fda05a8df06da990e1376f211c649d266a4e359cee775b9cb5f923b47e8ff7c4

Sharing

Copy URL Twitter E-mail

General

Target

fda05a8df06da990e1376f211c649d266a4e359cee775b9cb5f923b47e8ff7c4
Size

380KB
MD5

99f7e3565b918d7e42a426e6b144ba6c
SHA1

640e16328e04ff51225d0e4be2f7eacf3490c4a2
SHA256

fda05a8df06da990e1376f211c649d266a4e359cee775b9cb5f923b47e8ff7c4
SHA512

ca49a8665b4d385866ea8e1c8e3e9f6ce65f1df1a673446d3c8ba152c3f763f416c1d651f680178042dd62e7c8f3152a28c263a866d858355e0d7bad49bcf666
SSDEEP

6144:9L0dHppqO/qGppO7xbP3gYstEeY8VXthPCxkm0VXX92LOhE9APd7jMAvhwmGT:9LkHpYtGppYxUYoEedVXOxkm0Vgh9I5u

Score

N/A

Malware Config

Signatures

Files

fda05a8df06da990e1376f211c649d266a4e359cee775b9cb5f923b47e8ff7c4
.exe windows x86

d9b8289ab4e405ed6e7d30d60defd79e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgA
GetOpenFileNameW
ReplaceTextA
FindTextW

user32

InSendMessageEx
CopyIcon
RemovePropA
RegisterClassA
PostMessageW
SetWindowRgn
DefWindowProcA
GetClipboardFormatNameA
GetClassWord
GetForegroundWindow
GetWindowRgn
SetMenuContextHelpId
UnhookWinEvent
ClipCursor
IsCharUpperA
AnyPopup
EnumThreadWindows
GetTopWindow
OemKeyScan
EmptyClipboard
DispatchMessageA
CharUpperW
GetMenuStringA
GetMenuContextHelpId
DdeInitializeA
CreateDesktopA
SetMenuInfo
DefDlgProcA
GetMonitorInfoA
SetMenuItemInfoW
GetKeyboardLayoutNameA
WaitForInputIdle
FlashWindow
RegisterClassExA
GetCursorPos
DrawTextExW
GetUserObjectInformationW
GetAsyncKeyState
EnumWindowStationsW
KillTimer
CharUpperBuffW
ToAsciiEx
CreateIcon
DefDlgProcW
SetWindowTextA
AdjustWindowRectEx
EnumClipboardFormats
GetAltTabInfo
SetClassLongW
SetClassLongA
DrawFocusRect
ShowCursor
SendMessageTimeoutA
IsCharUpperW
BroadcastSystemMessageA
LoadMenuA
BeginDeferWindowPos

comctl32

ImageList_Create
ImageList_SetFlags
ImageList_SetFilter
ImageList_BeginDrag
CreatePropertySheetPageW
ImageList_SetOverlayImage
ImageList_SetImageCount
InitCommonControlsEx
ImageList_DragMove
ImageList_GetIconSize
CreateToolbarEx
ImageList_Draw

kernel32

ExitProcess
GetAtomNameW
LocalCompact
GetPrivateProfileSectionNamesW
EnterCriticalSection
GetStringTypeA
GetCalendarInfoW
GetCommandLineW
ResumeThread
SetEnvironmentVariableA
LCMapStringW
GetModuleFileNameA
GetEnvironmentStrings
TlsAlloc
InterlockedExchange
HeapAlloc
IsValidCodePage
VirtualAlloc
LoadLibraryA
GetUserDefaultLCID
SetVolumeLabelW
GetComputerNameA
GetACP
HeapFree
GetCurrentThreadId
OpenEventW
GetFileAttributesExA
InitializeCriticalSection
HeapSize
TlsSetValue
GetOEMCP
TerminateThread
GetLocaleInfoW
GetEnvironmentVariableA
RtlFillMemory
SleepEx
SetConsoleScreenBufferSize
SetCurrentDirectoryA
FindFirstFileExW
SetHandleCount
SetFilePointer
GetPrivateProfileSectionW
GetProcessHeap
GetConsoleCP
GetCurrentProcessId
InterlockedIncrement
LoadLibraryW
ExpandEnvironmentStringsA
IsValidLocale
FreeLibrary
WriteFile
GetStartupInfoA
FreeEnvironmentStringsW
GetConsoleMode
LCMapStringA
GetTickCount
ReadFile
GetTimeFormatA
FoldStringW
GetCurrentThread
Sleep
IsDebuggerPresent
GetCommandLineA
VirtualQuery
SetLastError
TerminateProcess
SetCurrentDirectoryW
UnhandledExceptionFilter
CloseHandle
GetCurrentProcess
GetModuleFileNameW
HeapCreate
IsBadReadPtr
GlobalUnlock
WritePrivateProfileStructA
WriteConsoleW
QueryPerformanceCounter
GetEnvironmentStringsW
CompareStringA
GetStdHandle
CreateMailslotW
GetShortPathNameW
GetCurrencyFormatA
GetCPInfo
SetStdHandle
GlobalSize
CreateWaitableTimerA
GetStartupInfoW
GetStringTypeExW
GetTimeZoneInformation
GetLocaleInfoA
SetComputerNameW
FlushFileBuffers
MultiByteToWideChar
RtlUnwind
GetStringTypeW
DeleteFileW
LocalLock
GetVolumeInformationW
GetModuleHandleA
EnumCalendarInfoW
GetProcAddress
SetTimeZoneInformation
WriteConsoleA
TlsGetValue
CreateFileA
VirtualFree
DeleteCriticalSection
GetMailslotInfo
GetFileType
IsBadWritePtr
GetExitCodeProcess
HeapDestroy
CompareStringW
HeapReAlloc
TlsFree
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
WritePrivateProfileStructW
GlobalAddAtomW
GetLastError
EnumSystemLocalesA
DosDateTimeToFileTime
InterlockedDecrement
CreateFileMappingW
GetPrivateProfileStringA
CreateMutexA
WideCharToMultiByte
GetVersionExA
GetDateFormatA
SetUnhandledExceptionFilter
GetConsoleOutputCP
SetConsoleCP
RemoveDirectoryA
EnumTimeFormatsW
LeaveCriticalSection
lstrcmpi
OpenMutexA
GetSystemDirectoryA

advapi32

CreateServiceA
CryptImportKey
RegNotifyChangeKeyValue
RegDeleteKeyA
RegQueryValueExW
InitiateSystemShutdownA
CryptGetHashParam
RegSetValueA
RegOpenKeyExA
RegSetValueExA
StartServiceA
CryptGetDefaultProviderW
CryptEnumProviderTypesA
RegSetValueW
CryptDestroyHash

wininet

FtpGetCurrentDirectoryW

shell32

SHBrowseForFolder
ShellExecuteA

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9b8289ab4e405ed6e7d30d60defd79e

Headers

File Characteristics

Imports

comdlg32

user32

comctl32

kernel32

advapi32

wininet

shell32

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 96KB - Virtual size: 124KB

.rsrc Size: 64KB - Virtual size: 61KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 96KB - Virtual size: 124KB

.rsrc
Size: 64KB - Virtual size: 61KB