40a7527c4a9eebde7eac465babf88864f1870321630264d552149dd18d0e225c

Sharing

Copy URL Twitter E-mail

General

Target

40a7527c4a9eebde7eac465babf88864f1870321630264d552149dd18d0e225c
Size

1.1MB
MD5

579f2bd944549c99de45efc9e308ac81
SHA1

637f778178623b6520bfc2232e74ec1695a45311
SHA256

40a7527c4a9eebde7eac465babf88864f1870321630264d552149dd18d0e225c
SHA512

1d17f165f4b906051d99e6490cdc62624e6bd18f0b8ecd5ba6cdafdd20ed34f74518318e8c7150edd9fd2b3cc407db759c4db86ad8942891bdaf9077a2301bf9
SSDEEP

12288:Sf+a4TXlcyE4c8Jxps3diV2q7ZEi0UKr410I3zBVCFWdSdg0U+zxpQCvM5acb81:Sf+xTpE+JxphV2j/pQCvM5baK/aY5pZ

Score

N/A

Malware Config

Signatures

Files

40a7527c4a9eebde7eac465babf88864f1870321630264d552149dd18d0e225c
.exe windows x86

ff6de64585fabd347950f29cc86f44dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

GetProcAddress
GetModuleHandleW
lstrlenW
FreeLibrary
LoadLibraryW
GetVersionExW
lstrlenA
MultiByteToWideChar
FindClose
FindFirstFileW
InterlockedDecrement
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
FreeResource
LockResource
CreateEventW
SetLastError
GetCurrentThreadId
Sleep
FlushInstructionCache
CloseHandle
CreateThread
WaitForSingleObject
SetEvent
CreateSemaphoreW
ReleaseSemaphore
AreFileApisANSI
GetFileAttributesA
DeleteFileA
GetFileAttributesW
GetTempPathA
GetTempPathW
SetFilePointer
GetPrivateProfileStringW
SetEndOfFile
GetFileSize
LockFile
LockFileEx
UnlockFile
GetFullPathNameA
GetFullPathNameW
LoadLibraryA
GetSystemTime
GetSystemTimeAsFileTime
TlsSetValue
TlsGetValue
TlsAlloc
CreateFileA
CreateFileW
CompareStringW
WriteConsoleW
SetStdHandle
SetConsoleCtrlHandler
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileType
SetHandleCount
GetLocaleInfoW
GetTimeZoneInformation
FatalAppExitA
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetConsoleMode
GetConsoleCP
GetStdHandle
ExitProcess
HeapDestroy
DeleteFileW
MoveFileW
WriteFile
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileIntW
ReadFile
InitializeCriticalSection
DeleteCriticalSection
lstrcpyW
LocalFree
GetModuleFileNameW
GetProcessHeap
GetCommandLineW
GetLastError
SetEnvironmentVariableA
HeapFree
InterlockedPushEntrySList
FlushFileBuffers
HeapCreate
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCurrentThread
TlsFree
LCMapStringW
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCPInfo
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
GetDateFormatA
GetTimeFormatA
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
InterlockedExchange
GetStringTypeW
EncodePointer
DecodePointer
RtlUnwind
InterlockedCompareExchange

user32

UnregisterClassA
wsprintfW
CharNextW
GetSysColor
LoadCursorW
PtInRect
GetWindowRect
GetSubMenu
LoadMenuW
LoadIconW
SetCursor
SendMessageW
LoadBitmapW
SetLayeredWindowAttributes
GetWindowLongW
GetClientRect
TrackPopupMenu
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItem
EndDialog
SetWindowLongW
PostThreadMessageW
DialogBoxParamW
DispatchMessageW
TranslateMessage
GetMessageW

gdi32

PaintRgn
FrameRgn
SetTextColor
SetBkColor
GetObjectW
CreateFontIndirectW
CreateSolidBrush
CreateRoundRectRgn

advapi32

RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey

shell32

CommandLineToArgvW

ole32

OleRun
CLSIDFromString
CLSIDFromProgID
CoReleaseServerProcess
CoAddRefServerProcess
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

UnRegisterTypeLi
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
SysStringLen
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SysAllocStringLen
SysFreeString
VariantCopy
VariantClear
SysAllocString
VariantInit
CreateErrorInfo
GetErrorInfo
SetErrorInfo
RegisterTypeLi

secur32

GetUserNameExW

winhttp

WinHttpReceiveResponse
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpGetProxyForUrl
WinHttpCrackUrl
WinHttpConnect
WinHttpOpenRequest
WinHttpSetStatusCallback
WinHttpSendRequest
WinHttpOpen
WinHttpSetOption
WinHttpCloseHandle

Sections

.text
Size: 895KB - Virtual size: 895KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff6de64585fabd347950f29cc86f44dd

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

secur32

winhttp

Sections

.text Size: 895KB - Virtual size: 895KB

.rdata Size: 124KB - Virtual size: 124KB

.data Size: 11KB - Virtual size: 22KB

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 81KB - Virtual size: 80KB

.reloc Size: 29KB - Virtual size: 28KB

.text
Size: 895KB - Virtual size: 895KB

.rdata
Size: 124KB - Virtual size: 124KB

.data
Size: 11KB - Virtual size: 22KB

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 81KB - Virtual size: 80KB

.reloc
Size: 29KB - Virtual size: 28KB