540867e5a42b3651138fec80745080598cea6b11f2579439902cfe670f1cdfcf

Sharing

Copy URL

Twitter E-mail

General

Target

540867e5a42b3651138fec80745080598cea6b11f2579439902cfe670f1cdfcf
Size

768KB
MD5

e191e14c2fb553637082b91e9911d263
SHA1

bc331efec72697ed917a754152c7dae01c14b9bd
SHA256

540867e5a42b3651138fec80745080598cea6b11f2579439902cfe670f1cdfcf
SHA512

71b2421ed079b4d874cac66ce064f381a46c206d5781727bbfc2fa27e80fbb29fff8db897aaab227bebad119af852f6fe7ec44c79de704e5e965bfca43e5626c
SSDEEP

12288:C2BhR4c7sSXlkUt5CD9VfQg+CcPq5VKDNZFI+gNYFOHY+SAb7aJohEGHjb:FBhRHQSX6ACD9V+CcPHFvqOsYRJ85jb

Score

N/A

Malware Config

Signatures

Files

540867e5a42b3651138fec80745080598cea6b11f2579439902cfe670f1cdfcf
.exe windows x86

1c788500332be5c750a4d577aeb40418

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetDragImage
CreateToolbar
InitCommonControlsEx
GetEffectiveClientRect
ImageList_Destroy
ImageList_BeginDrag
ImageList_Read
MakeDragList
ImageList_SetFilter
ImageList_Merge
DrawStatusTextA
ImageList_Replace
ImageList_SetIconSize
CreateStatusWindowW
ImageList_DragLeave
ImageList_DragEnter
CreateStatusWindowA
ImageList_LoadImageW
ImageList_SetFlags
DrawInsert
ImageList_Write
ImageList_SetBkColor

kernel32

WriteFile
GetVersionExA
LCMapStringA
GetModuleHandleA
CreateProcessW
SetHandleCount
GetConsoleOutputCP
CreateRemoteThread
GetDriveTypeA
RtlUnwind
CreateProcessA
InterlockedDecrement
GetProcAddress
GetLocaleInfoW
GetStringTypeExW
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
LoadResource
GetFileType
GetTimeFormatA
GetLongPathNameA
EnumCalendarInfoW
FreeEnvironmentStringsW
CloseHandle
Sleep
GetTimeZoneInformation
HeapCreate
SetStdHandle
GetModuleFileNameW
CompareStringW
FreeEnvironmentStringsA
LoadLibraryA
CreateSemaphoreA
GetCurrentProcess
ExitProcess
CreateMutexA
TerminateProcess
GetStartupInfoA
InitializeCriticalSection
GetLocalTime
GetCommandLineA
MultiByteToWideChar
GetProcessHeap
MoveFileExW
GetStringTypeA
LeaveCriticalSection
TransactNamedPipe
CreateSemaphoreW
GetCurrentThreadId
FreeLibrary
IsValidLocale
VirtualQueryEx
GetACP
GetProfileIntW
SetComputerNameA
GetCPInfo
GetOEMCP
VirtualAlloc
VirtualQuery
GlobalHandle
VirtualFree
SetLastError
WritePrivateProfileSectionW
GetProcessShutdownParameters
ReadFile
GetStartupInfoW
GetCurrentThread
IsBadWritePtr
EnumSystemLocalesA
GetExitCodeThread
HeapReAlloc
QueryPerformanceCounter
SetFileAttributesA
SetEnvironmentVariableA
GetStdHandle
GetEnvironmentStringsA
GetCurrentProcessId
GetCommandLineW
SetFilePointer
ContinueDebugEvent
WaitForMultipleObjects
LockFile
DeleteCriticalSection
GetPriorityClass
FormatMessageW
EnumSystemLocalesW
GetConsoleMode
GetCurrentDirectoryA
IsDebuggerPresent
WideCharToMultiByte
EnterCriticalSection
IsValidCodePage
TlsAlloc
WriteConsoleW
EnumDateFormatsW
VirtualUnlock
GetStringTypeW
GetCurrencyFormatA
OpenMutexA
GetConsoleCP
InterlockedIncrement
GetSystemTime
LocalUnlock
GetNamedPipeInfo
GetConsoleScreenBufferInfo
HeapFree
GlobalGetAtomNameW
GetCurrentDirectoryW
FindFirstFileW
TlsSetValue
WritePrivateProfileStringW
TlsFree
GetThreadLocale
ConvertDefaultLocale
GetTickCount
GlobalLock
GetUserDefaultLCID
CreateMutexW
GetSystemTimeAdjustment
GetFileSize
GetSystemInfo
CommConfigDialogA
lstrcpy
GetDateFormatA
InterlockedExchange
GetLastError
CompareStringA
HeapDestroy
WriteConsoleA
SystemTimeToTzSpecificLocalTime
FlushFileBuffers
DebugBreak
lstrcmpi
TlsGetValue
OpenSemaphoreA
GetEnvironmentStringsW
GetCompressedFileSizeW
WritePrivateProfileSectionA
HeapAlloc
CreateFileMappingA
CreateDirectoryExW
SetConsoleTextAttribute
FindClose
SetConsoleCursorInfo
SetComputerNameW
CreateFileA
GetSystemTimeAsFileTime
EnumTimeFormatsA
HeapSize
FileTimeToLocalFileTime
GetThreadPriority
LCMapStringW
GetLocaleInfoA
GetModuleFileNameA
lstrcpynW
GetEnvironmentStrings
MoveFileA
CopyFileA
UnhandledExceptionFilter
EnumResourceNamesA

advapi32

LogonUserA
RegConnectRegistryA
CryptSetProviderExW
RegEnumValueA
LookupPrivilegeValueW
LookupAccountSidW
RegCreateKeyA
CryptSetProviderExA
RegLoadKeyA
RegEnumKeyExW
RegDeleteValueA

user32

RemovePropA
SetSysColors
UnregisterClassW
RealGetWindowClass
IsWindowEnabled
DialogBoxIndirectParamA
GetClipboardOwner
SendInput
BroadcastSystemMessage
CallMsgFilter
SetSystemCursor
GetDlgCtrlID
GetKeyboardState
DrawAnimatedRects
ScrollWindow
TranslateMDISysAccel
MenuItemFromPoint
MapWindowPoints
RegisterClassA
TileChildWindows
DestroyWindow
ChildWindowFromPoint
AppendMenuA
IsCharLowerW
GetCursorPos
LoadMenuA
SendIMEMessageExW
SetWindowsHookExA
CreateAcceleratorTableW
EndTask
RegisterClassExA
SetMessageQueue
SubtractRect
DrawIconEx
FindWindowA
CharNextExA
ExcludeUpdateRgn
GetWindowWord
RegisterDeviceNotificationA
GetMenuContextHelpId
SetThreadDesktop
GetDlgItemInt
SetScrollInfo
MessageBoxIndirectW
GetDlgItem
WinHelpA
GetKeyState
CheckRadioButton
ExitWindowsEx

comdlg32

ReplaceTextW

Sections

.text
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 416KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c788500332be5c750a4d577aeb40418

Headers

File Characteristics

Imports

comctl32

kernel32

advapi32

user32

comdlg32

Sections

.text Size: 180KB - Virtual size: 177KB

.rdata Size: 416KB - Virtual size: 412KB

.data Size: 136KB - Virtual size: 133KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 180KB - Virtual size: 177KB

.rdata
Size: 416KB - Virtual size: 412KB

.data
Size: 136KB - Virtual size: 133KB

.rsrc
Size: 32KB - Virtual size: 31KB