c4acb2bd45c3d80baecd078496dbe3c27717f9b7c5556d5b7920c73d4792663c

Sharing

Copy URL Twitter E-mail

General

Target

c4acb2bd45c3d80baecd078496dbe3c27717f9b7c5556d5b7920c73d4792663c
Size

687KB
MD5

933aa48010d00177952bc2d21955c58e
SHA1

adfc5e27859220447e21d75efc71baee53cc329a
SHA256

c4acb2bd45c3d80baecd078496dbe3c27717f9b7c5556d5b7920c73d4792663c
SHA512

4e1907c95a905af9c05c7ad559d8f77227db8757ac04e125935d378ff6a9027a56e408ce26da5f3601c876bede26d304b841ccdfd088756304d6d4e98bd0fc27
SSDEEP

12288:QipUCPY3hJbcR+dUJYHLeLg11P9/nrDGI6k0yszQOfZ9o9C1Kp9U3Sl:QpCPYhJg4WJYHLek1LraG0ys/9oip3Sl

Score

N/A

Malware Config

Signatures

Files

c4acb2bd45c3d80baecd078496dbe3c27717f9b7c5556d5b7920c73d4792663c
.exe windows x86

ca7d437ff56b1bdbaa51d8c0278e3f45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
CreateCompatibleBitmap
CreateSolidBrush
BitBlt
CreateCompatibleDC
DeleteObject
DeleteDC
GetStockObject
SelectObject
GetObjectW

shlwapi

UrlApplySchemeW
PathCombineW
UrlGetPartW
UrlCanonicalizeW
UrlCombineW
PathAppendW

kernel32

GetCurrentProcess
HeapAlloc
VirtualLock
CreateThread
GetCurrentThreadId
ResetEvent
DeleteCriticalSection
CreateEventW
HeapReAlloc
CreateFileW
LoadLibraryA
MulDiv
InterlockedIncrement
GetStartupInfoW
GetSystemTimeAsFileTime
LocalAlloc
Sleep
GetVersionExW
WaitForSingleObject
InterlockedCompareExchange
SizeofResource
ReleaseMutex
UnhandledExceptionFilter
LocalFree
GetLocaleInfoW
FindResourceExW
InitializeCriticalSection
GetTempPathW
FlushInstructionCache
LockResource
InterlockedExchange
TerminateProcess
FindResourceW
GetSystemDirectoryW
RaiseException
IsProcessorFeaturePresent
EnterCriticalSection
SetLastError
GetProcAddress
GetACP
GetSystemInfo
lstrlenA
OpenProcess
QueryPerformanceCounter
InterlockedDecrement
LeaveCriticalSection
SetEvent
GetModuleFileNameW
GetThreadLocale
HeapSetInformation
ProcessIdToSessionId
HeapFree
GlobalUnlock
WideCharToMultiByte
LCMapStringW
CloseHandle
VirtualAlloc
GetLastError
HeapDestroy
lstrcmpW
CreateMutexW
SetUnhandledExceptionFilter
GetTickCount
GlobalAlloc
WaitForMultipleObjects
GlobalHandle
MultiByteToWideChar
LoadLibraryW
IsDebuggerPresent
LoadLibraryExW
LoadResource
FreeLibrary
GlobalLock
VirtualUnlock
GetVersionExA
GetComputerNameW
GlobalFree
HeapSize
VirtualFree
FormatMessageW
GetLocaleInfoA
GetProcessId
lstrlenW
GetModuleHandleW

msvcrt

iswdigit
memset
_initterm
__p__commode
fabs
__wgetmainargs
_wtoi64
_controlfp
_amsg_exit
_cexit
?terminate@@YAXXZ
__set_app_type
__setusermatherr
_wcmdln
_exit
exit
memcpy
_initterm
__p__fmode
_XcptFilter

gdiplus

GdipFree
GdipDisposeImage
GdipAlloc
GdiplusStartup
GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipCloneImage
GdiplusShutdown
GdipCreateBitmapFromFileICM

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

secur32

GetUserNameExW

shell32

SHAppBarMessage
ShellExecuteW
CommandLineToArgvW
SHGetFolderPathW
FindExecutableW
Shell_NotifyIconW
ShellExecuteExW

wtsapi32

WTSUnRegisterSessionNotification
WTSFreeMemory
WTSQuerySessionInformationW
WTSEnumerateSessionsW
WTSRegisterSessionNotification

ddraw

DirectDrawCreate
DirectDrawCreateEx

ole32

CreateStreamOnHGlobal
CoUninitialize
CoSetProxyBlanket
CoGetClassObject
OleInitialize
CoInitializeEx
CoCreateInstance
CoTaskMemFree
OleLockRunning
OleUninitialize
CoAllowSetForegroundWindow
CoInitializeSecurity
StringFromCLSID
CoTaskMemAlloc
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoCreateGuid

crypt32

CryptUnprotectData
CryptProtectData

Sections

.text
Size: 419KB - Virtual size: 418KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca7d437ff56b1bdbaa51d8c0278e3f45

Headers

File Characteristics

Imports

gdi32

shlwapi

kernel32

msvcrt

gdiplus

version

secur32

shell32

wtsapi32

ddraw

ole32

crypt32

Sections

.text Size: 419KB - Virtual size: 418KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 261KB - Virtual size: 260KB

.rsrc Size: 1024B - Virtual size: 1024B

.text
Size: 419KB - Virtual size: 418KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 261KB - Virtual size: 260KB

.rsrc
Size: 1024B - Virtual size: 1024B