7540e2074bebc6c040424316d5689ca5f17a444f50042ea29ceb945bb25b1449

Sharing

Copy URL Twitter E-mail

General

Target

7540e2074bebc6c040424316d5689ca5f17a444f50042ea29ceb945bb25b1449
Size

230KB
MD5

190d41e2dbcdad080d53131293617e31
SHA1

bb91100615f582c1a79ebbfe3e6411d2bf58a5b5
SHA256

7540e2074bebc6c040424316d5689ca5f17a444f50042ea29ceb945bb25b1449
SHA512

d73eb06a3e1b01153c8c902a82b6644edeed4db3653e31e267b6c42f9f7ecf69182dd435019168487893705b96dead14d8d6e6a1b58f967037d876eeeafbb97f
SSDEEP

3072:YXbNPAVzx5b97c6F1MTZCOJJznLCG33AOnsRFXb7hPn32vO1:YXbNPezx5b9A6ITD/r3VSFL7

Score

N/A

Malware Config

Signatures

Files

7540e2074bebc6c040424316d5689ca5f17a444f50042ea29ceb945bb25b1449
.exe windows x86

62a8664f8a432cdb0a8ba44c1e17b1e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_mbschr
__lconv_init
_mbsinc
setlocale
_mbsrchr
??2@YAPAXI@Z
strrchr
strchr
strncpy
_ftol
strtoul
_except_handler3
_stricmp
_strnicmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
??3@YAXPAX@Z
_wcsicmp
isleadbyte
memmove
towlower
atoi
isspace
free
strncmp

advapi32

RegEnumKeyA
LookupPrivilegeValueA
OpenProcessToken
LookupAccountSidA
RegQueryValueA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
AdjustTokenPrivileges
RegQueryValueExA
RegCloseKey
AllocateAndInitializeSid
EqualSid
FreeSid
GetTokenInformation

kernel32

SetErrorMode
GetTempFileNameA
SetCurrentDirectoryA
GetModuleFileNameA
CloseHandle
GetCurrentProcess
CreateThread
LocalFree
FormatMessageA
LocalAlloc
GetLastError
CreateMutexA
GetVersionExA
DeleteCriticalSection
WaitForSingleObject
lstrlenA
lstrcmpiA
LeaveCriticalSection
EnterCriticalSection
GetVersion
GetTempPathA
GetCurrentDirectoryA
InitializeCriticalSection
lstrcpyA
GetEnvironmentStrings
HeapFree
GetProcessHeap
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
CopyFileA
CreateDirectoryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetEnvironmentVariableA
GetFileAttributesA
lstrcpynA
DeleteFileA
SetFileAttributesA
lstrcatA
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
GetDriveTypeA
ExpandEnvironmentStringsA
LoadLibraryA
FreeLibrary
LoadLibraryExA
DeviceIoControl
TerminateProcess
OpenProcess
FindClose
FindNextFileA
FindFirstFileA
CreateProcessA
lstrcmpA
SetEvent
CreateEventA
ResetEvent
WriteFile
SetCommState
GetCommState
SetCommTimeouts
ReadFile
ExitThread
WaitForMultipleObjects
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
SetLastError
HeapAlloc
IsDBCSLeadByte
FileTimeToDosDateTime
SetFilePointer
HeapReAlloc
FileTimeToLocalFileTime
CreateFileA
ExitProcess
DebugBreak

gdi32

GetDeviceCaps
CreateFontIndirectA
AddFontResourceA

user32

DialogBoxParamA
PostMessageA
EnableWindow
EndDialog
GetDlgItem
SetTimer
FindWindowA
RegisterClassExA
LoadStringA
GetClientRect
CopyRect
IsWindow
CreateWindowExA
EnumThreadWindows
LoadCursorA
SetCursor
GetSysColor
SendDlgItemMessageA
SetFocus
LoadIconA
SetWindowLongA
RedrawWindow
LoadImageA
EnumChildWindows
GetWindowLongA
GetWindowRect
ScreenToClient
SetWindowPos
ShowWindow
SystemParametersInfoA
GetDC
ReleaseDC
wsprintfA
GetParent
GetMessageA
TranslateMessage
DispatchMessageA
ExitWindowsEx
DefWindowProcA
SendMessageA
SetForegroundWindow
PostQuitMessage
InvalidateRect
MessageBoxA

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA
SHBrowseForFolderA

ole32

OleUninitialize
OleInitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CoUninitialize

comdlg32

GetOpenFileNameA

comctl32

InitCommonControlsEx
PropertySheetA
CreatePropertySheetPageA

setupapi

SetupFindFirstLineA
SetupOpenAppendInfFileA
SetupOpenInfFileA
SetupCloseInfFile
SetupFindNextLine
SetupGetStringFieldA
SetupGetLineCountA

log

LogReInitA
LogDeleteOnNextInit
LogEnd
LogA
SuppressAllLogPopups
LogBegin

migism

IsmReplacePhysicalObject
IsmGetRealPlatform
IsmGetTempFile
IsmInitialize
IsmSetPlatform
IsmSetEnvironmentFlag
IsmStartEtmModules
IsmStartTransport
IsmSetRollbackJournalType
IsmDoesRollbackDataExist
IsmPreserveJournal
IsmCanWriteRollbackJournal
IsmTerminate
IsmSetCancel
IsmSave
IsmLoad
IsmRollback
IsmRemoveAllUserSuppliedComponents
IsmSelectMasterGroup
IsmEnumFirstComponent
IsmEnumNextComponent
IsmExecute
IsmSendMessageToApp
IsmAppendEnvironmentMultiSz
IsmSetEnvironmentValue
IsmRegisterProgressBarCallback
IsmRegisterTransport
IsmSelectTransport
IsmSetTransportStorage
IsmIsComponentSelected
IsmSelectComponent
IsmAddComponentAlias
IsmGetTempStorage
TrackedIsmDuplicateString
TrackedIsmGetMemory
IsmSetEnvironmentString
IsmGetEnvironmentMultiSz
IsmSetEnvironmentMultiSz
IsmGetObjectTypeName
TrackedIsmGetNativeObjectName
IsmGetObjectTypeId
IsmAcquireObjectEx
TrackedIsmCreateObjectStringsFromHandleEx
TrackedIsmCreateObjectHandle
IsmDestroyObjectHandle
IsmReleaseMemory
IsmDestroyObjectString
IsmReleaseObject
TrackedIsmExpandEnvironmentString

shlwapi

ord16
StrDupA
PathIsDirectoryA
SHGetValueA
StrChrIA
PathAppendA
PathIsRootA

cabinet

ord11
ord14
ord10
ord13

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62a8664f8a432cdb0a8ba44c1e17b1e6

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

shell32

ole32

comdlg32

comctl32

setupapi

log

migism

shlwapi

cabinet

Sections

.text Size: 78KB - Virtual size: 78KB

.data Size: 2KB - Virtual size: 17KB

.rsrc Size: 149KB - Virtual size: 148KB

.text
Size: 78KB - Virtual size: 78KB

.data
Size: 2KB - Virtual size: 17KB

.rsrc
Size: 149KB - Virtual size: 148KB