3d9b8b29b63a780e8dbc3149c815bb9ffc93332d8a01522e42ec8ce47a31cc77

Sharing

Copy URL Twitter E-mail

General

Target

3d9b8b29b63a780e8dbc3149c815bb9ffc93332d8a01522e42ec8ce47a31cc77
Size

322KB
MD5

4d3bc7ea121eb2540077797da45ebe9e
SHA1

21bb484ab7251a7a73085aa3aa10bc3caef79870
SHA256

3d9b8b29b63a780e8dbc3149c815bb9ffc93332d8a01522e42ec8ce47a31cc77
SHA512

361d47380614241554256ab06bf5b5f413aa77c2521560741333e5a8c8023271ff8124702170eb0a4e2c70f86ce8092bbddd157f80ad440726ab41936025e600
SSDEEP

6144:GRcMrCXi4Mlx47HcSpSw+6pb+WDgofcqjK8p2MpKcEkpjJbA:GO8CXiFlaNgwRpbpUScqlpPwcTJ

Score

N/A

Malware Config

Signatures

Files

3d9b8b29b63a780e8dbc3149c815bb9ffc93332d8a01522e42ec8ce47a31cc77
.exe windows x86

2c34f4a1b19a38968063eea4c62dfc0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
MapVirtualKeyW
RegisterClassA
OemKeyScan
AnyPopup
FindWindowExA
HideCaret
GetClientRect
DdeNameService
GetWindowModuleFileNameW
TileWindows
MsgWaitForMultipleObjects
EnumPropsA
InSendMessage
DdeFreeStringHandle
LoadKeyboardLayoutW
FindWindowExW
GetWindowDC
DdeDisconnectList
SetWindowTextA
GetDlgCtrlID
SetLastErrorEx
MonitorFromPoint
ToAscii
LoadKeyboardLayoutA
DragObject
SendIMEMessageExA
KillTimer
EqualRect
GetPropW
GetMenuItemID

wininet

SetUrlCacheConfigInfoA
RegisterUrlCacheNotification
InternetWriteFileExA
IncrementUrlCacheHeaderData
InternetOpenUrlA
InternetCreateUrlA

gdi32

GetDeviceCaps
EndPath
PolyDraw
CreateDCW
CreateHatchBrush
GetLogColorSpaceW
DeleteDC
SelectPalette
GetTextMetricsW
GetLogColorSpaceA
RestoreDC
GetPixel
MaskBlt
EnableEUDC
GetObjectA
DeleteObject
GetColorSpace
GetWinMetaFileBits
DrawEscape
GetFontLanguageInfo

comctl32

CreatePropertySheetPageW
ImageList_Replace
ImageList_GetImageCount
ImageList_GetFlags
ImageList_Draw
ImageList_Copy
InitCommonControlsEx
DrawInsert

kernel32

CreateWaitableTimerW
TlsFree
ReadFile
SetCriticalSectionSpinCount
GetPrivateProfileStringA
HeapSize
CompareStringW
LoadLibraryA
LeaveCriticalSection
TlsGetValue
TlsAlloc
HeapFree
CompareStringA
GetLocaleInfoA
GlobalAlloc
MoveFileExW
MultiByteToWideChar
ExitThread
lstrcmpiA
GetCurrentProcessId
LCMapStringA
GetPrivateProfileStructA
GetUserDefaultLCID
GetOEMCP
GetProcAddress
GetStartupInfoA
RemoveDirectoryW
EnumCalendarInfoExA
FlushFileBuffers
GetLastError
GetCurrentThreadId
MapViewOfFile
GetLocaleInfoW
LocalUnlock
CreateNamedPipeW
lstrlen
VirtualFree
TlsSetValue
SetComputerNameA
SetEndOfFile
FindResourceExA
SetHandleCount
EnumDateFormatsExW
GetNumberFormatW
WaitForSingleObject
GetSystemDirectoryA
GetTimeZoneInformation
FindNextFileW
GetEnvironmentStrings
lstrcmpiW
ExitProcess
UnhandledExceptionFilter
OpenMutexA
GetCurrencyFormatW
FreeEnvironmentStringsA
EnumResourceNamesW
FillConsoleOutputCharacterW
WaitCommEvent
WritePrivateProfileStructW
DeleteCriticalSection
SetConsoleCtrlHandler
WriteConsoleOutputW
GetCurrentThread
GetSystemInfo
SystemTimeToFileTime
IsValidCodePage
WriteConsoleInputW
VirtualProtect
InitializeCriticalSection
VirtualLock
CreateFileA
HeapAlloc
EnterCriticalSection
VirtualFreeEx
GetStringTypeW
GetCurrentDirectoryA
QueryPerformanceCounter
GetVersionExA
CreateMutexA
CloseHandle
GetPriorityClass
SetCurrentDirectoryW
GetDateFormatA
GetModuleFileNameA
GetCommandLineA
GetProcAddress
WriteFile
GetStringTypeA
GetCPInfo
GetProfileSectionW
GetFileType
WritePrivateProfileStructA
GetStdHandle
HeapReAlloc
GetTimeFormatW
FreeEnvironmentStringsW
GetProfileIntA
GetTickCount
SetEnvironmentVariableA
SetStdHandle
IsBadWritePtr
GetACP
RtlUnwind
VirtualQuery
LockFile
SetPriorityClass
SetThreadContext
IsValidLocale
GetCurrentProcess
lstrcmpi
HeapCreate
SetFilePointer
AddAtomA
EnumSystemLocalesA
SetLastError
VirtualQueryEx
GetSystemTimeAsFileTime
TerminateProcess
DuplicateHandle
GetEnvironmentStringsW
GetTimeFormatA
WideCharToMultiByte
GetDiskFreeSpaceExA
ReadConsoleOutputCharacterA
InterlockedExchange
GetModuleHandleA
VirtualAlloc
FindNextChangeNotification
LCMapStringW
TransmitCommChar
FreeLibraryAndExitThread
HeapDestroy
OpenProcess

comdlg32

ReplaceTextW

advapi32

RegQueryInfoKeyW
RegQueryMultipleValuesW
RegDeleteValueW
CryptEnumProvidersW
RegSetValueExA
RegEnumKeyW
RegCreateKeyExA
GetUserNameW
LogonUserW
InitiateSystemShutdownA
CryptSetProviderW
CryptCreateHash
CryptGetHashParam
CreateServiceW
LookupAccountSidW
CryptSetProviderA

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c34f4a1b19a38968063eea4c62dfc0e

Headers

File Characteristics

Imports

user32

wininet

gdi32

comctl32

kernel32

comdlg32

advapi32

Sections

.text Size: 141KB - Virtual size: 140KB

.rdata Size: 73KB - Virtual size: 73KB

.data Size: 92KB - Virtual size: 114KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 141KB - Virtual size: 140KB

.rdata
Size: 73KB - Virtual size: 73KB

.data
Size: 92KB - Virtual size: 114KB

.rsrc
Size: 14KB - Virtual size: 13KB