4c79ef72ca64baf7100ca496efb5db706411c9806581373a11c9d2164cf3cf1d

Sharing

Copy URL Twitter E-mail

General

Target

4c79ef72ca64baf7100ca496efb5db706411c9806581373a11c9d2164cf3cf1d
Size

932KB
MD5

0e20515469a0afed3a8d8a0034114fd7
SHA1

9bf73c68f18e8d6aa5c6da1b45811b084a3e5e81
SHA256

4c79ef72ca64baf7100ca496efb5db706411c9806581373a11c9d2164cf3cf1d
SHA512

5376e80b56e7091f7da9d55905077e7fd7cda5817f516c0955cc0e9911574294f8aea6808676e8cf2b9fb5d7171b9158f30ebfa7b2edda2fcaff25804427a9d0
SSDEEP

24576:kH9wr+excRajW3Qo3xvbTwAfHJwnniE0fsfOFVTd0wUO1voP5YwQgHTdIic:lWimnpoP+wQwTj

Score

N/A

Malware Config

Signatures

Files

4c79ef72ca64baf7100ca496efb5db706411c9806581373a11c9d2164cf3cf1d
.exe windows x86

d6b7107c685f2718b3942a5997f4fadb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexW
GetPrivateProfileIntW
CreateMutexW
WaitForSingleObject
FormatMessageW
Sleep
CreateFileW
WriteFile
ReadFile
FindResourceW
GlobalLock
LoadLibraryExW
SizeofResource
lstrlenW
GetPrivateProfileStringW
GetTickCount
CompareStringW
CompareStringA
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCurrentDirectoryA
SetEnvironmentVariableA
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
IsValidLocale
SetCurrentDirectoryW
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
CloseHandle
HeapDestroy
SetHandleCount
GetConsoleMode
GetConsoleCP
HeapSize
SetConsoleCtrlHandler
FindFirstFileA
GetDriveTypeA
GetFullPathNameA
SetStdHandle
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
CreateDirectoryW
GetFileType
PeekNamedPipe
FileTimeToLocalFileTime
FileTimeToSystemTime
GetStartupInfoA
GetCommandLineA
CreateThread
ExitThread
VirtualQuery
VirtualProtect
HeapReAlloc
GetModuleHandleA
GetFileAttributesA
MoveFileA
RaiseException
MulDiv
lstrlenA
FlushInstructionCache
MultiByteToWideChar
GlobalAlloc
GetCurrentProcess
lstrcmpW
InterlockedDecrement
SetLastError
GlobalUnlock
LoadResource
GetLastError
lstrcmpiW
FreeLibrary
HeapCreate
InterlockedIncrement
GetModuleHandleW
GetModuleFileNameW
DeleteFileW
EnterCriticalSection
GetCurrentThreadId
LeaveCriticalSection
InitializeCriticalSection
EnumSystemLocalesA
DeleteCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileInformationByHandle
CreateFileA
GetTimeZoneInformation
QueryPerformanceCounter
WaitForMultipleObjects
WaitForMultipleObjectsEx
GlobalFree
ReleaseMutex
SetEvent
CreateMutexA
TlsGetValue
GetExitCodeThread
TryEnterCriticalSection
ResetEvent
ReleaseSemaphore
SetThreadPriority
CreateSemaphoreA
ResumeThread
CreateEventA
SuspendThread
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThread
FlushFileBuffers
GetComputerNameA
GetCurrentProcessId
GetSystemInfo
SetEndOfFile
ExitProcess
GetEnvironmentStrings
GetFileSize
SetFilePointer
GetLocalTime
FindFirstFileW
FindNextFileW
FindClose
MoveFileW
InterlockedExchange
GetVersionExA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetACP
GetLocaleInfoA
GetThreadLocale
GetStdHandle
FormatMessageA
LocalFree
WideCharToMultiByte
TerminateProcess
GetSystemTimeAsFileTime
DuplicateHandle
GetModuleFileNameA

user32

LoadIconW
InvalidateRect
UnregisterClassA
PostQuitMessage
DefWindowProcW
ReleaseDC
SetLayeredWindowAttributes
GetDC
BeginPaint
GetCursorPos
SendMessageW
EndPaint
ScreenToClient
CallWindowProcW
CreateAcceleratorTableW
ClientToScreen
GetDlgItem
GetClientRect
IsChild
GetWindow
RegisterClassExW
CharNextW
UnregisterClassW
SetCapture
MessageBoxW
FillRect
SetClassLongW
GetSystemMetrics
UpdateWindow
PeekMessageW
DispatchMessageW
TranslateMessage
AdjustWindowRectEx
OffsetRect
GetWindowRect
DrawTextW
CreateDialogParamW
EnableWindow
ShowWindow
SetRect
EndDialog
PostMessageW
SetFocus
CreateWindowExW
RegisterWindowMessageW
GetWindowLongW
GetClassInfoExW
SetWindowLongW
GetWindowTextLengthW
GetDesktopWindow
SetWindowTextW
MoveWindow
GetSysColor
IsWindow
SetWindowPos
GetWindowTextW
ReleaseCapture
GetClassNameW
GetFocus
InvalidateRgn
RedrawWindow
DestroyWindow
LoadCursorW
DestroyAcceleratorTable
GetParent

gdi32

StretchBlt
SetBkMode
CreateFontW
CreateCompatibleBitmap
CreateSolidBrush
DeleteDC
DeleteObject
BitBlt
GetStockObject
GetDeviceCaps
SelectObject
GetObjectW
CreateCompatibleDC
SetBkColor
SetTextColor
CreateDIBSection

advapi32

RegCloseKey
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegisterEventSourceA
RegSetValueExA
DeregisterEventSource
RegCreateKeyA
ReportEventA

shell32

ShellExecuteW

ole32

CoTaskMemFree
OleLockRunning
CoGetClassObject
CoTaskMemRealloc
CreateStreamOnHGlobal
CoCreateInstance
OleUninitialize
CoTaskMemAlloc
CLSIDFromString
OleInitialize
StringFromGUID2
CLSIDFromProgID

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString
VariantClear
DispCallFunc
VarUI4FromStr
OleCreateFontIndirect
VariantInit
SysStringByteLen
LoadRegTypeLi
LoadTypeLi
SysStringLen

ws2_32

gethostname
gethostbyname
inet_addr
getservbyname
gethostbyaddr
ioctlsocket
ntohs
WSAGetLastError
shutdown
getsockname
WSAEnumNetworkEvents
listen
WSASend
getsockopt
accept
send
WSAStartup
closesocket
connect
socket
bind
getpeername
recv
WSACleanup
select
__WSAFDIsSet
WSAEventSelect

wininet

InternetConnectW
HttpSendRequestW
InternetAttemptConnect
InternetCloseHandle
HttpOpenRequestW
InternetQueryDataAvailable
InternetReadFile
HttpQueryInfoW
InternetOpenW

msimg32

TransparentBlt

Sections

.text
Size: 684KB - Virtual size: 681KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d6b7107c685f2718b3942a5997f4fadb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

ws2_32

wininet

msimg32

Sections

.text Size: 684KB - Virtual size: 681KB

.rdata Size: 140KB - Virtual size: 139KB

.data Size: 28KB - Virtual size: 47KB

.rsrc Size: 16KB - Virtual size: 14KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 684KB - Virtual size: 681KB

.rdata
Size: 140KB - Virtual size: 139KB

.data
Size: 28KB - Virtual size: 47KB

.rsrc
Size: 16KB - Virtual size: 14KB

.rmnet
Size: 60KB - Virtual size: 60KB