ec107bacb19724cbf320d3985178dcffcf571b7af790591d166d6de71d97de19

Sharing

Copy URL Twitter E-mail

General

Target

ec107bacb19724cbf320d3985178dcffcf571b7af790591d166d6de71d97de19
Size

760KB
MD5

fe7ba0f436a7a2e8bf16779bae3b5017
SHA1

03d16186bb3f0548fddf761439e2e51ee5b3134d
SHA256

ec107bacb19724cbf320d3985178dcffcf571b7af790591d166d6de71d97de19
SHA512

af227ef06aa03ee69897f44dcb6d7e6dc0b68b28eb306ffe331fdb20024082159122458c93ccafb65bfa49474f41d46061c27c5c63da048a27fc0f05dcb471b3
SSDEEP

12288:dprPH4Eag8RpNTtEdv29TnGJhxtUif6d1p6:dhHt83fEU9TnGkif6fp6

Score

N/A

Malware Config

Signatures

Files

ec107bacb19724cbf320d3985178dcffcf571b7af790591d166d6de71d97de19
.exe windows x86

cd56c71fe2cf0d102fa87ecbb0c20960

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegEnumKeyW
RegSetValueExW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyA
RegQueryValueExA

kernel32

GetVersionExW
CloseHandle
CreateFileW
CompareStringW
GetCurrentDirectoryW
GetLastError
HeapFree
HeapAlloc
GetProcessHeap
CompareFileTime
GetFileAttributesW
GetWindowsDirectoryW
GetModuleFileNameW
GetTempPathW
GetCurrentThreadId
GetCommandLineW
FindNextFileW
GetPrivateProfileStringW
ExpandEnvironmentStringsW
GetSystemInfo
Sleep
SetPriorityClass
GetPriorityClass
GetCurrentProcess
GetProfileIntW
GetVolumeInformationW
GlobalMemoryStatus
GetSystemDefaultLCID
GetLocalTime
WaitForSingleObject
CreateEventW
LockResource
LoadResource
FindResourceW
WriteFile
SizeofResource
DeleteFileW
LeaveCriticalSection
EnterCriticalSection
ResetEvent
SetEvent
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
RtlUnwind
ExitProcess
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
HeapSize
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
IsBadWritePtr
VirtualProtect
VirtualQuery
SetFilePointer
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetEndOfFile
ReadFile
SystemTimeToFileTime
GetLocaleInfoW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatW
LoadLibraryW
FreeLibrary
lstrcmpiW
lstrcatW
lstrcpyW
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
RaiseException
FindResourceA
IsProcessorFeaturePresent
GetVersionExA
GetProcAddress
GetModuleHandleW
MultiByteToWideChar
lstrcmpW
GetSystemDirectoryW
lstrlenW

gdi32

GetObjectW
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
GetStockObject
GetDeviceCaps
CreateDCW
DeleteDC
GetClipBox
GetDCOrgEx

user32

SetDlgItemTextW
GetDlgItemInt
CheckRadioButton
GetDlgItemTextW
SetFocus
GetFocus
SetWindowPos
CreateDialogParamW
GetClientRect
GetWindowTextW
SetTimer
PostQuitMessage
KillTimer
UpdateWindow
LoadIconW
SetWindowsHookExW
SetForegroundWindow
UnhookWindowsHookEx
DispatchMessageW
TranslateMessage
IsDialogMessageW
GetMessageW
MessageBoxA
wsprintfA
LoadStringA
FindWindowW
GetKeyboardType
InvalidateRect
ShowWindow
SetDlgItemInt
CreateWindowExW
RegisterClassW
DefWindowProcW
ShowCursor
SetCursorPos
GetCursorPos
LoadImageW
PeekMessageW
IsDlgButtonChecked
DialogBoxParamW
EndDialog
MessageBoxW
GetDlgItem
SendMessageW
GetSystemMetrics
SystemParametersInfoA
IntersectRect
OffsetRect
LoadStringW
EnumDisplaySettingsW
ReleaseDC
GetDC
CharLowerBuffW
EnableWindow
DestroyWindow
GetKeyState
SetRect
SetWindowTextW
PostMessageW
CallNextHookEx
InflateRect
GetWindowLongW
wsprintfW

comctl32

ord17
ImageList_Create
ImageList_ReplaceIcon
ImageList_Destroy

winmm

joyGetDevCapsW
mmioOpenW
mmioDescend
mmioRead
mmioClose
waveOutGetDevCapsW
waveOutMessage
timeGetTime

comdlg32

GetSaveFileNameW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shell32

ShellExecuteW

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CLSIDFromString
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SafeArrayUnaccessData
SafeArrayAccessData
SysAllocString

Sections

.text
Size: 420KB - Virtual size: 418KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 308KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd56c71fe2cf0d102fa87ecbb0c20960

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

comctl32

winmm

comdlg32

version

shell32

ole32

oleaut32

Sections

.text Size: 420KB - Virtual size: 418KB

.data Size: 20KB - Virtual size: 78KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 308KB - Virtual size: 306KB

.text
Size: 420KB - Virtual size: 418KB

.data
Size: 20KB - Virtual size: 78KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 308KB - Virtual size: 306KB