05a80591503d81613e59ff749f6417eee2e99f839483465972350ecb4e50bd37

Sharing

Copy URL Twitter E-mail

General

Target

05a80591503d81613e59ff749f6417eee2e99f839483465972350ecb4e50bd37
Size

740KB
MD5

d4bf16998553dbdf6b484c5782e5da97
SHA1

96c7c8ca025d769c839246b2f36bbbecfa6ba7a1
SHA256

05a80591503d81613e59ff749f6417eee2e99f839483465972350ecb4e50bd37
SHA512

4d3c44b5ba4e7c09088958937c6dbeeb0690d8729e7b4e91465ce7050c72d031b826a684e2a3f752cfd79815232379fb18d261a9688fd28cf191b9534ea78082
SSDEEP

12288:tj1uabdPQG2xcafxsd/eGjCa/88nhhgHAz5RAmypeZQbXZkDEj3RtZrGQmVqj1T:x1ua9g66xs//lngHc5gpeZQbXCojhXrX

Score

N/A

Malware Config

Signatures

Files

05a80591503d81613e59ff749f6417eee2e99f839483465972350ecb4e50bd37
.exe windows x86

4e0395de7ccffce8a1df7b30646bc25c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GlobalFindAtomA
WriteConsoleA
WideCharToMultiByte
GetProfileStringW
InterlockedDecrement
GetStringTypeW
IsValidLocale
TlsSetValue
TlsGetValue
GetCurrentProcess
SetFilePointer
GetUserDefaultLCID
GetConsoleOutputCP
RtlUnwind
EnumSystemLocalesA
InterlockedIncrement
GetLastError
ExitProcess
GetDateFormatA
HeapSize
VirtualAlloc
GetTickCount
GetTimeZoneInformation
GetFileType
FreeLibrary
OpenMutexA
GetLocaleInfoW
HeapReAlloc
WriteFile
DeleteFileW
QueryPerformanceCounter
TlsFree
FindResourceExA
InterlockedExchange
GetStdHandle
SetHandleCount
HeapAlloc
TlsAlloc
GetSystemTimeAsFileTime
SetStdHandle
UnhandledExceptionFilter
SuspendThread
CreateMutexA
SetUnhandledExceptionFilter
ReadFile
WriteConsoleW
MultiByteToWideChar
GetTimeFormatA
CompareStringW
GetProcessHeap
CommConfigDialogA
SetConsoleCtrlHandler
CreateFileA
GetModuleHandleA
SetLastError
GlobalAddAtomW
GetCurrencyFormatW
GetModuleFileNameA
TransmitCommChar
EnumCalendarInfoA
DeleteCriticalSection
GetConsoleCP
LoadLibraryA
SetEnvironmentVariableA
IsBadReadPtr
CompareStringA
GetCurrentThread
GetConsoleMode
GetCurrentThreadId
MoveFileExW
FreeEnvironmentStringsA
VirtualQuery
VirtualFree
GetCPInfo
GetTempPathA
GetEnvironmentStringsW
GetACP
HeapFree
InitializeCriticalSection
TerminateProcess
EnterCriticalSection
LCMapStringA
GetCommandLineA
GetPrivateProfileIntW
GetStringTypeA
IsDebuggerPresent
GetVersionExA
LCMapStringW
FreeEnvironmentStringsW
Sleep
IsValidCodePage
FlushFileBuffers
LeaveCriticalSection
HeapCreate
HeapDestroy
GetCurrentProcessId
CloseHandle
GetOEMCP
GetProcAddress
GetLocaleInfoA
GetEnvironmentStrings

wininet

HttpQueryInfoW
FindNextUrlCacheContainerA
FtpGetFileA
InternetConfirmZoneCrossingA

shell32

SHGetFileInfoW
SHEmptyRecycleBinA

user32

TranslateMessage
GetUserObjectInformationW
GetClipboardData
CloseWindowStation
TranslateAcceleratorA
OpenDesktopW
IsWindowVisible
DefFrameProcA
DrawCaption
RegisterClassA
RegisterWindowMessageA
MapWindowPoints
GetKBCodePage
SwitchToThisWindow
CallWindowProcA
ScreenToClient
TabbedTextOutW
DrawFrameControl
SendNotifyMessageA
RegisterClassW
TabbedTextOutA
CharNextExA
GetUserObjectSecurity
SendIMEMessageExA
DrawIcon
SetProcessDefaultLayout
InternalGetWindowText
DdeSetQualityOfService
SendMessageW
GetMenuInfo
MessageBoxExA
FindWindowW
DdeReconnect
EmptyClipboard
GetMessageW
RegisterClassExA
GetMenuState
GetWindowContextHelpId
ChangeClipboardChain
GetAncestor
SetClipboardViewer
DlgDirSelectExW
GetCursorPos
GetMessageExtraInfo
NotifyWinEvent
SetProcessWindowStation
GetWindowWord

advapi32

LookupAccountNameA
DuplicateTokenEx
CryptEnumProviderTypesA
RegEnumKeyA
CryptSetProviderExW
RegLoadKeyW
CryptDuplicateKey
LookupPrivilegeDisplayNameW
RegDeleteValueA
RegOpenKeyA
LookupAccountNameW
LookupPrivilegeValueA
CryptSetHashParam
ReportEventA
LookupPrivilegeNameW
RegSetValueExW
CryptGetDefaultProviderW
CryptAcquireContextW
StartServiceA
CryptDestroyKey

comctl32

InitCommonControlsEx
GetEffectiveClientRect

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e0395de7ccffce8a1df7b30646bc25c

Headers

File Characteristics

Imports

kernel32

wininet

shell32

user32

advapi32

comctl32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 396KB - Virtual size: 395KB

.data Size: 132KB - Virtual size: 131KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 396KB - Virtual size: 395KB

.data
Size: 132KB - Virtual size: 131KB

.rsrc
Size: 40KB - Virtual size: 38KB