09db115d572919ee4b58bb38d1d4d299ea0723626945b6b30623514a1dae35f0

Sharing

Copy URL Twitter E-mail

General

Target

09db115d572919ee4b58bb38d1d4d299ea0723626945b6b30623514a1dae35f0
Size

254KB
MD5

191fadbedae3de3200ffd7f7de4f03ab
SHA1

006dbde0ce5f48fbd217d94009e5a5db6a246a55
SHA256

09db115d572919ee4b58bb38d1d4d299ea0723626945b6b30623514a1dae35f0
SHA512

6d46f29762998e94cb8533b0cc3659cb1040ec5d1ede8c5050d6304f403d2eb527e40d8a5d8af42a1b917fbbe5949b52f5ed8909c9a2733b2a4b067fa80cec3b
SSDEEP

6144:dKkUyjS3prAbWIdMUy+HMEhNFjPLgwJvciRo8:dBzQ0bWIdMaMENgwJ9o8

Score

N/A

Malware Config

Signatures

Files

09db115d572919ee4b58bb38d1d4d299ea0723626945b6b30623514a1dae35f0
.exe windows x86

31616202fe418dfabe04260f4ca9c45a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripToRootW
StrChrW
SHDeleteValueW
PathFindExtensionW
PathRemoveBackslashW
PathIsUNCW
PathCreateFromUrlW
UrlUnescapeW
PathAppendA
SHGetValueW
StrStrIW
PathFindFileNameW
UrlCanonicalizeW
StrToIntW
StrCatW
wnsprintfA
StrCpyNW
PathFileExistsW
StrTrimW
PathRemoveFileSpecA
PathIsRelativeW
PathAppendW
PathFindExtensionA
StrCatBuffW
PathCombineW
StrDupW
PathSkipRootW
StrCmpIW
PathIsDirectoryW
StrRetToBufW
SHDeleteKeyA
StrCmpNW
PathIsRootW
StrChrIW
SHStrDupW
StrCmpNIW
PathAddBackslashW
SHSetValueW

msvcrt

setlocale
_controlfp
_fileno
_snprintf
memset
srand
?terminate@@YAXXZ
__set_app_type
__p__fmode
free
__initenv
_vsnprintf
__p__commode
wcstok
wcsstr
__setusermatherr
_snwprintf
ceil

ole32

OleSaveToStream
CoTaskMemFree
OleUninitialize
CreateStreamOnHGlobal
GetHGlobalFromStream
ReadOleStg
CoTaskMemRealloc
WriteClassStm
CoUninitialize
CreateDataAdviseHolder
CoRegisterClassObject
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
PropVariantCopy
ProgIDFromCLSID
CoMarshalInterThreadInterfaceInStream
CoGetMalloc
GetRunningObjectTable
CoInitializeSecurity
CoImpersonateClient
CoReleaseMarshalData
CLSIDFromString

advapi32

RegFlushKey
RegEnumKeyExW
GetLengthSid
RegEnumValueA
SetNamedSecurityInfoW
GetUserNameA
GetTokenInformation
GetUserNameW
OpenThreadToken
AdjustTokenPrivileges
RevertToSelf
RegOpenKeyW
RegCreateKeyA
QueryServiceConfigW
RegSetValueExA
LsaQueryInformationPolicy
SetFileSecurityW
CryptGenRandom
RegQueryInfoKeyW
GetTraceEnableLevel
OpenServiceA
GetAce
RegOpenKeyA
LookupPrivilegeValueA
LookupAccountNameW
GetSecurityDescriptorDacl
InitializeAcl

kernel32

lstrcpynA
VirtualAlloc
CreateFileW
ExitProcess
SetFileAttributesW
CreateFileMappingA
SetEndOfFile
GetCurrentProcessId
GetCurrentThreadId
IsBadWritePtr
GetWindowsDirectoryW
lstrcpynW
GetVersionExA
GetFileSize
ReleaseMutex
TlsGetValue
FindResourceW

shell32

SHChangeNotify
SHGetDesktopFolder
SHGetFileInfoW
SHGetSpecialFolderLocation
ShellExecuteW
SHBrowseForFolderA
CommandLineToArgvW
DragQueryFileW
ShellExecuteA
SHGetPathFromIDListW
SHGetMalloc
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListA

comctl32

PropertySheetW
CreatePropertySheetPageW

user32

GetWindowLongA
SetForegroundWindow
GetSubMenu
SetWindowTextA
GetAsyncKeyState
GetMenuItemCount
GetParent
GetClientRect
LoadBitmapA
CharUpperA
CreatePopupMenu
GetPropA
GetSysColorBrush
InvalidateRect
IsChild
GetMenu
CopyRect
GetWindowTextLengthW
MessageBoxW
GetWindowRect
EnableWindow
GetProcessWindowStation
LoadCursorA
GetDC
SystemParametersInfoW
CreateWindowExW
GetWindow
DispatchMessageA
DefWindowProcW
CharNextW
CharPrevA
SetWindowLongA

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31616202fe418dfabe04260f4ca9c45a

Headers

File Characteristics

Imports

shlwapi

msvcrt

ole32

advapi32

kernel32

shell32

comctl32

user32

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 51KB - Virtual size: 51KB

.data Size: 187KB - Virtual size: 187KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 51KB - Virtual size: 51KB

.data
Size: 187KB - Virtual size: 187KB

.rsrc
Size: 5KB - Virtual size: 4KB