c498d4ca29beb753d2d95e88422ce7fa652aa27c36864a1b4143e782ca5a5112

Sharing

Copy URL Twitter E-mail

General

Target

c498d4ca29beb753d2d95e88422ce7fa652aa27c36864a1b4143e782ca5a5112
Size

218KB
MD5

a5d3be68c79c517424e790fe32e0fd68
SHA1

fcfa55f770648236db774df043a0cdeffac00c3b
SHA256

c498d4ca29beb753d2d95e88422ce7fa652aa27c36864a1b4143e782ca5a5112
SHA512

b6b389ad935504ac18474dd6b483f02fb62d044e86d35fd6fc56d3a2d5c65715ac9e4fd5caf73c464775c19f7406447d4e252fd608b557d657b74cf0ca1127f9
SSDEEP

3072:w9/CuHIA3ETIZqOYNKxWUmuwhNmiMRtg+9Lu8z52yEX514nHxsDPbjqr5LZYfKPF:4hgIZvXmu6b+9Lus58pqHxwbjqlZf

Score

N/A

Malware Config

Signatures

Files

c498d4ca29beb753d2d95e88422ce7fa652aa27c36864a1b4143e782ca5a5112
.exe windows x86

8d8cddf6dd040a79f24f746d8fa8dc8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileW
ObtainUserAgentString
CoInternetSetFeatureEnabled
UrlMkSetSessionOption

user32

SetCursorPos
GetClassNameW
GetCursorPos
DispatchMessageW
GetWindowRect
EnumChildWindows
MoveWindow
GetWindow
DefWindowProcW
CallWindowProcW
SetWindowTextW
SendMessageW
RegisterClassW
ReleaseCapture
CreateWindowExW
EndPaint
IsWindow
ShowWindow
SetWindowPos
GetSysColor
GetDesktopWindow
UnregisterClassA
ClientToScreen
DestroyWindow
GetWindowTextLengthW
DestroyAcceleratorTable
SetTimer
ScreenToClient
GetMessageW
PostQuitMessage
CharNextW
RegisterWindowMessageW
FillRect
IsChild
SetCapture
PostMessageW
KillTimer
GetFocus
GetParent
InvalidateRgn
LoadCursorW
FindWindowW
GetClientRect
CreateAcceleratorTableW
SetFocus
BeginPaint
GetClassInfoExW
GetDC
TranslateMessage
RegisterClassExW
LoadIconW
InvalidateRect
GetWindowLongW
GetWindowTextW
ReleaseDC
GetDlgItem
SetWindowLongW
RedrawWindow

ole32

CoCreateInstance
OleLockRunning
CoUninitialize
CoTaskMemRealloc
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
StringFromGUID2
OleInitialize
OleUninitialize
CoTaskMemFree
CoGetClassObject
CoTaskMemAlloc
CoInitializeEx

oleaut32

LoadRegTypeLi
VarUI4FromStr
OleCreateFontIndirect
SysAllocStringLen
VariantInit
LoadTypeLi
VariantClear
SysStringLen
SysAllocString
SysFreeString

kernel32

InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
QueryPerformanceCounter
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
GetModuleHandleA
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
WriteFile
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
CompareStringA
CompareStringW
TlsGetValue
GlobalAlloc
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
InterlockedCompareExchange
GetProcessHeap
SystemTimeToFileTime
GetCurrentProcess
GetModuleHandleW
WideCharToMultiByte
LoadLibraryW
GetVersionExW
FileTimeToSystemTime
GetModuleFileNameW
GetLastError
GetProcAddress
GetLocalTime
Process32FirstW
Process32NextW
VirtualProtect
CreateToolhelp32Snapshot
CloseHandle
FileTimeToLocalFileTime
OutputDebugStringW
OutputDebugStringA
FindResourceW
FreeLibrary
LoadResource
LoadLibraryExW
InterlockedIncrement
InterlockedDecrement
GlobalLock
GetTickCount
InitializeCriticalSection
SetEnvironmentVariableA
Sleep
SizeofResource
LeaveCriticalSection
MulDiv
lstrcmpW
MultiByteToWideChar
lstrlenW
GlobalUnlock
FlushInstructionCache
RaiseException
SetLastError
EnterCriticalSection
lstrcmpiW
DeleteCriticalSection
GetCurrentThreadId
DeleteFileW
HeapFree

advapi32

OpenEventLogW
RegQueryValueExW
ReadEventLogW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
CloseEventLog
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegCreateKeyExW

shell32

ShellExecuteW

shlwapi

StrStrIA
SHDeleteKeyW

gdi32

CreateSolidBrush
GetObjectW
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
DeleteObject
GetDeviceCaps
DeleteDC
BitBlt
GetStockObject

wininet

FindCloseUrlCache
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryW
DeleteUrlCacheEntryW

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d8cddf6dd040a79f24f746d8fa8dc8f

Headers

DLL Characteristics

File Characteristics

Imports

urlmon

user32

ole32

oleaut32

kernel32

advapi32

shell32

shlwapi

gdi32

wininet

Sections

.text Size: 157KB - Virtual size: 157KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 760B

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 157KB - Virtual size: 157KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 760B

.reloc
Size: 14KB - Virtual size: 13KB