5fac34ac90820e5cfb0699a91f8ed89069ae5bc824e64b92e61318262cfa9f86

Sharing

Copy URL Twitter E-mail

General

Target

5fac34ac90820e5cfb0699a91f8ed89069ae5bc824e64b92e61318262cfa9f86
Size

392KB
MD5

423668dbe4f02fe554d1f4c714b1ce76
SHA1

d7a8bbb2c0bd87d9efb9fc841cf293e8ad7084d6
SHA256

5fac34ac90820e5cfb0699a91f8ed89069ae5bc824e64b92e61318262cfa9f86
SHA512

5fb352fe32c16cbe7c42596497497b9c3fa236c0bb9c38a450b9b397c4884cdc00604334693d6332e3a33d230c46b3fe0fb48e96e8d81b15803b0945c02213dc
SSDEEP

6144:XMTNhOAQfLedd70dsmM3WNUVegEEyHYwub90i2se9tVyRcSHvCh:cTDOAgM3KUVegEpfuvHv

Score

N/A

Malware Config

Signatures

Files

5fac34ac90820e5cfb0699a91f8ed89069ae5bc824e64b92e61318262cfa9f86
.exe windows x86

94d7b7271385a267e14f72036dcb07c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractAssociatedIconExW
InternalExtractIconListW
FindExecutableW
SHGetPathFromIDList

user32

CloseDesktop
RegisterClipboardFormatW
LoadIconA
SetTimer
CallMsgFilterA
DdeDisconnect
OpenInputDesktop
DrawCaption
MonitorFromPoint
MessageBoxIndirectW
PostMessageA
SetMenuItemInfoA
RegisterClassExA
InsertMenuItemA
GetClipboardViewer
RegisterClassA
GetAncestor
DrawAnimatedRects
ReleaseDC

advapi32

RegOpenKeyExA
CryptDeriveKey
CryptSetProviderA
RegEnumKeyW
RegQueryValueExW
LookupPrivilegeValueW
RegSetValueExA
RegQueryInfoKeyA
CryptEnumProviderTypesW
InitializeSecurityDescriptor
CryptHashSessionKey
CryptDuplicateKey
GetUserNameA
RegReplaceKeyW
CryptGenRandom
CryptSignHashA
LookupAccountSidW
RegRestoreKeyA
RegCloseKey
LogonUserW
LookupPrivilegeDisplayNameW
AbortSystemShutdownA
CryptDecrypt
RegSetValueA

comctl32

ImageList_LoadImage
ImageList_GetFlags
ImageList_Draw
CreatePropertySheetPageA
ImageList_LoadImageW
ImageList_GetDragImage
InitCommonControlsEx
CreateStatusWindowW
ImageList_BeginDrag
CreateToolbar
CreateStatusWindow
ImageList_GetBkColor
ImageList_Replace
ImageList_AddIcon

kernel32

WriteConsoleW
OutputDebugStringA
FreeEnvironmentStringsA
VirtualQueryEx
InitializeCriticalSectionAndSpinCount
GetVolumeInformationA
HeapAlloc
ReadConsoleInputW
CopyFileExA
EnumSystemLocalesA
CreateDirectoryW
FlushFileBuffers
GetStringTypeA
WriteFile
HeapCreate
GetSystemTimeAsFileTime
CreateEventW
GlobalReAlloc
VirtualProtectEx
HeapFree
GetACP
GetStartupInfoW
FreeLibrary
GetDateFormatA
GetOEMCP
TlsFree
CompareStringW
GetStartupInfoA
GetCurrentThread
GetCurrentProcess
LCMapStringW
OpenSemaphoreA
GetFileAttributesW
InterlockedCompareExchange
GetLastError
LCMapStringA
IsDebuggerPresent
GetUserDefaultLCID
FindAtomA
QueryPerformanceCounter
FindAtomW
GetCurrentProcessId
VirtualFree
AddAtomA
EnumResourceNamesA
OpenMutexW
GetTimeZoneInformation
ExitProcess
lstrlenW
RtlUnwind
GetEnvironmentVariableW
EnterCriticalSection
LeaveCriticalSection
GetCurrencyFormatA
TlsAlloc
FreeEnvironmentStringsW
CompareStringA
EnumCalendarInfoExW
FoldStringW
ReadConsoleOutputCharacterA
GetCommandLineA
SuspendThread
GetMailslotInfo
MultiByteToWideChar
AddAtomW
VirtualAllocEx
InterlockedDecrement
FoldStringA
GetLogicalDriveStringsA
GetModuleHandleW
FindResourceA
SetHandleCount
ReleaseSemaphore
SetConsoleCtrlHandler
GetConsoleTitleW
ReadConsoleOutputA
OpenMutexA
SetLastError
Sleep
GetProcessHeaps
GetConsoleMode
GetModuleFileNameA
TlsGetValue
DeleteCriticalSection
WriteConsoleOutputCharacterW
LoadLibraryA
HeapReAlloc
GetModuleHandleA
ReadFile
InterlockedIncrement
VirtualQuery
SetConsoleOutputCP
HeapDestroy
CreateRemoteThread
CloseHandle
GetProcAddress
GetPrivateProfileSectionNamesW
TlsSetValue
CopyFileA
InterlockedExchange
CreateMutexA
SetStdHandle
LoadLibraryExW
AllocConsole
GetFileType
GetLogicalDrives
GlobalAddAtomA
GetConsoleOutputCP
GetLocaleInfoW
TerminateProcess
GetCommandLineW
GetConsoleCP
CreateFileA
lstrcmpiA
GetTickCount
WriteConsoleA
IsValidCodePage
IsValidLocale
WideCharToMultiByte
GetEnvironmentStrings
SetUnhandledExceptionFilter
FindResourceW
SetConsoleScreenBufferSize
GetCurrentThreadId
SetFilePointer
GetNamedPipeHandleStateA
GetThreadPriorityBoost
GetCPInfo
GetStdHandle
UnhandledExceptionFilter
HeapSize
GetExitCodeThread
GetStringTypeW
GetLocaleInfoA
GetTimeFormatA
GetEnvironmentStringsW
FindFirstFileExW
CompareFileTime
SetEnvironmentVariableA
VirtualAlloc

wininet

RetrieveUrlCacheEntryFileA
FtpRenameFileA
FtpSetCurrentDirectoryA
GopherGetLocatorTypeW
InternetReadFileExW
RetrieveUrlCacheEntryFileW
InternetGoOnline
InternetGetLastResponseInfoA
InternetDialW

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94d7b7271385a267e14f72036dcb07c5

Headers

File Characteristics

Imports

shell32

user32

advapi32

comctl32

kernel32

wininet

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 96KB - Virtual size: 102KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 96KB - Virtual size: 102KB

.rsrc
Size: 24KB - Virtual size: 22KB