920440b2da77864720c0a3a00dedc00345d3d8f4573522869436c45d1c75df5d

Sharing

Copy URL

Twitter E-mail

General

Target

920440b2da77864720c0a3a00dedc00345d3d8f4573522869436c45d1c75df5d
Size

406KB
MD5

25c952234a75402960316c722a69596e
SHA1

062a039e6b5fdc96c33e0f69754a697ee5a9e7dd
SHA256

920440b2da77864720c0a3a00dedc00345d3d8f4573522869436c45d1c75df5d
SHA512

2823bfc2e5f6b19ce9b8972f28a1e3a854a8fc38e10528342396b26379f362a7ec26a82cf0c78fed615aeea229e68543c9be0b76f4b959767a059138fffa53d6
SSDEEP

6144:R9EfghSPgG0tSYT8CxvQh0esCzbB7RiNJXFNnDVuEtkA6svWLlL1UCfq:RlS90oYTHxohwyNgPVuyv6gsJY

Score

N/A

Malware Config

Signatures

Files

920440b2da77864720c0a3a00dedc00345d3d8f4573522869436c45d1c75df5d
.exe windows x86

0bffdc45a16ed8cb911415a79dcfd182

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
SHFileOperationW
ShellExecuteW
SHBrowseForFolderW

ole32

OleInitialize
CoTaskMemFree
CoCreateInstance
OleUninitialize

advapi32

RegDeleteValueW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW
RegEnumKeyW
RegOpenKeyExW

gdi32

SetTextColor
DeleteObject
SetBkMode
CreateFontIndirectW
SelectObject
GetDeviceCaps
SetBkColor
GetStockObject
GetTextExtentPoint32W

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

InitializeCriticalSectionAndSpinCount
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
RemoveDirectoryW
FreeResource
ResetEvent
IsSystemResumeAutomatic
GetTapeStatus
SetHandleInformation
AssignProcessToJobObject
GetFileAttributesExW
GetExitCodeProcess
IsProcessInJob
LockResource
SetLastError
GetThreadSelectorEntry
FlushFileBuffers
GetModuleFileNameA
SetHandleCount
ClearCommBreak
SetMessageWaitingIndicator
GetProcessHeap
RequestWakeupLatency
GetProcessIoCounters
CreateFileMappingW
SetSystemTimeAdjustment
GetCommTimeouts
GetCommandLineW
GlobalDeleteAtom
GetNamedPipeHandleStateW
ReplaceFileA
DecodePointer
EscapeCommFunction
MulDiv
GetThreadIOPendingFlag
GetLogicalDrives
GetWriteWatch
ReleaseMutex
InitAtomTable
GetNamedPipeHandleStateA
DeleteAtom
SetMailslotInfo
GetCurrentProcess
OpenProcess
GetProcessPriorityBoost
QueueUserAPC
lstrcpynA
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
SetFilePointer
MultiByteToWideChar
ReadFile
WriteFile
lstrlenA
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GlobalFree
WaitForSingleObject
GlobalAlloc
ExpandEnvironmentStringsW
lstrcmpW
lstrcmpiW
lstrcmpA
lstrcpyA
GetVersion
GetSystemDirectoryW
GetVersionExW
lstrcpyW
GetModuleHandleA
LoadLibraryA
GetProcAddress
lstrcatW
GetTempFileNameW
lstrcmpiA
CreateProcessW
LoadLibraryW
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
lstrcpynW
lstrlenW
CloseHandle
SetErrorMode
GetTempPathW
GetWindowsDirectoryW
ExitProcess
CopyFileW
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
Sleep
SetFileAttributesW
CreateDirectoryW
GetLastError
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
GetCommandLineA
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bffdc45a16ed8cb911415a79dcfd182

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

advapi32

gdi32

version

kernel32

Sections

.text Size: 58KB - Virtual size: 57KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 330KB - Virtual size: 329KB

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 330KB - Virtual size: 329KB