96250a81d9edc9f31d817bb3af265a9718ed45810deed6613502dbd887174d99

Sharing

Copy URL Twitter E-mail

General

Target

96250a81d9edc9f31d817bb3af265a9718ed45810deed6613502dbd887174d99
Size

285KB
MD5

adc48f6d3f5a72b2506f6c18addbb959
SHA1

71b6f7b516a4746ac91bde3ad1124a00dff02a8a
SHA256

96250a81d9edc9f31d817bb3af265a9718ed45810deed6613502dbd887174d99
SHA512

068667f3f4342256ed059ec65001644fb86a9ed11c3fa1be0df2da4d116b313ccbfecacd38da04355c837e1f704e6fc9b5b9b101bc0c20c6889601cf2abb59a2
SSDEEP

3072:e2fWvoiZmWsLBV6w4nnjoTgoNsUEnqLBQ233A9GJA4hmCvldTOingxazwShq:e2OvD0WGVIjo0xnqBhJjgdZ

Score

N/A

Malware Config

Signatures

Files

96250a81d9edc9f31d817bb3af265a9718ed45810deed6613502dbd887174d99
.exe windows x86

0ef08fd9057222b6a18b64f9433406ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleTitleA
GetDriveTypeA
VirtualProtect
SetLastError
WritePrivateProfileSectionA
WaitNamedPipeA
GetSystemTimeAsFileTime
GlobalFree
GetTempFileNameA
OutputDebugStringA
EnumResourceLanguagesW
GetSystemTimeAdjustment
FormatMessageA
GetTapeStatus
SwitchToFiber
CopyFileExW
SetEndOfFile
VirtualUnlock
GetSystemDirectoryW
GlobalAddAtomA
RaiseException
GetSystemInfo
IsBadWritePtr
GetThreadPriority
GetLogicalDriveStringsA
FindFirstFileA
UnmapViewOfFile
ExitProcess
LocalAlloc
CreateEventA
MoveFileExA
GetUserDefaultLCID
GetTickCount
SetConsoleCursorPosition
GetFileType
GetTimeZoneInformation
_llseek
WriteConsoleOutputW
DeleteCriticalSection
CreateMutexA
PrepareTape
WritePrivateProfileStringA
SetConsoleOutputCP
GetCommandLineW
GetDriveTypeW
GetPrivateProfileStringW
FindResourceExW
LoadLibraryExW
lstrcmpiA
EnumSystemCodePagesA
CreateFileW
EnumCalendarInfoA
GetCommModemStatus
GetDateFormatA
GetLargestConsoleWindowSize
QueryDosDeviceA
VirtualAllocEx
CreateDirectoryW
LocalLock
SetThreadPriorityBoost
EnumDateFormatsW
FreeResource
GetPrivateProfileStringA
LoadLibraryExA
SetErrorMode
GetDiskFreeSpaceExA
CreateDirectoryExA
SetupComm
DuplicateHandle
VirtualQueryEx
GetCurrentProcess
FindFirstFileExW
GetCommandLineA
lstrlenA
VirtualAlloc
LCMapStringA

user32

LoadIconA
BeginPaint
GetWindowInfo
GetUserObjectInformationW
SetSysColors
RegisterWindowMessageA
GetDlgCtrlID
RemoveMenu
TranslateMessage
GetParent
GetSystemMetrics
GetWindowLongW
AdjustWindowRectEx
GetSysColorBrush
RegisterClassW
EnumChildWindows
DialogBoxParamA
InvalidateRgn
SetLastErrorEx
VkKeyScanA
PeekMessageW
EqualRect
LoadCursorFromFileW
SetWindowTextA
CharNextA
MonitorFromRect
CharPrevW
GetWindowWord
GetMenuStringA
GetGuiResources
WindowFromDC
MessageBoxExA
GetFocus
GetDlgItemInt
IsWindowVisible
ExcludeUpdateRgn
RegisterClipboardFormatA
CreateAcceleratorTableW
ChildWindowFromPointEx
GetWindowPlacement
LookupIconIdFromDirectory
ActivateKeyboardLayout

gdi32

GetRgnBox
EnumEnhMetaFile
EnumFontsA
GetTextColor
GetMapMode
GetEnhMetaFileDescriptionA
CloseFigure
DeleteMetaFile
SetWorldTransform
CreateCompatibleDC
RectInRegion
GetTextExtentPointA
GetEnhMetaFileBits

comdlg32

GetSaveFileNameW
CommDlgExtendedError
FindTextW

advapi32

BuildTrusteeWithNameW
CreateProcessAsUserW
ObjectCloseAuditAlarmW
RegOpenKeyW
RegSaveKeyA
GetNamedSecurityInfoA
MapGenericMask
InitializeSid
RegEnumKeyExW
GetSecurityDescriptorSacl
CryptGetKeyParam
UnlockServiceDatabase
LookupPrivilegeValueA
SetNamedSecurityInfoW
RegisterServiceCtrlHandlerW
ReadEventLogW
QueryServiceLockStatusW
CryptDestroyHash
RegisterEventSourceA
SetSecurityInfo
AccessCheck
LookupAccountNameW
RegOpenKeyExW
GetTokenInformation
RegisterServiceCtrlHandlerA
RevertToSelf
RegSetValueA
RegEnumKeyExA
ClearEventLogW
RegLoadKeyW
DeleteAce
StartServiceCtrlDispatcherA
InitiateSystemShutdownW

shell32

FindExecutableA
ShellExecuteA
FindExecutableW
SHGetSpecialFolderLocation

ole32

OleBuildVersion
GetClassFile
CoFreeUnusedLibraries
CoLockObjectExternal
CoImpersonateClient
CoReleaseServerProcess
CoFreeAllLibraries
OleCreateLink
MkParseDisplayName

oleaut32

VariantCopy
QueryPathOfRegTypeLi
SafeArrayPutElement
SafeArrayRedim
SafeArrayUnaccessData
SafeArrayGetElement
SysStringLen

comctl32

ImageList_Draw

shlwapi

StrChrW
StrFormatKBSizeW
SHGetValueA
PathSkipRootW
SHSetValueW
SHEnumValueW
UrlGetPartW
StrStrW
PathIsUNCW
SHRegWriteUSValueW
PathFindExtensionW
PathFindExtensionA
PathRemoveBlanksW
SHRegOpenUSKeyW
StrCmpLogicalW

Sections

giqicmm
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

yquqc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

iswysqw
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oyigm
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ef08fd9057222b6a18b64f9433406ac

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

giqicmm Size: 2KB - Virtual size: 2KB

yquqc Size: 6KB - Virtual size: 5KB

iswysqw Size: 262KB - Virtual size: 261KB

oyigm Size: 13KB - Virtual size: 13KB

giqicmm
Size: 2KB - Virtual size: 2KB

yquqc
Size: 6KB - Virtual size: 5KB

iswysqw
Size: 262KB - Virtual size: 261KB

oyigm
Size: 13KB - Virtual size: 13KB