7ba155d45e80e22883ebe969650f08db2d0ead2546aea1a0800188a221c97648

Sharing

Copy URL Twitter E-mail

General

Target

7ba155d45e80e22883ebe969650f08db2d0ead2546aea1a0800188a221c97648
Size

116KB
MD5

5099fb7aea4fc9704c15ae342429e0bf
SHA1

5d0f2c702f68afcbe615707bae8b5964e90d2f45
SHA256

7ba155d45e80e22883ebe969650f08db2d0ead2546aea1a0800188a221c97648
SHA512

8c07f5ecdd46fdb37c5106b67844389569d478fad726fed01434e583f9cd0a10c74f7bcf8ee6d8bb4b9421c0f926d3be16b82e6be0626073ed75fe1654f1f9a2
SSDEEP

1536:q5LtsUrHln80ljKn6qDeUiRHR6kUku/UKnToIflM1dlS:qhtnHln/jKn6qDeU0x6kk/UmTBflSdl

Score

N/A

Malware Config

Signatures

Files

7ba155d45e80e22883ebe969650f08db2d0ead2546aea1a0800188a221c97648
.exe windows x86

f869feefb5ff84ae7085c4cf707bb210

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
FormatMessageA
CreateFileW
WriteFile
SetFilePointer
GetFileSize
lstrcpyA
ReadFile
GetTickCount
GetCurrentProcess
GetLocalTime
GetModuleHandleA
ReadProcessMemory
OpenProcess
GetCurrentThreadId
SetEvent
WaitForSingleObject
CreateThread
CreateEventA
TerminateThread
SetEndOfFile
CreateFileA
DeleteFileA
InterlockedExchange
VirtualFree
VirtualAlloc
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
lstrcmpiA
GetProcAddress
LoadLibraryA
GetVersionExA
GetLogicalDriveStringsA
MultiByteToWideChar
GetCurrentProcessId
ExpandEnvironmentStringsW
GlobalMemoryStatus
GetVersionExW
GetWindowsDirectoryW
GetSystemDirectoryW
GetComputerNameW
GetModuleFileNameW
TerminateProcess
Sleep
CreateProcessA
CopyFileA
GetTempPathA
GetEnvironmentVariableA
CreatePipe
GetVersion
ExpandEnvironmentStringsA
GetCurrentThread
GetModuleFileNameA
lstrlenA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
WideCharToMultiByte
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
FlushFileBuffers
RtlUnwind
LoadLibraryW
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
GetCurrentDirectoryW
SetCurrentDirectoryW
RemoveDirectoryW
MoveFileW
SetFileAttributesW
DeleteFileW
CreateDirectoryW
SetErrorMode
FindFirstFileW
GetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FindClose
lstrcatA
PeekNamedPipe
GetDriveTypeA

user32

mouse_event
SetCursorPos
WindowFromPoint
SetCapture
MapVirtualKeyA
keybd_event
CloseClipboard
SetClipboardData
EmptyClipboard
wsprintfA
GetKeyState
OpenClipboard
GetForegroundWindow
CallNextHookEx
DefWindowProcA
UnhookWindowsHookEx
PostQuitMessage
SetWindowsHookExA
SetTimer
KillTimer
GetWindowThreadProcessId
CloseDesktop
SetThreadDesktop
GetThreadDesktop
OpenInputDesktop
CloseWindowStation
SetProcessWindowStation
GetClipboardData
GetSystemMetrics
SetRect
GetDC
GetDesktopWindow
ReleaseDC
GetUserObjectInformationA
OpenDesktopA
PostMessageA
GetLastInputInfo
GetWindowTextA
BlockInput
GetFocus
GetClassNameA
SendMessageA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
OpenWindowStationA
GetProcessWindowStation
AttachThreadInput

gdi32

CreateCompatibleBitmap
GetDIBits
BitBlt
DeleteDC
DeleteObject
CreateCompatibleDC
SelectObject
CreateDIBSection

advapi32

OpenProcessToken
DuplicateToken
SetThreadToken
RegOpenKeyA
RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey
GetUserNameW
AdjustTokenPrivileges
LookupPrivilegeValueA

shell32

ShellExecuteW

ws2_32

WSAStartup
gethostname
inet_ntoa
ntohs
WSACleanup
getprotobyname
socket
htons
inet_addr
gethostbyname
connect
select
ioctlsocket
recv
send
WSAGetLastError
closesocket

shlwapi

StrStrIA
SHRegGetPathW
SHDeleteKeyA
SHRegGetPathA

psapi

EnumProcessModules
GetModuleFileNameExA

msvcrt

_stricmp

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f869feefb5ff84ae7085c4cf707bb210

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ws2_32

shlwapi

psapi

msvcrt

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 16KB - Virtual size: 21KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 16KB - Virtual size: 21KB