a50214a0547f379e812f8fbbf240b098d3d3f3cef9a38adfb57a9723c63512bb

Sharing

Copy URL Twitter E-mail

General

Target

a50214a0547f379e812f8fbbf240b098d3d3f3cef9a38adfb57a9723c63512bb
Size

263KB
MD5

000d676d024970853053ec1ed7d38394
SHA1

b87b1bad36f3b86286892123888095cf4aa7850a
SHA256

a50214a0547f379e812f8fbbf240b098d3d3f3cef9a38adfb57a9723c63512bb
SHA512

468d9d87d36b7f5913970318a1238a3c7b63ae6beb1f9b30aee98ebe13e192361d3e452ea4c2c98252a6bdc4ec2f082863b074cbbedaedc2ee37cca37015103b
SSDEEP

6144:EreqBsCwXWfjPvXNjSZnTWRPvNcelZBzqcnJKyIOENAE2:EreqXwGrvV8nEycZBTJtIO8

Score

N/A

Malware Config

Signatures

Files

a50214a0547f379e812f8fbbf240b098d3d3f3cef9a38adfb57a9723c63512bb
.exe windows x86

a6cf26085c1ef940ec0d255f10f2bf1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpSendRequestExW
GopherGetLocatorTypeW
SetUrlCacheEntryGroup

shell32

SHEmptyRecycleBinA
SHBrowseForFolderW
ExtractAssociatedIconExA
DoEnvironmentSubstW
SHGetFileInfoA

kernel32

QueryPerformanceCounter
InterlockedIncrement
GetCurrentProcessId
ReadFile
GetCPInfo
InterlockedExchange
FlushFileBuffers
CloseHandle
InitializeCriticalSection
RtlUnwind
GetModuleFileNameW
GetStdHandle
GetLastError
GetCurrentThread
GetVolumeInformationA
LCMapStringW
LeaveCriticalSection
TlsSetValue
VirtualQuery
WriteConsoleOutputA
VirtualFree
GetTickCount
MultiByteToWideChar
GetCommandLineW
LCMapStringA
HeapFree
SetHandleCount
InterlockedDecrement
GetCurrentProcess
IsBadWritePtr
HeapReAlloc
GetLocalTime
GetStringTypeW
GetStartupInfoA
HeapAlloc
VirtualAlloc
GetSystemTime
GetEnvironmentStrings
UnhandledExceptionFilter
WideCharToMultiByte
GetEnvironmentStringsW
CompareStringW
GetModuleFileNameA
FreeEnvironmentStringsA
SetFilePointer
GetTimeZoneInformation
SetLastError
HeapCreate
EnterCriticalSection
TlsGetValue
WritePrivateProfileStringW
CreateMutexA
GetCurrentThreadId
HeapDestroy
DeleteCriticalSection
SetStdHandle
LoadLibraryA
CompareStringA
ExitProcess
SetEnvironmentVariableA
GetProcAddress
GetModuleHandleA
GetEnvironmentVariableA
FreeEnvironmentStringsW
WriteConsoleOutputCharacterW
TerminateProcess
WriteFile
GetSystemTimeAsFileTime
TlsAlloc
GetStartupInfoW
OpenMutexA
FlushConsoleInputBuffer
GetCurrencyFormatA
GetCommandLineA
TlsFree
GetFileType
GetStringTypeA
GetVersion

user32

RegisterClassExA
SetProcessDefaultLayout
RegisterClassA
UnhookWindowsHookEx
EmptyClipboard
MessageBoxW
CreateIconIndirect
AppendMenuA
GetAsyncKeyState
GetSystemMetrics
DefWindowProcW
CreateWindowExA
EnumDisplaySettingsExW
GetClipboardSequenceNumber
DdeCreateStringHandleA
ShowWindow
DestroyWindow
CreateMDIWindowW
PackDDElParam

comctl32

ImageList_Write
ImageList_EndDrag
ImageList_Add
ImageList_Create
CreateStatusWindow
ImageList_SetDragCursorImage
ImageList_GetBkColor
ImageList_DragMove
InitCommonControlsEx
ImageList_Remove

advapi32

RegQueryValueExW
RegSaveKeyA
RegDeleteValueW
LookupAccountNameW
RegFlushKey
RegCloseKey
LookupPrivilegeValueA
RegDeleteKeyA
CryptImportKey
RegQueryInfoKeyA
CryptGetKeyParam
GetUserNameA
RegSetValueA
CryptSetProviderExA
DuplicateTokenEx
CryptEnumProvidersW

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6cf26085c1ef940ec0d255f10f2bf1b

Headers

File Characteristics

Imports

wininet

shell32

kernel32

user32

comctl32

advapi32

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 46KB - Virtual size: 58KB

.data Size: 95KB - Virtual size: 95KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 46KB - Virtual size: 58KB

.data
Size: 95KB - Virtual size: 95KB

.rsrc
Size: 14KB - Virtual size: 13KB