a7ad4bf44b21ca85233b2eb8f708b196df4226db37406e74b6e791f6f05c75ea

Sharing

Copy URL Twitter E-mail

General

Target

a7ad4bf44b21ca85233b2eb8f708b196df4226db37406e74b6e791f6f05c75ea
Size

320KB
MD5

5e1ddcb4cf2870878b7415500b8f5d35
SHA1

94be46e52f5cf0deb95dd97582acf4486e7247b7
SHA256

a7ad4bf44b21ca85233b2eb8f708b196df4226db37406e74b6e791f6f05c75ea
SHA512

fb71cdbba6c5ee7a65d1bde1a9d62bf319d4617a17b51878989574c9447f97b5c2699db0a542f0f9a553ae1d3f207425eebbf5339bf233ddce3ba958cbb0af37
SSDEEP

6144:YnT5ogIxM7/JnIbEFdwzOieKizwVFeYmmwND6rexz5:uT5hIGJIAFdwzO4ih6rexl

Score

N/A

Malware Config

Signatures

Files

a7ad4bf44b21ca85233b2eb8f708b196df4226db37406e74b6e791f6f05c75ea
.exe windows x86

7d2fbad70cea15f1e9efc743e41fa3aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetPropA

imagehlp

RemoveRelocations
ImageRvaToVa
ImagehlpApiVersion
ImageGetDigestStream
ImageUnload
UpdateDebugInfoFileEx
GetTimestampForLoadedLibrary
GetImageUnusedHeaderBytes
SearchTreeForFile
GetImageConfigInformation
SymUnloadModule
ImageEnumerateCertificates
UpdateDebugInfoFile
SymGetSymFromName
RemovePrivateCvSymbolic
SymGetSymPrev
ImageNtHeader
BindImage
MapFileAndCheckSumW
SymEnumerateModules
MapDebugInformation
MakeSureDirectoryPathExists
SymFunctionTableAccess
ImageRemoveCertificate
RemovePrivateCvSymbolicEx
SymGetLineFromAddr
SymSetSearchPath
SplitSymbols
ImageGetCertificateData

mpr

MultinetGetConnectionPerformanceA

gdi32

SetWorldTransform
SetMetaFileBitsEx
StretchBlt
TranslateCharsetInfo
UpdateICMRegKeyW
StartDocW
SetPixel
SetPixelV
SetSystemPaletteUse
SetTextColor
SetRectRgn
SetViewportOrgEx
SetWinMetaFileBits
SetWindowOrgEx
SetMiterLimit
UpdateColors
SetPaletteEntries
WidenPath
SetMetaRgn

imm32

ImmSetStatusWindowPos
ImmSetCompositionWindow
ImmGetCompositionFontW
ImmInstallIMEW
ImmIsIME
ImmSetCompositionStringW
ImmGetRegisterWordStyleA
ImmGetOpenStatus
ImmGetGuideLineW
ImmGetCandidateWindow
ImmGetGuideLineA
ImmReleaseContext
ImmRegisterWordA
ImmGetConversionStatus
ImmSetCompositionFontW
ImmConfigureIMEW
ImmGetVirtualKey
ImmGetCandidateListCountA
ImmEnumRegisterWordW
ImmGetProperty
ImmGetContext
ImmSetCandidateWindow
ImmSetConversionStatus
ImmGetRegisterWordStyleW
ImmGetCompositionStringW

advapi32

AreAllAccessesGranted

kernel32

GetFileInformationByHandle
FindResourceExA
CreateRemoteThread
FillConsoleOutputCharacterA
Heap32ListFirst
CreateToolhelp32Snapshot
Heap32Next
GetDiskFreeSpaceW
CreateFileA
GetPrivateProfileStringW
FindCloseChangeNotification
GetTimeFormatA
GetModuleHandleW
GetNamedPipeHandleStateA
AreFileApisANSI
GetCurrentThreadId
CreateDirectoryExA
GetLargestConsoleWindowSize
GetCurrentProcess
GetConsoleOutputCP
FindClose
GetStringTypeW
CreatePipe
GetACP
CreateSemaphoreW
GetStdHandle
GlobalReAlloc
FindResourceW
GetProcessHeaps
CreateMutexW
GlobalFree
GetEnvironmentVariableW
GetNumberFormatW
GetCommProperties
DeviceIoControl
BackupSeek
BeginUpdateResourceW
CommConfigDialogA
FindAtomW
GetLogicalDrives
GetTempPathA
BuildCommDCBA
FreeEnvironmentStringsA
GetShortPathNameA
GetTapeStatus
EnterCriticalSection
CompareFileTime
GetPrivateProfileStructW
FindFirstChangeNotificationA
GetAtomNameA
GetDefaultCommConfigW
CreateProcessW
GetProcessPriorityBoost
AllocConsole
BuildCommDCBAndTimeoutsA
GetModuleHandleA
CreateFileMappingA
GetUserDefaultLangID
GetSystemTime
GetOverlappedResult
GetProcessHeap
GetPrivateProfileSectionNamesW
CopyFileW
GetPrivateProfileSectionW
FileTimeToLocalFileTime
GetProcessAffinityMask
GetProcessShutdownParameters
GetFullPathNameA
GetVersion
FlushInstructionCache
GetTimeFormatW
FindResourceA
GetConsoleMode
GetCommModemStatus
FindResourceExW
GetStartupInfoA
FatalExit
GetDriveTypeA
GetLogicalDriveStringsA
GetFileAttributesW
DefineDosDeviceA
HeapLock
GetStartupInfoW
GetNamedPipeInfo
GetWindowsDirectoryW
GetOEMCP
GetBinaryTypeW
ContinueDebugEvent
ExpandEnvironmentStringsA
GetConsoleTitleA
EnumSystemLocalesA
GetSystemDefaultLCID
ExpandEnvironmentStringsW
EnumResourceNamesA
GetThreadPriorityBoost
EnumSystemCodePagesA
GenerateConsoleCtrlEvent
EnumSystemCodePagesW
GetProfileSectionW
GlobalUnfix
GetLongPathNameA
GlobalUnlock
GetProcAddress
EnumResourceLanguagesW
FindFirstFileW
GetNumberOfConsoleMouseButtons
ExitThread
GlobalFindAtomA
EnumResourceTypesW
GetVolumeInformationA
EnumCalendarInfoW
EnumCalendarInfoA
GetModuleFileNameA
DeleteFileW
CallNamedPipeA
GetThreadContext
GetCurrentDirectoryW
FatalAppExitA
GetConsoleTitleW
FindFirstChangeNotificationW
GetCompressedFileSizeW
GetEnvironmentStringsW
GetCurrencyFormatA
GetVersionExA
GetEnvironmentStrings
FindAtomA
GetPrivateProfileStringA
GetCommTimeouts
GetFullPathNameW
EnumDateFormatsA
GetExitCodeThread
GetProfileIntA
FindNextFileW
GlobalGetAtomNameW
EnumTimeFormatsA
EnumResourceTypesA
DisableThreadLibraryCalls
EnumDateFormatsW
GetLocaleInfoW
GetCurrentDirectoryA
GetTempFileNameA
GetCurrencyFormatW
FindNextFileA
BeginUpdateResourceA
GetTickCount
GlobalAddAtomA
GlobalHandle
ConnectNamedPipe
DebugActiveProcess
FillConsoleOutputCharacterW
ClearCommError
CreateTapePartition
HeapReAlloc
Beep
EnumSystemLocalesW
BuildCommDCBW
HeapCreate
GlobalGetAtomNameA
FreeLibrary
FlushConsoleInputBuffer
GetFileInformationByHandle
FindResourceExA
CreateRemoteThread
FillConsoleOutputCharacterA
Heap32ListFirst
CreateToolhelp32Snapshot
Heap32Next
GetDiskFreeSpaceW
CreateFileA
GetPrivateProfileStringW
FindCloseChangeNotification
GetTimeFormatA
GetModuleHandleW
GetNamedPipeHandleStateA
AreFileApisANSI
GetCurrentThreadId
CreateDirectoryExA
GetLargestConsoleWindowSize
GetCurrentProcess
GetConsoleOutputCP
FindClose
GetStringTypeW
CreatePipe
GetACP
CreateSemaphoreW
GetStdHandle
GlobalReAlloc
FindResourceW
GetProcessHeaps
CreateMutexW
GlobalFree
GetEnvironmentVariableW
GetNumberFormatW
GetCommProperties
DeviceIoControl
BackupSeek
BeginUpdateResourceW
CommConfigDialogA
FindAtomW
GetLogicalDrives
GetTempPathA
BuildCommDCBA
FreeEnvironmentStringsA
GetShortPathNameA
GetTapeStatus
EnterCriticalSection
CompareFileTime
GetPrivateProfileStructW
FindFirstChangeNotificationA
GetAtomNameA
GetDefaultCommConfigW
CreateProcessW
GetProcessPriorityBoost
AllocConsole
BuildCommDCBAndTimeoutsA
GetModuleHandleA
CreateFileMappingA
GetUserDefaultLangID
GetSystemTime
GetOverlappedResult
GetProcessHeap
GetPrivateProfileSectionNamesW
CopyFileW
GetPrivateProfileSectionW
FileTimeToLocalFileTime
GetProcessAffinityMask
GetProcessShutdownParameters
GetFullPathNameA
GetVersion
FlushInstructionCache
GetTimeFormatW
FindResourceA
GetConsoleMode
GetCommModemStatus
FindResourceExW
GetStartupInfoA
FatalExit
GetDriveTypeA
GetLogicalDriveStringsA
GetFileAttributesW
DefineDosDeviceA
HeapLock
GetStartupInfoW
GetNamedPipeInfo
GetWindowsDirectoryW
GetOEMCP
GetBinaryTypeW
ContinueDebugEvent
ExpandEnvironmentStringsA
GetConsoleTitleA
EnumSystemLocalesA
GetSystemDefaultLCID
ExpandEnvironmentStringsW
EnumResourceNamesA
GetThreadPriorityBoost
EnumSystemCodePagesA
GenerateConsoleCtrlEvent
EnumSystemCodePagesW
GetProfileSectionW
GlobalUnfix
GetLongPathNameA
GlobalUnlock
GetProcAddress
EnumResourceLanguagesW
FindFirstFileW
GetNumberOfConsoleMouseButtons
ExitThread
GlobalFindAtomA
EnumResourceTypesW
GetVolumeInformationA
EnumCalendarInfoW
EnumCalendarInfoA
GetModuleFileNameA
DeleteFileW
CallNamedPipeA
GetThreadContext
GetCurrentDirectoryW
FatalAppExitA
GetConsoleTitleW
FindFirstChangeNotificationW
GetCompressedFileSizeW
GetEnvironmentStringsW
GetCurrencyFormatA
GetVersionExA
GetEnvironmentStrings
FindAtomA
GetPrivateProfileStringA
GetCommTimeouts
GetFullPathNameW
EnumDateFormatsA
GetExitCodeThread
GetProfileIntA
FindNextFileW
GlobalGetAtomNameW
EnumTimeFormatsA
EnumResourceTypesA
DisableThreadLibraryCalls
EnumDateFormatsW
GetLocaleInfoW
GetCurrentDirectoryA
GetTempFileNameA
GetCurrencyFormatW
FindNextFileA
BeginUpdateResourceA
GetTickCount
GlobalAddAtomA
GlobalHandle
ConnectNamedPipe
DebugActiveProcess
FillConsoleOutputCharacterW
ClearCommError
CreateTapePartition
HeapReAlloc
Beep
EnumSystemLocalesW
BuildCommDCBW
HeapCreate
GlobalGetAtomNameA
FreeLibrary
FlushConsoleInputBuffer

msvcrt

__p__commode
__p__fmode
_adjust_fdiv
_except_handler3
_controlfp
__dllonexit
_onexit
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__set_app_type

lz32

CopyLZFile
LZClose
GetExpandedNameW
LZCopy
LZSeek
LZStart
LZOpenFileA
LZDone

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d2fbad70cea15f1e9efc743e41fa3aa

Headers

File Characteristics

Imports

user32

imagehlp

mpr

gdi32

imm32

advapi32

kernel32

msvcrt

lz32

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 24KB - Virtual size: 2.2MB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 24KB - Virtual size: 2.2MB

.rsrc
Size: 20KB - Virtual size: 16KB