b452f6a5577744c5187dddba3c308ffa723e7438f4bb50d585c0eb8503742f05

Sharing

Copy URL Twitter E-mail

General

Target

b452f6a5577744c5187dddba3c308ffa723e7438f4bb50d585c0eb8503742f05
Size

171KB
MD5

69522273a49d3053bd8d7d4b5ca379e5
SHA1

c6d9e447e8ac0d8b7208fa352a0d08f63e088d71
SHA256

b452f6a5577744c5187dddba3c308ffa723e7438f4bb50d585c0eb8503742f05
SHA512

9cf7f3fcd4dd59abb9bb61a23e868ec918e6de4bfd0079fbdcc12fde6033f86ff6a98434d1cab9ebd8e0460ef3d7bad4d307f53ad992793902fb9e96bca699cb
SSDEEP

3072:wxyq/xvX9LUw7dEUyRGrU0tPoQrU91xGHB5e4CExFza41TnhX5Oto7oJriT:1q/xvX17n3U0tfU9ZkFJTn95O3i

Score

N/A

Malware Config

Signatures

Files

b452f6a5577744c5187dddba3c308ffa723e7438f4bb50d585c0eb8503742f05
.exe windows x86

2c5b341a66a6e28135a6f2bc4ab5bf4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptHashData
RegOpenKeyExA
CryptImportKey
RegSetValueExA
CryptAcquireContextA
CryptReleaseContext
RegCreateKeyExA
CryptDestroyHash
CryptEncrypt
RegDeleteValueA
CryptDestroyKey
RegQueryInfoKeyA
CryptCreateHash
RegCloseKey
RegEnumValueA
RegEnumKeyExA
RegQueryValueExA
CryptGetHashParam
RegDeleteKeyA

ole32

CreateItemMoniker
CoGetClassObject
StgIsStorageFile
CLSIDFromProgID
StringFromGUID2
CreateStreamOnHGlobal
StgCreateDocfile
CoInitializeSecurity
StgOpenStorage
CoSetProxyBlanket
OleUninitialize
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc
CreateBindCtx
OleLockRunning
OleInitialize
BindMoniker
GetRunningObjectTable
CoUninitialize
CoTaskMemFree
CoInitialize
CLSIDFromString

user32

GetDesktopWindow
BeginPaint
InvalidateRect
SetRect
wsprintfA
SetWindowTextA
GetDC
IsWindow
EqualRect
CreateWindowExA
DrawTextA
GetQueueStatus
EnumDisplayDevicesA
DestroyAcceleratorTable
ShowWindow
PeekMessageA
UnregisterClassA
CreateAcceleratorTableA
PostMessageA
SendNotifyMessageA
GetClassInfoExA
GetWindowTextLengthA
DefWindowProcA
RegisterWindowMessageA
SetParent
PostThreadMessageA
SendMessageA
RedrawWindow
GetActiveWindow
FillRect
GetFocus
GetParent
GetWindow
DispatchMessageA
GetSysColor
IsChild
CallWindowProcA
CharNextA
KillTimer
wvsprintfA
SendMessageTimeoutA
CreateDialogParamA
GetWindowLongA
GetClientRect
SetTimer
SetFocus
GetClassNameA
MsgWaitForMultipleObjects
SetCapture
DestroyWindow
ReleaseDC
SetWindowLongA
RegisterClassExA
GetDlgItem
GetWindowRect
CopyRect
EndPaint
FindWindowA
LoadCursorA
ReleaseCapture
InvalidateRgn
GetWindowTextA
MoveWindow
SetWindowPos

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

gdiplus

GdipFree
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromFileICM
GdipCloneImage

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

shlwapi

PathFileExistsW
PathCombineW

kernel32

InterlockedDecrement
WaitForSingleObject
LocalFree
GetLocaleInfoA
lstrcpyA
MultiByteToWideChar
IsBadWritePtr
SetThreadPriority
InterlockedIncrement
GetCurrentProcessId
ReadFile
GetSystemTimeAsFileTime
OutputDebugStringW
GetShortPathNameW
lstrcpynA
WideCharToMultiByte
GetCurrentThreadId
DeleteFileA
WriteFile
GlobalSize
lstrlenA
GetProcessAffinityMask
EnterCriticalSection
ResetEvent
CreateDirectoryW
SizeofResource
GetModuleHandleA
CreateThread
Sleep
OpenFileMappingA
LoadLibraryA
GetModuleFileNameW
GetCurrentProcess
GetFileAttributesW
GetSystemTime
CreateDirectoryA
GetTempPathW
lstrcmpA
GlobalFree
OutputDebugStringA
VirtualProtect
GetProcAddress
CloseHandle
LeaveCriticalSection
GlobalAlloc
MapViewOfFile
HeapAlloc
GetSystemInfo
CreateFileA
GetThreadLocale
WaitForMultipleObjects
IsDebuggerPresent
GetModuleFileNameA
LoadResource
VirtualAlloc
IsDBCSLeadByte
EnumResourceTypesW
GetACP
QueryPerformanceCounter
GlobalUnlock
TerminateProcess
GetProcessHeap
VirtualFree
LoadLibraryW
InterlockedExchange
FreeLibrary
GetTempPathA
SetEnvironmentVariableW
SetEvent
GetLastError
VirtualQuery
GetCurrentThread
LoadLibraryExA
_llseek
Beep
GetVersionExA
RaiseException
GetFileAttributesA
GetVolumeInformationW
CreateFileMappingA
InitializeCriticalSection
WriteProcessMemory
lstrcmpiA
ExitProcess
MulDiv
GetDriveTypeW
GetThreadPriority
GlobalLock
CreateSemaphoreA
IsBadReadPtr
GetTickCount
HeapFree
DeleteCriticalSection
FindResourceA
GlobalReAlloc
DeviceIoControl
CreateEventA
FlushInstructionCache
lstrlenW

winmm

timeGetTime
timeSetEvent

gdi32

GetDIBits
BitBlt
StretchDIBits
SelectPalette
DeleteDC
RealizePalette
SetStretchBltMode
GetStockObject
SelectObject
GetDeviceCaps
CreateCompatibleBitmap
CreateFontA
CreateDIBitmap
ExtEscape
GetObjectA
CreateDIBSection
CreateSolidBrush
DeleteObject
CreateCompatibleDC
SetBkMode

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c5b341a66a6e28135a6f2bc4ab5bf4b

Headers

File Characteristics

Imports

advapi32

ole32

user32

shell32

wininet

gdiplus

version

setupapi

shlwapi

kernel32

winmm

gdi32

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 7KB - Virtual size: 6KB

.bss Size: 66KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 96KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 7KB - Virtual size: 6KB

.bss
Size: 66KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 96KB