c85a42a3e78c8309e0ec0d61abc9fb4513bb9b542fac053940c81e93978c40ff

Sharing

Copy URL Twitter E-mail

General

Target

c85a42a3e78c8309e0ec0d61abc9fb4513bb9b542fac053940c81e93978c40ff
Size

987KB
MD5

17a5bca294fbfe3c8f8392d23c2ccc81
SHA1

fabdf9b0b1967475870f157bd153f8d6a51fc309
SHA256

c85a42a3e78c8309e0ec0d61abc9fb4513bb9b542fac053940c81e93978c40ff
SHA512

acc0c37959b4c4936cc99d8013a46d10ba83d24d1e4f8c5f1fde2a1d4c0b8d931c7b7b058f3a390926f1a132ae28eb76a56f5aabc99f74f4655b2b91e8e17945
SSDEEP

24576:VH3uT1Yd9FoB+4l2HwPWDuGfxuY/KB5bVuIajXfgtFriAV/N:VeTC9Fl4l1uGuMfriAZ

Score

N/A

Malware Config

Signatures

Files

c85a42a3e78c8309e0ec0d61abc9fb4513bb9b542fac053940c81e93978c40ff
.exe windows x86

f48f2e0b1d0b8884dbfe66c87bea3aff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

tapi32

lineUncompleteCall
lineAccept

gdi32

DeleteDC
SetTextColor
CreateCompatibleDC
GetObjectW
SelectObject
CreateFontIndirectW
SetBkMode
DeleteObject
SetDIBColorTable
GetStockObject
CreateDIBSection

user32

GetWindowRect
FillRect
EndDialog
CallWindowProcW
ReleaseDC
DestroyWindow
GetWindowLongW
LoadIconW
SetWindowTextW
SetFocus
SendMessageW
SetCapture
LoadCursorW
BeginPaint
CreateCursor
GetMonitorInfoW
HideCaret
EnableWindow
GetDlgItem
DrawTextW
MonitorFromWindow
DrawFocusRect
GetDlgCtrlID
ReleaseCapture
GetDC
GetClientRect
PostMessageW
EndPaint
InvalidateRect
IsWindow
GetFocus
IsDlgButtonChecked
SetWindowLongW
GetSysColor
DestroyCursor
GetParent
PtInRect
UpdateWindow
MsgWaitForMultipleObjects
DialogBoxParamW
ClientToScreen
SetWindowPos
PostQuitMessage
SetCursor

ole32

CoCreateInstance
CoTaskMemAlloc
CoInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoInitializeEx
CoUninitialize

kernel32

LoadLibraryA
RaiseException
CreateFileA
TlsFree
InterlockedCompareExchange
VirtualAlloc
HeapDestroy
SetFilePointer
HeapFree
HeapReAlloc
TerminateProcess
GetConsoleMode
GetModuleFileNameA
InterlockedExchange
CreateDirectoryW
VirtualFree
LCMapStringA
GetUserDefaultUILanguage
GetCurrentProcess
GetEnvironmentStringsW
ExitProcess
HeapAlloc
GetModuleHandleW
HeapCreate
FreeEnvironmentStringsA
IsDebuggerPresent
RtlUnwind
SetLastError
GetCurrentThreadId
GetProcessHeap
GetCurrentProcessId
GetCommandLineA
GetSystemDefaultLCID
GetVersionExW
GetConsoleCP
SetStdHandle
GetStdHandle
IsValidCodePage
RemoveDirectoryW
DeleteFileW
ReadFile
CreateProcessW
TlsAlloc
InterlockedDecrement
WriteFile
GetLogicalDriveStringsW
GlobalLock
SetUnhandledExceptionFilter
DosDateTimeToFileTime
GetFileSize
GetProcAddress
GetConsoleOutputCP
LoadLibraryW
GetCommandLineW
GetStartupInfoA
GetLastError
GetOEMCP
FindResourceExW
DebugBreak
OutputDebugStringW
HeapValidate
SetEndOfFile
FreeResource
LocalFree
VirtualQuery
InterlockedIncrement
GetLocaleInfoA
GetStringTypeA
FreeEnvironmentStringsW
DeleteCriticalSection
InitializeCriticalSection
GetACP
FindResourceW
IsBadReadPtr
GetVersionExA
OutputDebugStringA
TlsGetValue
LCMapStringW
CreateFileW
GetSystemTimeAsFileTime
GetFileAttributesExW
GetEnvironmentStrings
UnhandledExceptionFilter
LockResource
GlobalAlloc
WideCharToMultiByte
GetModuleHandleA
LocalAlloc
SetHandleCount
GlobalUnlock
WriteConsoleW
WriteConsoleA
FreeLibrary
FlushFileBuffers
GetTickCount
GetCPInfo
GetStringTypeW
TlsSetValue
VirtualProtect
LoadResource
MultiByteToWideChar
GetSystemInfo
GlobalFree
GetFileType
lstrcpynW
EnterCriticalSection
SizeofResource
CloseHandle
GetModuleFileNameW
QueryPerformanceCounter
LeaveCriticalSection

shlwapi

PathFileExistsW
PathAppendW
PathRemoveFileSpecW
PathCombineW
SHGetValueW

shell32

CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW
ShellExecuteW
SHFileOperationW

advapi32

RegCreateKeyExW
RegQueryValueExW
OpenProcessToken
CheckTokenMembership
CryptGenRandom
RegSetValueExW
CryptReleaseContext
AllocateAndInitializeSid
RegOpenKeyExW
GetTokenInformation
RegDeleteValueW
FreeSid
RegCloseKey
RegQueryValueExA
CryptAcquireContextW

Sections

.text
Size: 653KB - Virtual size: 652KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 295KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f48f2e0b1d0b8884dbfe66c87bea3aff

Headers

File Characteristics

Imports

tapi32

gdi32

user32

ole32

kernel32

shlwapi

shell32

advapi32

Sections

.text Size: 653KB - Virtual size: 652KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 295KB - Virtual size: 3.5MB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 653KB - Virtual size: 652KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 295KB - Virtual size: 3.5MB

.rsrc
Size: 32KB - Virtual size: 31KB