a94cc404ed43cfad712ce9cccb6d9f9f2b5a7465f6566d918367362188aa711c

Sharing

Copy URL

Twitter E-mail

General

Target

a94cc404ed43cfad712ce9cccb6d9f9f2b5a7465f6566d918367362188aa711c
Size

564KB
MD5

916964e733ec38ce3487f1a2b7dbe4a1
SHA1

fe1e36293b43812d1c1d5ab043552bcb5b8b7cc0
SHA256

a94cc404ed43cfad712ce9cccb6d9f9f2b5a7465f6566d918367362188aa711c
SHA512

35fc03b314d4ad20af39a277ab6082bbdf79ebd55eac0974853975a2c5d4c04491bcba76602c937c2430458a6fe7bdca8c1ec6d919f4e3b281f4675cfbc9748b
SSDEEP

12288:Y7L6TBFYDQ5jmkkHZpDSuqryT4+KqFUM9kXjOewrIl7iyS:1BFYDQVW5dSuiYdKqgjl3ld

Score

N/A

Malware Config

Signatures

Files

a94cc404ed43cfad712ce9cccb6d9f9f2b5a7465f6566d918367362188aa711c
.exe windows x86

e0ffcba4942f621b9e72ad94ed547b89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractAssociatedIconW
SHGetPathFromIDListA
SheChangeDirExW
SHGetFileInfo
RealShellExecuteExW

comdlg32

ReplaceTextW

advapi32

LookupPrivilegeNameA
RegSetValueExW
RegDeleteValueW
RegSetKeySecurity
GetUserNameA
CryptDestroyHash
DuplicateToken

user32

PeekMessageW
GetWindowDC
UpdateWindow
GetWindowLongA
LoadMenuA
GetMenuInfo
GetWindow
GetKeyboardType
ShowWindow
CheckRadioButton
ScrollWindowEx
CloseWindow
CreateDialogParamA
SendIMEMessageExA
GetClassNameW
SetCaretBlinkTime
FreeDDElParam
MessageBoxA
GetClassLongA
FindWindowExA
EnumDisplayMonitors
DefWindowProcW
SetClassWord
SetMessageQueue
WINNLSEnableIME
CopyAcceleratorTableW
CreateDialogIndirectParamA
LoadCursorFromFileA
RegisterClassExW
SetWindowLongW
wvsprintfW
RealChildWindowFromPoint
ShowCursor
RegisterClassA
RegisterClassExA
CreateWindowExA
SetWindowTextW
EndPaint
SystemParametersInfoW
GetMenuItemInfoW
SetKeyboardState
IsWindow
GetWindowRect
ToUnicodeEx
IsMenu
GetNextDlgTabItem
DestroyWindow
GetClipboardFormatNameA
IsCharUpperA
GetThreadDesktop
EnumDesktopsA
SendMessageA
IntersectRect
SetThreadDesktop
GetWindowTextW
CharUpperBuffA
GetDesktopWindow
SetWindowsHookA
SetDebugErrorLevel
IsDlgButtonChecked
GetWindowModuleFileNameA
IsCharAlphaW
GetAncestor
OffsetRect

comctl32

ImageList_Copy
ImageList_GetFlags
InitCommonControlsEx
ImageList_GetBkColor
ImageList_Create

kernel32

GetStringTypeW
UnhandledExceptionFilter
SetTimeZoneInformation
EnumSystemLocalesA
Sleep
TlsAlloc
InterlockedIncrement
GetProfileSectionW
GetModuleFileNameA
GetLocaleInfoW
EnumDateFormatsW
GetCurrentProcess
CreateProcessA
HeapSize
GetProfileStringW
VirtualAlloc
DeleteCriticalSection
WriteFile
FillConsoleOutputCharacterW
SetLastError
InterlockedExchangeAdd
GetCommandLineW
EnumResourceNamesA
GetEnvironmentStrings
IsValidCodePage
GlobalReAlloc
WideCharToMultiByte
TlsGetValue
RtlUnwind
LeaveCriticalSection
GetEnvironmentStringsW
FlushFileBuffers
GetCurrencyFormatW
GetCommandLineA
SetFilePointer
HeapFree
GetCurrentThread
GetStartupInfoW
GetLocaleInfoA
EnumDateFormatsExA
GetUserDefaultLCID
GetStartupInfoA
CompareStringA
SetConsoleCursorInfo
WriteFileEx
CreateSemaphoreA
GetProcAddress
ReadFile
GetStringTypeA
GetFileTime
GetDateFormatA
GetTimeFormatA
HeapCreate
ExitProcess
GetSystemInfo
CloseHandle
FreeEnvironmentStringsW
AddAtomA
LockFile
VirtualProtect
IsBadWritePtr
lstrcatA
GetCPInfo
IsValidLocale
GetStdHandle
LCMapStringA
TlsSetValue
SetEnvironmentVariableA
QueryPerformanceCounter
LoadLibraryA
SetHandleCount
WriteConsoleOutputW
VirtualQuery
FillConsoleOutputAttribute
GetLastError
FlushInstructionCache
GetFileType
OpenMutexA
GetModuleHandleA
CompareStringW
IsDebuggerPresent
HeapDestroy
CreateMutexA
GetCurrencyFormatA
FormatMessageW
LCMapStringW
GetModuleFileNameW
TlsFree
TerminateProcess
InterlockedExchange
GetTickCount
MultiByteToWideChar
GetACP
VirtualFree
LocalLock
GetOEMCP
SetStdHandle
GetSystemTimeAsFileTime
EnterCriticalSection
GetVersionExA
WritePrivateProfileStringW
HeapLock
LocalShrink
InitializeCriticalSection
HeapAlloc
GetCurrentProcessId
HeapReAlloc
RtlZeroMemory
GetCurrentThreadId
FreeEnvironmentStringsA
GetTimeZoneInformation

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0ffcba4942f621b9e72ad94ed547b89

Headers

File Characteristics

Imports

shell32

comdlg32

advapi32

user32

comctl32

kernel32

Sections

.text Size: 180KB - Virtual size: 176KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 112KB - Virtual size: 135KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 180KB - Virtual size: 176KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 112KB - Virtual size: 135KB

.rsrc
Size: 16KB - Virtual size: 15KB