336f1fed6b358d5ce5d3d65480269812484a1d4cf03266aca7f3ac2de991ba99

Sharing

Copy URL Twitter E-mail

General

Target

336f1fed6b358d5ce5d3d65480269812484a1d4cf03266aca7f3ac2de991ba99
Size

997KB
MD5

de7e3fd7e8fe28a72e34291ec1ebde0b
SHA1

b7ea57c22202aeda0b2f112bd0601b082e291b3a
SHA256

336f1fed6b358d5ce5d3d65480269812484a1d4cf03266aca7f3ac2de991ba99
SHA512

11b7c1ff2bbc3b845a61f1fc70134a18a13ee97affb59df692fca4ac6e1f6c3129a18db49551d4bc4642bc7cb8dbdd6dfc461a9123807596ffe72a4b4f613744
SSDEEP

24576:TngVm7cDfmP3DHz+CeiKGIbIwvUSL8vAO:TqJfOTTMiAjTuA

Score

N/A

Malware Config

Signatures

Files

336f1fed6b358d5ce5d3d65480269812484a1d4cf03266aca7f3ac2de991ba99
.exe windows x86

bbab1ef7f0343b9196f2db374b7e55c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
LocalFileTimeToFileTime
WideCharToMultiByte
GetFileAttributesW
WriteFile
SetFileTime
CreateProcessW
FindFirstFileExW
DeleteFileW
MoveFileExW
FindNextFileW
FindClose
RemoveDirectoryW
lstrcmpiW
CopyFileW
CreateToolhelp32Snapshot
Process32FirstW
GetCurrentProcess
OpenProcess
SetLastError
TerminateProcess
Process32NextW
lstrcatA
GetProcAddress
GetTempPathW
GetTempFileNameW
SizeofResource
GetTickCount
GetPrivateProfileIntW
GetPrivateProfileStringW
GetSystemDirectoryW
LocalAlloc
LocalFree
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetCurrentDirectoryW
HeapSize
GetStringTypeW
OutputDebugStringW
RtlUnwind
HeapReAlloc
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LeaveCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetProcessHeap
GetStdHandle
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
lstrcpyA
SystemTimeToFileTime
lstrcmpA
lstrcpyW
ReadFile
CloseHandle
SetFilePointer
CreateFileW
InterlockedDecrement
InterlockedIncrement
LockResource
LoadResource
FindResourceW
GetSystemTime
GetExitCodeThread
WaitForSingleObject
Sleep
lstrlenW
CreateDirectoryW
LoadLibraryW
FreeLibrary
GetModuleHandleW
GetModuleFileNameW
OpenMutexW
lstrcmpW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleExW
ExitProcess
IsProcessorFeaturePresent
IsDebuggerPresent
RaiseException
GetCommandLineW
GetSystemTimeAsFileTime
HeapFree
lstrcatW
LCMapStringW
HeapAlloc
LoadLibraryExW
ExitThread
GetCurrentThreadId
CreateThread
GetLastError
DecodePointer
EncodePointer
WriteConsoleW

user32

TranslateAcceleratorW
LoadBitmapW
GetClientRect
CreateWindowExW
SendMessageW
SetWindowTextW
FillRect
GetSysColorBrush
ShowWindow
DrawIcon
GetWindowTextW
GetSysColor
SetTimer
KillTimer
LoadCursorW
LoadIconW
SetWindowPos
UpdateWindow
SetWindowTextA
PostQuitMessage
wsprintfW
GetDesktopWindow
DispatchMessageW
TranslateMessage
PostMessageW
LoadStringW
GetMessageW
LoadAcceleratorsW
MessageBoxW
GetFocus
FindWindowExW
GetParent
GetClassNameW
SetFocus
EnableWindow
SetWindowLongW
EndPaint
BeginPaint
DefWindowProcW
GetWindowLongW
RegisterClassExW

gdi32

CreateFontIndirectW
GetStockObject
DeleteDC
StretchBlt
SelectObject
CreateCompatibleDC
GetObjectW

advapi32

LookupPrivilegeValueW
RegSetValueExW
GetUserNameW
FreeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
AllocateAndInitializeSid
AdjustTokenPrivileges
RegCreateKeyExW
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetFileInfoW
SHGetDesktopFolder
ExtractIconW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderPathW

ole32

CoCreateInstance
CoInitialize
CoUninitialize

comctl32

InitCommonControlsEx

urlmon

URLDownloadToFileW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shlwapi

StrRChrIW
StrChrIW
PathFileExistsW
StrStrIW

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 862KB - Virtual size: 862KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbab1ef7f0343b9196f2db374b7e55c5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

urlmon

version

shlwapi

Sections

.text Size: 75KB - Virtual size: 75KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 862KB - Virtual size: 862KB

.reloc Size: 18KB - Virtual size: 17KB

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 862KB - Virtual size: 862KB

.reloc
Size: 18KB - Virtual size: 17KB