564dce716c752f5775cf69d1af30fef08473d177c4059f2520233daab70cac29

Sharing

Copy URL Twitter E-mail

General

Target

564dce716c752f5775cf69d1af30fef08473d177c4059f2520233daab70cac29
Size

832KB
MD5

7c82bb4f8c003ac0427e0f3297b451df
SHA1

63178fdbcad9c4cd130fa906e184f2c9a71b4541
SHA256

564dce716c752f5775cf69d1af30fef08473d177c4059f2520233daab70cac29
SHA512

bf30875ccaa2471463834646a9827a7ad78d55a86557103fbbeaf911b30416d411d544b97e26894b1c2324ae2c92e5bd4b7a0a1ca7acf95d1a8a3d038e183cf8
SSDEEP

12288:5WfTHF7Lqh/DYj+fFbw+JldVFIC5u5ro1BTbVCenlgegE7b9mUu1zOy2:sbFihLYKfhxldVGrrIZbVCenlbuzOL

Score

N/A

Malware Config

Signatures

Files

564dce716c752f5775cf69d1af30fef08473d177c4059f2520233daab70cac29
.exe windows x86

78dd7ce602af4824493990f8b227a1e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconA
DdeQueryConvInfo
GetProcessDefaultLayout
SetScrollPos
UnhookWindowsHook
ArrangeIconicWindows
RemoveMenu
GetMenu
SetProcessWindowStation
SetUserObjectSecurity
GetCapture
EnumDesktopsA
EnumPropsA
CreateDesktopA
SetWindowsHookExA
FindWindowExW
CharLowerA
ShowWindow
GetTabbedTextExtentA
CallWindowProcA
HideCaret
EndTask
GetForegroundWindow
LoadStringW
AppendMenuA
GetClientRect
GetCursor
DdeSetUserHandle
CharNextExA
InternalGetWindowText
DrawIconEx
RedrawWindow
DrawTextA
IsDialogMessage
GetIconInfo
SetDlgItemInt
DefWindowProcW
RegisterClassA
CreateWindowExA
RegisterClassExA
DestroyWindow
GetDC
DlgDirSelectExA
MessageBeep
MessageBoxW
GetWindowLongW
SwitchDesktop
CopyAcceleratorTableW
ReplyMessage
AdjustWindowRectEx

comctl32

ImageList_SetIconSize
ImageList_SetFilter
ImageList_EndDrag
ImageList_DrawIndirect
CreateUpDownControl
_TrackMouseEvent
ImageList_SetFlags
CreatePropertySheetPage
ImageList_LoadImage
ImageList_Duplicate
ImageList_SetImageCount
ImageList_LoadImageA
InitCommonControlsEx
ImageList_Create

advapi32

StartServiceA
DuplicateTokenEx
LookupPrivilegeNameW

kernel32

GetTickCount
EnumSystemCodePagesW
FreeEnvironmentStringsA
GlobalDeleteAtom
TlsGetValue
LCMapStringA
HeapDestroy
IsValidCodePage
OutputDebugStringA
GetEnvironmentStringsW
DeleteCriticalSection
SetLocalTime
SetConsoleCtrlHandler
lstrcpynA
LoadLibraryW
MultiByteToWideChar
GetProcAddress
InterlockedDecrement
ExitThread
EnumSystemLocalesA
GetConsoleMode
GetConsoleScreenBufferInfo
InitializeCriticalSection
lstrlenA
DebugBreak
VirtualQuery
GetCPInfo
HeapFree
EnumResourceNamesA
GetOEMCP
SetLastError
GetLocaleInfoW
DeleteFileW
GetACP
CreateNamedPipeW
VirtualQueryEx
InterlockedExchange
DeleteFileA
GetStartupInfoA
SetStdHandle
GetStartupInfoW
WriteFile
RaiseException
GetUserDefaultLCID
IsValidLocale
TlsFree
GetVolumeInformationA
GetEnvironmentStrings
GetConsoleOutputCP
GetFileAttributesW
CloseHandle
LeaveCriticalSection
GetCommandLineA
LoadLibraryA
WritePrivateProfileSectionA
GetPrivateProfileIntA
GetModuleHandleA
GetCurrentProcess
QueryPerformanceCounter
TlsAlloc
UnhandledExceptionFilter
InterlockedIncrement
CompareStringA
LCMapStringW
IsBadReadPtr
CreateRemoteThread
OpenMutexA
EnumTimeFormatsW
CreateMutexA
OutputDebugStringW
GetLocaleInfoA
EnumSystemCodePagesA
GetLastError
GetModuleFileNameA
SetThreadAffinityMask
FindResourceExW
GetCurrentThread
GetModuleFileNameW
SetUnhandledExceptionFilter
WriteConsoleW
GetStdHandle
IsDebuggerPresent
GetDriveTypeW
SetCurrentDirectoryA
GetFileType
GetConsoleCP
SetVolumeLabelW
GetCurrentProcessId
HeapValidate
LocalFileTimeToFileTime
GetCompressedFileSizeA
LocalFlags
GetCurrentThreadId
GetTimeZoneInformation
GetCommandLineW
GetTimeFormatA
ReadConsoleOutputCharacterW
FreeLibrary
HeapAlloc
GetVersionExA
ReadFile
VirtualAlloc
HeapCreate
CreateFileA
GetStringTypeW
GetAtomNameA
GetSystemTimeAsFileTime
FlushFileBuffers
CompareFileTime
GetStringTypeA
TlsSetValue
WideCharToMultiByte
HeapReAlloc
WriteConsoleOutputA
GetDiskFreeSpaceExA
FreeEnvironmentStringsW
WriteConsoleA
InitializeCriticalSectionAndSpinCount
ReadConsoleOutputA
EnterCriticalSection
SetFilePointer
CompareStringW
GetDateFormatA
SetHandleCount
SetEnvironmentVariableA
TerminateProcess
CreateNamedPipeA
RtlUnwind
WritePrivateProfileStringW
VirtualAllocEx
FillConsoleOutputAttribute
GetProcessHeap
VirtualFree
ExitProcess
GetFileTime
SetVolumeLabelA

Sections

.text
Size: 296KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78dd7ce602af4824493990f8b227a1e6

Headers

File Characteristics

Imports

user32

comctl32

advapi32

kernel32

Sections

.text Size: 296KB - Virtual size: 292KB

.rdata Size: 292KB - Virtual size: 290KB

.data Size: 116KB - Virtual size: 130KB

.rsrc Size: 124KB - Virtual size: 122KB

.text
Size: 296KB - Virtual size: 292KB

.rdata
Size: 292KB - Virtual size: 290KB

.data
Size: 116KB - Virtual size: 130KB

.rsrc
Size: 124KB - Virtual size: 122KB