1e436f608e38fa0274e7f71e1befcb230dfb1c20dcc5237df34b0eba28a0cec6

Sharing

Copy URL Twitter E-mail

General

Target

1e436f608e38fa0274e7f71e1befcb230dfb1c20dcc5237df34b0eba28a0cec6
Size

238KB
MD5

cebd9ecb7b66b45c9a9ff580d19f0444
SHA1

ee9b620ab5fe48008bcb8704bd4bd8a7b1dda41f
SHA256

1e436f608e38fa0274e7f71e1befcb230dfb1c20dcc5237df34b0eba28a0cec6
SHA512

56d6afc0c2339b9bbfd0a0ed44942014b8d0319ee4450c6ada68c247bd2dfc34ffab61b57a6ecf36bc09e932fe7788b5a079ee3867d40522d29130df7f4ef824
SSDEEP

3072:ef9W8alsayQRgYy00AlY3Y9NfDKdw9ONbD5U3HjlhfS59KUNBCndS:eY8aiaPR1y00T3Y9J6E8byj67od

Score

N/A

Malware Config

Signatures

Files

1e436f608e38fa0274e7f71e1befcb230dfb1c20dcc5237df34b0eba28a0cec6
.exe windows x86

1dfd94ac23122ee0634a9c665914ef78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCheckConnectionA

urlmon

URLDownloadToFileA

ntdll

RtlUnwind
RtlNtStatusToDosError
RtlInterlockedPushEntrySList
RtlFreeHeap
RtlLengthSecurityDescriptor

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
CreateDirectoryA
GlobalAlloc
GlobalFree
GetPrivateProfileIntA
GetPrivateProfileStringA
GetCommandLineA
SetEvent
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
CloseHandle
FindResourceA
FreeResource
FreeLibrary
LoadResource
GetCurrentProcess
Process32First
GlobalLock
GetWindowsDirectoryA
OpenProcess
Sleep
SizeofResource
CreateProcessA
TerminateProcess
GlobalUnlock
GetLastError
lstrcmpiA
GetProcAddress
SetFileAttributesA
LoadLibraryA
Process32Next
LockResource
GetSystemInfo
GetModuleHandleA
CreateToolhelp32Snapshot
InterlockedIncrement
InterlockedDecrement
RaiseException
GetModuleFileNameA
GetCurrentThreadId
GetVersionExA
GetModuleHandleW
ExitProcess
TlsGetValue
TlsSetValue
TlsAlloc
LocalAlloc
LocalFree
SetLastError
GlobalReAlloc
GlobalHandle
LocalReAlloc
TlsFree
WideCharToMultiByte
GetCurrentProcessId
lstrlenA
MultiByteToWideChar
CompareStringA
GlobalGetAtomNameA
lstrcmpA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
DeleteFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
CreateFileA
GlobalFlags
GetLocaleInfoA
GetCPInfo
GetOEMCP
GetFileAttributesA
GetStartupInfoA
HeapAlloc
HeapFree
VirtualAlloc
VirtualQuery
HeapReAlloc
HeapSize
GetStdHandle
SetStdHandle
GetFileType
SetHandleCount
GetConsoleCP
GetConsoleMode
GetACP
IsValidCodePage
LCMapStringW
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
GetProcessHeap
GetTickCount

user32

GetWindowLongA
GetWindowThreadProcessId
GetMenuItemID
GetMenuState
ValidateRect
PeekMessageA
DispatchMessageA
CallNextHookEx
SetWindowsHookExA
LoadCursorA
GetWindowTextA
CheckMenuItem
ModifyMenuA
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindow
GetWindowPlacement
IsIconic
SystemParametersInfoA
SetWindowLongA
GetMenu
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
CopyRect
AdjustWindowRectEx
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
SetForegroundWindow
SetMenu
GetTopWindow
GetDlgItem
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
WinHelpA
LoadIconA
RegisterWindowMessageA
SetWindowTextA
GetLastActivePopup
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
PostQuitMessage
DestroyWindow
GetParent
GetDC
ReleaseDC
SetWindowPos
GetSubMenu
GetMenuItemCount
DestroyMenu
GetClientRect
PostThreadMessageA
WaitForInputIdle
wsprintfA
SendMessageA
PostMessageA
IsWindowEnabled
EnableWindow
MessageBoxA
UnhookWindowsHookEx
GetCapture
GetSysColorBrush
IsWindow
GetSystemMetrics
GetMessageTime
GetMessagePos
GetKeyState
PtInRect
GetSysColor
GetWindowRect
EnableMenuItem
ClientToScreen
MapWindowPoints

gdi32

ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
SetMapMode
GetStockObject
ExtTextOutA
GetClipBox
CreateBitmap
GetDeviceCaps
SaveDC
RestoreDC
SetBkColor
SetTextColor
DeleteDC
DeleteObject
SelectObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

CryptAcquireContextA
AllocateAndInitializeSid
CryptEncrypt
CryptCreateHash
FreeSid
CheckTokenMembership
CryptDecrypt
CryptDestroyHash
CryptHashData
OpenProcessToken
CryptDeriveKey
GetTokenInformation
CryptReleaseContext

shell32

ShellExecuteExA
ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantInit
VariantChangeType
VariantClear

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1dfd94ac23122ee0634a9c665914ef78

Headers

DLL Characteristics

File Characteristics

Imports

wininet

urlmon

ntdll

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

oleacc

Sections

.text Size: 141KB - Virtual size: 140KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 15KB - Virtual size: 32KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 34KB - Virtual size: 34KB

.text
Size: 141KB - Virtual size: 140KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 15KB - Virtual size: 32KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 34KB - Virtual size: 34KB