92337d9f8c6931b0b4bc4e189d058089ad1463652bbd4cd4449095e88026a560

Sharing

Copy URL Twitter E-mail

General

Target

92337d9f8c6931b0b4bc4e189d058089ad1463652bbd4cd4449095e88026a560
Size

166KB
MD5

7e7072c5ab36f0cd90b5bea43ed952a7
SHA1

1718426abbe5739c6af1f0a65bd67600efc2e2e0
SHA256

92337d9f8c6931b0b4bc4e189d058089ad1463652bbd4cd4449095e88026a560
SHA512

c2b49b27bf03f67605a6887e586a6d07c1c887d36cdc984ae3fb4afc2a59bfcfeca068c39533e1305cd7ba6fe089c96dea6be9d1e90244e8a777d9b7a64b4878
SSDEEP

3072:J/Fy/eY4LR8jvHNTqWw6aHqC2JIE5kjxgwZ:J/FhRGtqWw6akIE3wZ

Score

N/A

Malware Config

Signatures

Files

92337d9f8c6931b0b4bc4e189d058089ad1463652bbd4cd4449095e88026a560
.exe windows x86

156ff303886d79c292d932cbcfd009d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
wsprintfA
DispatchMessageA
SetTimer
GetMessageA
PeekMessageA
RegisterShellHookWindow
LoadCursorA
TranslateMessage
LoadIconA

kernel32

GetCommandLineA
GetModuleHandleA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateMutexA
ReleaseMutex
GetNativeSystemInfo
GetProcAddress
GetLogicalDriveStringsA
Sleep
CreateThread
TerminateThread
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
CreateRemoteThread
GetExitCodeThread
RtlMoveMemory
GetProcessHeap
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
CloseHandle
WriteFile
CreateFileA
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
GetUserDefaultLCID
GetFileSize
ReadFile
CreateDirectoryA
FindNextFileA
FindFirstFileA
FindClose
CopyFileA
SetFilePointer
GetModuleFileNameA
FreeLibrary
LoadLibraryA
LCMapStringA

advapi32

RegOpenKeyA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shlwapi

PathFileExistsA

shell32

SHGetSpecialFolderPathA

mpr

WNetGetUserA

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetSetCookieA

msvcrt

strtod
modf
memmove
__CxxFrameHandler
tolower
_strnicmp
_stricmp
realloc
free
_CIfmod
rand
malloc
strchr
srand
atoi
strncmp
strncpy
_ftol
??2@YAPAXI@Z
strrchr
??3@YAXPAX@Z
sprintf

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleRun
CoUninitialize
CoInitialize

oleaut32

VariantChangeType
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
VarR8FromCy
VarR8FromBool
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy
VariantInit

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

156ff303886d79c292d932cbcfd009d4

Headers

File Characteristics

Imports

user32

kernel32

advapi32

shlwapi

shell32

mpr

wininet

msvcrt

ole32

oleaut32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 65KB - Virtual size: 115KB

.rsrc Size: 1024B - Virtual size: 868B

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 65KB - Virtual size: 115KB

.rsrc
Size: 1024B - Virtual size: 868B