642ebbd5a3f5129c0d8f26fb28aa9afb29625b9ffd8c42466cc803a6ee47e810

Sharing

Copy URL

Twitter E-mail

General

Target

642ebbd5a3f5129c0d8f26fb28aa9afb29625b9ffd8c42466cc803a6ee47e810
Size

744KB
MD5

e10fe98b71c79756aeee31bd560f0922
SHA1

c00ce26d08425c781d8db945c648842f6eac460c
SHA256

642ebbd5a3f5129c0d8f26fb28aa9afb29625b9ffd8c42466cc803a6ee47e810
SHA512

948ae26643bc75168c2321a86c1e4390a6c39ef7b2a12ff8a9b72dd36f1156575205125cf469c997a6e7a4e77be703732ffda4acbd3d3d2cf78b09daca804735
SSDEEP

12288:NLFAU1eaiTfHrEl1TanKJj4Iu1GEUbS3qaEahHSaILtEglZFxj+xmVm:NK4iTfrU1Tb4x8S3iadSnmglRj+Em

Score

N/A

Malware Config

Signatures

Files

642ebbd5a3f5129c0d8f26fb28aa9afb29625b9ffd8c42466cc803a6ee47e810
.exe windows x86

02a8e597735f18a942316b7f1d7ad81f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
EnterCriticalSection
CompareStringA
MultiByteToWideChar
TerminateProcess
GetCurrentThreadId
GetCurrentDirectoryW
GetStringTypeA
UnhandledExceptionFilter
GetCurrentProcess
DeleteCriticalSection
OpenSemaphoreW
CreateFileW
TlsSetValue
LoadLibraryA
GetSystemTime
CreateDirectoryW
VirtualQuery
QueryPerformanceCounter
GetStringTypeW
OutputDebugStringW
GetTimeZoneInformation
LCMapStringW
GetStartupInfoW
CloseHandle
IsBadWritePtr
HeapFree
IsDebuggerPresent
TlsAlloc
SetFileAttributesA
OpenMutexW
InterlockedIncrement
GetProcAddress
SystemTimeToFileTime
lstrcpyA
GetStdHandle
VirtualFree
SetEnvironmentVariableA
SetHandleCount
GetVersion
VirtualQueryEx
HeapReAlloc
ReadConsoleOutputCharacterA
VirtualAlloc
InterlockedDecrement
InitializeCriticalSection
GetCPInfo
GetStartupInfoA
GetTempFileNameW
FreeEnvironmentStringsA
FlushFileBuffers
HeapCreate
RtlUnwind
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
ReadConsoleInputA
CreateMutexA
GetFileSize
InterlockedExchange
SetLastError
SleepEx
GetPrivateProfileStringA
GetSystemTimeAsFileTime
LCMapStringA
GetTickCount
CompareStringW
GetNumberFormatA
GetFileType
VirtualUnlock
GetLocalTime
GetCurrentProcessId
FreeEnvironmentStringsW
GetCommandLineW
GetEnvironmentStrings
SetFilePointer
TlsGetValue
GetCommandLineA
GetCurrentThread
HeapDestroy
GetStringTypeExW
HeapAlloc
GetLastError
GetEnvironmentStringsW
ExitProcess
GetModuleFileNameW
WriteConsoleOutputCharacterA
WriteFile
ReadFile
OpenMutexA
SetStdHandle
LeaveCriticalSection
TlsFree

gdi32

WidenPath
SetPaletteEntries
CreatePalette
GetDIBColorTable
GdiPlayDCScript
CreateBrushIndirect
CheckColorsInGamut
GetObjectW
StartDocW
CreateCompatibleDC
GetMetaFileBitsEx
RectVisible
GetTextExtentPoint32W
OffsetRgn
DPtoLP

comctl32

CreatePropertySheetPage
ImageList_LoadImageA
ImageList_SetDragCursorImage
ImageList_Destroy
ImageList_GetFlags
ImageList_SetFilter
ImageList_Replace
ImageList_DragEnter
ImageList_SetIconSize
ImageList_EndDrag
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_ReplaceIcon
CreateToolbar
DrawStatusTextA
InitCommonControlsEx
ImageList_AddIcon

user32

EnumWindowStationsW
CheckDlgButton
DestroyCursor
SetMenuItemBitmaps
CascadeWindows
LoadCursorW
DispatchMessageA
OpenIcon
VkKeyScanExW
ChangeMenuA
EnumPropsA
EnumPropsExA
GetDlgItemTextA
ArrangeIconicWindows
PostMessageW
DdeCreateStringHandleA
DestroyIcon
GetDC
GetSubMenu
SendMessageTimeoutA
EmptyClipboard
IsRectEmpty
PtInRect
GetNextDlgTabItem
SetWinEventHook
CharToOemW
GetMenuContextHelpId
GetWindowPlacement
BeginDeferWindowPos
GetUpdateRgn
DlgDirSelectComboBoxExA
SetShellWindow
LoadMenuIndirectA
PeekMessageA
OpenDesktopW
GetWindowInfo
VkKeyScanA
DdeImpersonateClient
SetDlgItemTextA
SetScrollInfo
GetTabbedTextExtentA
MapWindowPoints
GetKeyboardLayoutList
IsDialogMessage
EnumWindows
SetProcessDefaultLayout
GetUserObjectSecurity
RemovePropW
MenuItemFromPoint
UnloadKeyboardLayout
RegisterClassA
GetClassNameW
CreateDesktopW
RegisterClassExA
SetMessageExtraInfo
InternalGetWindowText
FlashWindowEx
CreateCursor
RegisterWindowMessageA
DrawCaption
SetRect
CharLowerBuffW
GetForegroundWindow
MessageBoxW

shell32

SHBrowseForFolderA
SheSetCurDrive
SHGetDesktopFolder

advapi32

ReportEventA
RegDeleteValueA
CryptGenRandom
CryptDestroyHash
CreateServiceA
RegNotifyChangeKeyValue
CryptSetProviderExA
InitializeSecurityDescriptor
RegQueryInfoKeyW
LookupSecurityDescriptorPartsA
CryptAcquireContextW
CryptHashSessionKey
RegQueryMultipleValuesW
LookupPrivilegeNameW
InitiateSystemShutdownW
RegSetValueExA

comdlg32

PrintDlgA

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02a8e597735f18a942316b7f1d7ad81f

Headers

File Characteristics

Imports

kernel32

gdi32

comctl32

user32

shell32

advapi32

comdlg32

Sections

.text Size: 140KB - Virtual size: 136KB

.rdata Size: 404KB - Virtual size: 400KB

.data Size: 136KB - Virtual size: 146KB

.rsrc Size: 60KB - Virtual size: 56KB

.text
Size: 140KB - Virtual size: 136KB

.rdata
Size: 404KB - Virtual size: 400KB

.data
Size: 136KB - Virtual size: 146KB

.rsrc
Size: 60KB - Virtual size: 56KB