a93807d9602042c4ba538ee52569f981fccc6ecaa157f246928c0c17b09ab910

Sharing

Copy URL Twitter E-mail

General

Target

a93807d9602042c4ba538ee52569f981fccc6ecaa157f246928c0c17b09ab910
Size

696KB
MD5

8a1c2027e131a62bf80d9fc1046bd943
SHA1

e59e0cd469235c4849f00c57bc36efbdec2ca252
SHA256

a93807d9602042c4ba538ee52569f981fccc6ecaa157f246928c0c17b09ab910
SHA512

db6e475ed9672a0bee25b216f2444f5c56eb6845e8dbb523958e85c885ee463dbdc47aba646aa8ebeb84abe2f5487afbdbc0de5228703c32ffbe67cd20e095f1
SSDEEP

12288:dW+VLSGB5/mMVMsAyLK+nOb9nMFvbEza6/Wz/rwkyAk:dVGGBFKdRMmOkWzTwkyV

Score

N/A

Malware Config

Signatures

Files

a93807d9602042c4ba538ee52569f981fccc6ecaa157f246928c0c17b09ab910
.exe windows x86

6a8b01f5e113c51bf830d8697e03f5a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

GopherCreateLocatorA
UnlockUrlCacheEntryFileA
ResumeSuspendedDownload

shell32

DragAcceptFiles

user32

GetWindowWord
SetSysColors
SetUserObjectInformationW
GetPropW
MapWindowPoints
DefDlgProcA
CharToOemW
RegisterClipboardFormatA
DdeCreateDataHandle
GetNextDlgTabItem
EqualRect
PostThreadMessageW
CreateWindowExW
DdeQueryStringA
SendIMEMessageExA
DefWindowProcW
SetThreadDesktop
CallMsgFilterA
GetClassNameA
DrawTextExW
OemToCharBuffA
ShowWindow
RegisterClassA
GetMessageTime
GetMenuStringA
GetMenuItemCount
RegisterClassExA
DestroyWindow
GetDoubleClickTime
CheckDlgButton
FlashWindow
OemToCharA
GetThreadDesktop
CheckRadioButton
DlgDirListA
GetCursor
SetRect
SetFocus
OpenWindowStationA
WINNLSEnableIME
CloseWindowStation
MessageBeep
GetKeyboardLayoutNameW
DeleteMenu
DdeGetData
GetSystemMenu
TranslateAcceleratorA
GetMenuItemInfoA
GetMessageA
MapVirtualKeyExW
CharUpperA
InvalidateRgn
SetWindowWord
EndDeferWindowPos
DdeClientTransaction
SetScrollPos
FindWindowExW
DlgDirSelectComboBoxExW
FreeDDElParam
IsCharUpperA
TranslateAcceleratorW
LoadStringA
AttachThreadInput
ArrangeIconicWindows
MessageBoxW
LoadCursorA
GetClassLongA
CharLowerBuffW
SendMessageW
PtInRect
GetNextDlgGroupItem

kernel32

LeaveCriticalSection
HeapCreate
GetTimeZoneInformation
SetEvent
WaitForMultipleObjectsEx
WriteConsoleOutputCharacterA
GetTickCount
TlsSetValue
lstrcpy
TlsAlloc
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetCurrentThreadId
FreeEnvironmentStringsW
SetCurrentDirectoryA
GetVersion
VirtualAlloc
ReadFile
WriteProfileSectionA
RtlUnwind
ExitProcess
GetModuleHandleW
GetProcessHeap
LCMapStringA
HeapValidate
GetVolumeInformationA
GetProfileStringW
GetCPInfo
CreateMutexA
GetStdHandle
GetEnvironmentStringsW
lstrcmp
SetLastError
SetHandleCount
IsBadWritePtr
GetCommandLineA
GetFileType
lstrcmpA
GetModuleHandleA
OpenFileMappingW
SetConsoleCursorInfo
CreateThread
LoadLibraryA
CopyFileExA
InterlockedDecrement
WaitForSingleObjectEx
LockResource
HeapAlloc
GlobalFlags
FreeEnvironmentStringsA
GetProcAddress
GetLastError
GetAtomNameW
GetComputerNameA
IsBadReadPtr
WritePrivateProfileStringA
GetOEMCP
GlobalFree
GetEnvironmentStrings
GetLocalTime
SetEnvironmentVariableA
CreateFileMappingW
SetSystemTime
WriteConsoleOutputAttribute
SetEnvironmentVariableW
CompareStringW
GetSystemDefaultLCID
GetDiskFreeSpaceA
DebugBreak
EnumResourceLanguagesA
CreateDirectoryW
OpenMutexW
MoveFileA
GetCurrentProcess
GetModuleFileNameA
CreateEventA
EnumTimeFormatsA
MultiByteToWideChar
GlobalAddAtomW
GetStringTypeA
GetStartupInfoA
SetStdHandle
FlushFileBuffers
GetFileAttributesExW
InterlockedExchange
GetEnvironmentVariableA
CreateEventW
FindNextChangeNotification
InitializeCriticalSection
GetLocaleInfoW
HeapReAlloc
OpenMutexA
GetConsoleTitleW
WideCharToMultiByte
GetLongPathNameW
GetACP
VirtualFree
GetDriveTypeA
WriteFile
LCMapStringW
GetCurrentProcessId
TerminateProcess
VirtualQuery
CloseHandle
SetFilePointer
GlobalSize
DeleteCriticalSection
CompareStringA
lstrcpynW
GetStringTypeW
GetProfileStringA
LoadLibraryW
HeapFree
UnhandledExceptionFilter
FlushInstructionCache
WritePrivateProfileSectionW
QueryPerformanceCounter
SetThreadAffinityMask
HeapDestroy
EnterCriticalSection
EnumCalendarInfoExA
GetMailslotInfo
GetSystemTime
WriteConsoleW
InterlockedIncrement
GetThreadTimes
VirtualProtect
GlobalLock
TlsGetValue
TlsFree
lstrcpyA
RtlMoveMemory
CreateToolhelp32Snapshot
CreateFileW
ReleaseMutex
GlobalGetAtomNameA
GetCurrentThread

comctl32

ImageList_Destroy
InitCommonControlsEx
ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_Copy
ImageList_Read
GetEffectiveClientRect
ImageList_DragLeave
ImageList_Write
CreatePropertySheetPageW
ImageList_Replace
CreateToolbarEx

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a8b01f5e113c51bf830d8697e03f5a7

Headers

File Characteristics

Imports

wininet

shell32

user32

kernel32

comctl32

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 452KB - Virtual size: 451KB

.data Size: 136KB - Virtual size: 152KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 452KB - Virtual size: 451KB

.data
Size: 136KB - Virtual size: 152KB

.rsrc
Size: 24KB - Virtual size: 23KB