f932be30b2856f0a7b3507186b1d31ffc420a3a484e4963b7181a572df00173b

Sharing

Copy URL Twitter E-mail

General

Target

f932be30b2856f0a7b3507186b1d31ffc420a3a484e4963b7181a572df00173b
Size

788KB
MD5

78c20844f591528220b81c5ab25bdd2b
SHA1

78bdcbe0cdbc4725657b9c4ce872595cc7077ef3
SHA256

f932be30b2856f0a7b3507186b1d31ffc420a3a484e4963b7181a572df00173b
SHA512

4afafe4e4a40414f4c175446a50fdf7084a47619714fcf1c3bb0c0cfd10f988eca2294081377410d1fd7b545d2cd2ee5e01c849ea1d58aecd70ba3ffa47d09d1
SSDEEP

12288:QgwBr+ZcxDs6EV261cZ0dS+JZlEiA/oy0yn2uFYzmDrNc9LDiuXD7J2zF:QBrlxHE2McZ0HJlknxFE1f9Qz

Score

N/A

Malware Config

Signatures

Files

f932be30b2856f0a7b3507186b1d31ffc420a3a484e4963b7181a572df00173b
.exe windows x86

719cc7ff04363d69a9741051d07e120b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConvertDefaultLocale
TlsSetValue
GetProcAddress
LocalHandle
VirtualFree
EnumTimeFormatsA
HeapAlloc
IsBadWritePtr
HeapCreate
LocalLock
FileTimeToLocalFileTime
WriteFile
InterlockedDecrement
GetSystemTime
GetSystemDefaultLangID
GetStartupInfoW
GetFileSize
GetVolumeInformationA
lstrcpynA
InterlockedExchangeAdd
MultiByteToWideChar
FlushInstructionCache
GetComputerNameA
GetTickCount
EnumSystemLocalesA
FreeEnvironmentStringsW
GetDiskFreeSpaceA
LCMapStringA
GetEnvironmentStrings
InterlockedIncrement
GetModuleFileNameA
SetLastError
TlsAlloc
DeleteFiber
MapViewOfFileEx
HeapReAlloc
CompareStringA
WideCharToMultiByte
DeleteAtom
WaitForMultipleObjects
GetCommandLineA
GetStdHandle
GetConsoleTitleA
GetCPInfo
GetStringTypeA
RtlUnwind
GetEnvironmentStringsW
LeaveCriticalSection
WritePrivateProfileSectionW
LCMapStringW
GetCurrentThread
FlushFileBuffers
GlobalAddAtomW
DosDateTimeToFileTime
GlobalAlloc
GetModuleFileNameW
GetCommandLineW
GetPrivateProfileStructA
QueryPerformanceCounter
TlsGetValue
EnterCriticalSection
SetStdHandle
AllocConsole
MoveFileExA
FlushConsoleInputBuffer
SetThreadPriority
GetLastError
CompareStringW
GetStartupInfoA
GetCurrentProcess
LocalReAlloc
CreateMutexA
GetCurrentProcessId
TerminateThread
HeapFree
OpenProcess
FormatMessageW
InitializeCriticalSection
GetProcessHeaps
ReadFileEx
TransactNamedPipe
LoadLibraryA
SetEnvironmentVariableA
WriteConsoleInputA
ReadFile
TerminateProcess
ReleaseSemaphore
RtlFillMemory
TlsFree
GetSystemTimeAsFileTime
CommConfigDialogW
FindNextFileA
ExitProcess
CloseHandle
GetVersion
UnhandledExceptionFilter
GetCurrentThreadId
HeapDestroy
GetCurrencyFormatA
GetFileType
InterlockedExchange
GetTimeZoneInformation
DeleteCriticalSection
GlobalAddAtomA
SetFilePointer
VirtualQuery
GetStringTypeW
GetProcessShutdownParameters
AddAtomW
OpenMutexA
GetLocalTime
SetHandleCount
VirtualAlloc
GetModuleHandleA
SetWaitableTimer
FreeEnvironmentStringsA

advapi32

CryptSetProviderA
CryptCreateHash
RegDeleteValueW
StartServiceW
ReportEventW
LookupPrivilegeValueW
LookupPrivilegeDisplayNameW
RegOpenKeyA
CryptAcquireContextA
LookupSecurityDescriptorPartsW
RegQueryValueA
CryptDeriveKey
RegCreateKeyA
RegQueryValueW
RegCreateKeyW
RegSaveKeyA
RegDeleteKeyW
RegSetValueA
RegEnumValueW
CryptGetProvParam

user32

LoadKeyboardLayoutA
EqualRect
MessageBoxW
RegisterClassExA
DdeConnectList
DrawFrame
CreateWindowExA
ChangeMenuA
SetScrollPos
ShowWindow
KillTimer
GetDesktopWindow
LookupIconIdFromDirectoryEx
FindWindowA
GetFocus
DefWindowProcW
RemovePropA
GetWindowTextLengthA
SendMessageTimeoutW
SetShellWindow
SetMenuDefaultItem
RegisterClassA
LoadMenuA
CallMsgFilter
SendIMEMessageExW
EnumDisplaySettingsExW
DestroyWindow

shell32

SHGetDiskFreeSpaceA
SHLoadInProc
DoEnvironmentSubstA
ShellExecuteExW
ExtractAssociatedIconExW

comctl32

ImageList_Duplicate
CreateStatusWindowW
CreateStatusWindow
ImageList_BeginDrag
CreateStatusWindowA
DrawStatusTextA
InitMUILanguage
ImageList_GetIcon
ImageList_SetImageCount
ImageList_Remove
ImageList_Read
ImageList_Copy
DrawStatusText
InitCommonControlsEx
ImageList_Replace
ImageList_GetImageRect
ImageList_AddIcon
ImageList_DragEnter

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 392KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

719cc7ff04363d69a9741051d07e120b

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shell32

comctl32

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 392KB - Virtual size: 388KB

.data Size: 140KB - Virtual size: 138KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 392KB - Virtual size: 388KB

.data
Size: 140KB - Virtual size: 138KB

.rsrc
Size: 60KB - Virtual size: 59KB