5a1e236e2156e832f954701773cc38b35ab417aa28192f5a8de976444593cd29

Sharing

Copy URL Twitter E-mail

General

Target

5a1e236e2156e832f954701773cc38b35ab417aa28192f5a8de976444593cd29
Size

768KB
MD5

99f78e9f03d234ad20637a04aac2a310
SHA1

c604905af641a143b4bad4fd9f8a10a63f9cc59e
SHA256

5a1e236e2156e832f954701773cc38b35ab417aa28192f5a8de976444593cd29
SHA512

561a4adf519b78b3b8f46f72a81ea44484a9dce4fce2a1f0677089608de05ddced77ea532c01db0b5f10dc51ca199e198a6a860f0d2ebf097ce693b0cffca655
SSDEEP

12288:TKW13cVXKUdW/JtUEIAl3Q1cJ9AvgvCPWdQRPFNrBq49Jzreq7:OW13cVK/JtEAl3McUgakQRPFNrBjHfeW

Score

N/A

Malware Config

Signatures

Files

5a1e236e2156e832f954701773cc38b35ab417aa28192f5a8de976444593cd29
.exe windows x86

5b9ae75471835d014d714b46e53854a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHQueryRecycleBinW
ExtractIconExW
SHGetDesktopFolder
SHGetPathFromIDList

kernel32

GetModuleFileNameA
GetLocaleInfoA
WriteFile
InterlockedIncrement
GetCommandLineA
SetConsoleCtrlHandler
HeapFree
GetDiskFreeSpaceA
GetStartupInfoA
HeapSize
LCMapStringA
GetModuleHandleA
CompareStringW
ReadConsoleOutputA
DuplicateHandle
CreateSemaphoreW
lstrlenW
SetLocaleInfoA
GetTimeFormatA
VirtualUnlock
SleepEx
WriteConsoleInputW
SetFilePointer
GlobalHandle
GetCompressedFileSizeW
LeaveCriticalSection
LocalFlags
EnterCriticalSection
CreateDirectoryA
LockResource
GetDateFormatA
DebugBreak
GetPrivateProfileStringW
SetLocalTime
GetCurrentDirectoryA
RtlUnwind
FlushFileBuffers
InterlockedExchange
GetProcAddress
GetSystemTimeAsFileTime
SetLastError
CreateSemaphoreA
IsDebuggerPresent
SetStdHandle
LoadLibraryA
FindResourceA
ExpandEnvironmentStringsW
SetConsoleActiveScreenBuffer
GetStringTypeExW
LocalAlloc
GetEnvironmentStringsW
VirtualQuery
GetModuleFileNameW
GetCommandLineW
Sleep
GetStdHandle
TlsAlloc
CreateMutexA
HeapDestroy
TlsFree
InitializeCriticalSectionAndSpinCount
GetProfileStringW
SetThreadAffinityMask
MoveFileExA
DeleteCriticalSection
TlsGetValue
GetACP
GetConsoleMode
EnumSystemLocalesA
CreateEventW
HeapReAlloc
GetTimeZoneInformation
GetAtomNameW
ReadFileEx
CreateFileA
SetUnhandledExceptionFilter
GetOEMCP
GetThreadContext
DeleteAtom
EnumResourceNamesA
HeapAlloc
GetConsoleCP
GetStringTypeW
lstrcmpiW
LocalReAlloc
SetEvent
ReadFile
IsValidLocale
LocalHandle
GetCurrentThread
GlobalFix
GetConsoleOutputCP
InterlockedDecrement
MultiByteToWideChar
GetConsoleCursorInfo
GetCurrencyFormatA
FillConsoleOutputCharacterW
QueryPerformanceCounter
TerminateProcess
IsValidCodePage
CopyFileExA
GetStringTypeA
GetCurrentProcess
RemoveDirectoryW
GetLocaleInfoW
GetStartupInfoW
GetFileType
GlobalFlags
GetCurrentThreadId
SetTimeZoneInformation
GetLastError
TlsSetValue
GetModuleHandleW
WriteConsoleA
GetProcessAffinityMask
VirtualFree
WideCharToMultiByte
WritePrivateProfileStructA
LCMapStringW
FreeLibrary
GetUserDefaultLCID
CompareStringA
GetTickCount
lstrlen
GetCurrentProcessId
VirtualAlloc
GetDateFormatW
GetDiskFreeSpaceExW
GetCPInfo
ExitProcess
WriteConsoleW
GetSystemInfo
UnhandledExceptionFilter
SetEnvironmentVariableA
ReleaseMutex
GetLogicalDriveStringsA
FreeEnvironmentStringsW
CloseHandle
GlobalUnfix
HeapCreate
OpenProcess
OpenMutexA
SetHandleCount
EnumTimeFormatsW

comctl32

CreateStatusWindow
CreateUpDownControl
MakeDragList
ImageList_LoadImageA
ImageList_SetFlags
_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIcon
ImageList_Remove
CreateToolbar
ImageList_LoadImageW
ImageList_Add
InitMUILanguage
DestroyPropertySheetPage
ImageList_SetFilter
ImageList_Copy
CreateStatusWindowA
ImageList_GetImageCount
ImageList_Create
DrawInsert
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_SetOverlayImage
GetEffectiveClientRect
CreateStatusWindowW

advapi32

RegSetKeySecurity
CryptGetDefaultProviderW
CryptDecrypt
RegSetValueExA
LookupSecurityDescriptorPartsA
LookupAccountSidW
CryptSignHashW
RegQueryInfoKeyA
InitiateSystemShutdownW
RegQueryMultipleValuesW
RegOpenKeyExW
CryptSetKeyParam
RegEnumKeyW
GetUserNameW
LookupPrivilegeDisplayNameA
CryptGenRandom
CryptGetProvParam
RegEnumValueA

wininet

InternetGoOnline

user32

EnumDisplaySettingsExA
CreateWindowExA
InflateRect
MessageBoxW
GetThreadDesktop
SetMessageExtraInfo
AttachThreadInput
DestroyWindow
GetMenuStringW
VkKeyScanExW
RegisterClassA
RedrawWindow
CreateMDIWindowW
DdeAddData
ShowWindow
UnhookWindowsHook
SetScrollRange
SetClassLongA
wsprintfW
RegisterClassExA
CreateWindowStationA
DefWindowProcA

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b9ae75471835d014d714b46e53854a6

Headers

File Characteristics

Imports

shell32

kernel32

comctl32

advapi32

wininet

user32

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 404KB - Virtual size: 401KB

.data Size: 140KB - Virtual size: 153KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 404KB - Virtual size: 401KB

.data
Size: 140KB - Virtual size: 153KB

.rsrc
Size: 36KB - Virtual size: 34KB