26093c1f2ab6926c667928c7a2b36cb7ee2c53934ab1624647b6d1b6f4a21b3f

Sharing

Copy URL Twitter E-mail

General

Target

26093c1f2ab6926c667928c7a2b36cb7ee2c53934ab1624647b6d1b6f4a21b3f
Size

660KB
MD5

4a2ab787ea20de392bd55c9d616cc191
SHA1

e9eb9df80033cf1e4055c2f3526c216c48b21cfa
SHA256

26093c1f2ab6926c667928c7a2b36cb7ee2c53934ab1624647b6d1b6f4a21b3f
SHA512

a468b9522d31bcfca06b97ab7e62ce83566e1791853995c34f5be2874556c91d999ac841ec4e0f05c99c4fd34fdb0f5ea490dfcb952ef04901a3c6d8c8e006a3
SSDEEP

12288:XB2mxUtHBy+kmE/IP5Zc3silN3HMMlO9KALGmgVumPQa96:Yy/IPw3tsH38umo46

Score

N/A

Malware Config

Signatures

Files

26093c1f2ab6926c667928c7a2b36cb7ee2c53934ab1624647b6d1b6f4a21b3f
.exe windows x86

5b18bd349e1d27f01d3fd63245ab9673

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetImageCount
ImageList_DragMove
InitCommonControlsEx
CreateStatusWindowW
CreateMappedBitmap
ImageList_ReplaceIcon
ImageList_Remove
ImageList_Copy
ImageList_GetImageInfo
ImageList_Duplicate

kernel32

GetACP
GlobalCompact
WriteConsoleOutputCharacterW
ExitProcess
GetStringTypeA
FreeEnvironmentStringsA
GetTimeFormatW
CreateDirectoryA
SetStdHandle
MultiByteToWideChar
GetSystemDefaultLangID
HeapReAlloc
GetTimeZoneInformation
GetEnvironmentVariableA
WriteFile
GetSystemDefaultLCID
GetCurrentThread
HeapDestroy
GetLocaleInfoW
DebugBreak
GetModuleFileNameA
LCMapStringW
GetLogicalDriveStringsA
FindNextFileA
FreeEnvironmentStringsW
WaitCommEvent
GetThreadSelectorEntry
EnterCriticalSection
OutputDebugStringA
TerminateProcess
SetEnvironmentVariableA
GetLastError
FreeResource
CompareStringW
FindFirstFileW
GetConsoleTitleA
HeapCreate
VirtualProtect
GetModuleHandleA
GetVersionExW
RtlUnwind
CreateMutexA
GetTimeFormatA
FormatMessageW
FlushFileBuffers
GetEnvironmentStrings
SetFilePointer
FoldStringW
LeaveCriticalSection
InterlockedExchange
CloseHandle
CompareStringA
GetEnvironmentStringsW
GetUserDefaultLCID
MoveFileExA
GetCommandLineA
TlsSetValue
DeleteCriticalSection
GetWindowsDirectoryW
OpenMutexA
CreateFileMappingA
InterlockedIncrement
VirtualQuery
InitializeCriticalSection
FindResourceW
WideCharToMultiByte
GetDateFormatA
GetCurrentProcess
IsBadWritePtr
LCMapStringA
LocalShrink
VirtualFree
HeapValidate
GetExitCodeThread
GetVersionExA
LockFile
FreeLibrary
ExpandEnvironmentStringsA
EnumSystemLocalesA
SetCurrentDirectoryW
GetPrivateProfileStructA
HeapFree
SetConsoleCtrlHandler
GetStringTypeW
EnumSystemLocalesW
GetFileType
LoadLibraryA
DebugActiveProcess
UnhandledExceptionFilter
DuplicateHandle
GetCPInfo
InterlockedDecrement
GetTempFileNameW
MoveFileExW
ReadFile
GetLocaleInfoA
GetEnvironmentVariableW
WaitForMultipleObjectsEx
SetConsoleCursorInfo
GetProcAddress
GlobalGetAtomNameW
SetLocaleInfoW
GetTickCount
CopyFileA
TlsFree
GetOEMCP
SetEvent
TlsGetValue
ReadConsoleOutputCharacterA
CreateWaitableTimerW
GetStdHandle
TlsAlloc
IsValidCodePage
GetConsoleCP
ReadConsoleOutputAttribute
WriteProfileStringW
SetHandleCount
EnumSystemCodePagesA
QueryPerformanceCounter
CreateNamedPipeW
GetStartupInfoA
GetSystemInfo
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
VirtualAlloc
GetFullPathNameA
IsBadReadPtr
GetCurrentThreadId
FillConsoleOutputAttribute
IsValidLocale
DeleteAtom
SetLastError

user32

MapVirtualKeyExW
ToAscii
PaintDesktop
CheckMenuRadioItem
EndPaint
CascadeWindows
SetFocus
SetDlgItemTextW
DrawMenuBar
SetProcessDefaultLayout
wvsprintfA
DdeFreeStringHandle
RegisterClassA
DdeCreateDataHandle
EnumDisplaySettingsW
LoadKeyboardLayoutW
GetMessagePos
CharToOemBuffA
FindWindowExW
DefWindowProcW
ShowWindow
SetClipboardViewer
UnhookWinEvent
SystemParametersInfoA
ShowOwnedPopups
CharUpperA
MsgWaitForMultipleObjects
UnpackDDElParam
OemKeyScan
SetDlgItemTextA
RegisterClassExA
SetThreadDesktop
EnumDisplayMonitors
UnregisterDeviceNotification
GetMenuItemRect
GetKeyboardLayoutNameW
LoadMenuW
GetWindowRect
DdeQueryStringW
WINNLSGetEnableStatus
IsCharAlphaNumericA
VkKeyScanExW
LoadIconA
DefFrameProcW
SetClipboardData
ChangeDisplaySettingsA
RegisterWindowMessageA
IsCharAlphaNumericW
SetWindowWord
TranslateAcceleratorA
LoadImageA
CheckDlgButton
WaitMessage
IsDialogMessageA
CreateWindowExA
InflateRect
MessageBoxW
GetDlgItemInt
DestroyWindow
DlgDirListA
OffsetRect
GetNextDlgGroupItem
TileChildWindows
DdeClientTransaction
GetIconInfo
InsertMenuItemW

advapi32

CryptSetKeyParam
RegEnumKeyW
LookupSecurityDescriptorPartsA
RegConnectRegistryA
RegCloseKey
RegSetValueA
CryptEnumProvidersA
LookupAccountSidW
CryptImportKey
RegRestoreKeyW
AbortSystemShutdownW
InitiateSystemShutdownA
CryptHashData
ReportEventW
CryptSetProviderExA
RegQueryMultipleValuesA
CryptSetProvParam
LookupAccountNameA
CryptGenRandom
LookupPrivilegeNameW

Sections

.text
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b18bd349e1d27f01d3fd63245ab9673

Headers

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

Sections

.text Size: 220KB - Virtual size: 216KB

.rdata Size: 264KB - Virtual size: 262KB

.data Size: 108KB - Virtual size: 112KB

.rsrc Size: 64KB - Virtual size: 61KB

.text
Size: 220KB - Virtual size: 216KB

.rdata
Size: 264KB - Virtual size: 262KB

.data
Size: 108KB - Virtual size: 112KB

.rsrc
Size: 64KB - Virtual size: 61KB