage
CharUpperBuffA
WINNLSEnableIME
DestroyWindow
ShowWindow
GetClassLongA
DefWindowProcW
DialogBoxParamA
MessageBoxW
PostQuitMessage
DestroyIcon
ShowCaret
SendDlgItemMessageW
GetAsyncKeyState
UpdateWindow
GetSysColor
EnumDisplaySettingsExW
SwapMouseButton
GetForegroundWindow
ReleaseCapture
GetSysColorBrush
GetClientRect
RegisterClassA
GetMenuStringA
MapVirtualKeyW
DdeQueryConvInfo
TabbedTextOutA
GetMenuBarInfo
DlgDirSelectComboBoxExW
LoadAcceleratorsA
DdeInitializeW
RemovePropA
CreateDialogIndirectParamA
GetWindowLongW
TileWindows
SendMessageTimeoutW
DefDlgProcW
CreateWindowExA
CountClipboardFormats
GetShellWindow
GetDlgItemTextW
DrawAnimatedRects
IsClipboardFormatAvailable
WINNLSGetIMEHotkey
SetWindowPos
InsertMenuW
EnumThreadWindows
RegisterClassExA
ToAscii
ReuseDDElParam
GetWindowTextA
GetSystemMenu
ActivateKeyboardLayout
SetFocus
LoadKeyboardLayoutA
SetDlgItemTextW
DdeFreeDataHandle
TrackPopupMenuEx

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23d011901f94d392e7281cb037dcaf23

Headers

File Characteristics

Imports

shell32

wininet

advapi32

comctl32

kernel32

user32

Sections

.text Size: 124KB - Virtual size: 121KB

.rdata Size: 100KB - Virtual size: 96KB

.data Size: 96KB - Virtual size: 98KB

.rsrc Size: 84KB - Virtual size: 81KB

.text
Size: 124KB - Virtual size: 121KB

.rdata
Size: 100KB - Virtual size: 96KB

.data
Size: 96KB - Virtual size: 98KB

.rsrc
Size: 84KB - Virtual size: 81KB