145b9eb5279ae24d7f94c9a2fd0808a28b9aa70558cdc74f0bc2bf1e17f04112

Sharing

Copy URL Twitter E-mail

General

Target

145b9eb5279ae24d7f94c9a2fd0808a28b9aa70558cdc74f0bc2bf1e17f04112
Size

253KB
MD5

7c3faf215bee3403ee48bd56aa8a554a
SHA1

2029e75944235e5302d9f46b4f6de0e13d95e669
SHA256

145b9eb5279ae24d7f94c9a2fd0808a28b9aa70558cdc74f0bc2bf1e17f04112
SHA512

6a04551831f82db6417b400d7e97f1f82c8a52720699e1604df7b38c75a1de0b12b106762d147f6f3cfd77072f34b0b7abd47de01a01adad92abb5d5a09b2240
SSDEEP

3072:4JKs14S98VaYtbauh3ubZj265Nbxxon1BX+gHx2rhqdXnGvJ68vMBpav9f:LsaSqXtbpcZjxbxmn1ogddXn64TOv9f

Score

N/A

Malware Config

Signatures

Files

145b9eb5279ae24d7f94c9a2fd0808a28b9aa70558cdc74f0bc2bf1e17f04112
.exe windows x86

f8455fb1c39e065c8c68a11d75990af1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
FlushInstructionCache
GetCurrentProcess
lstrcmpW
MulDiv
RaiseException
GetCurrentThreadId
CloseHandle
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiW
Sleep
CreateThread
CreateEventW
LoadLibraryExW
InterlockedIncrement
InterlockedDecrement
SetEvent
FreeLibrary
SizeofResource
GetCommandLineW
FindResourceExW
GlobalFree
GlobalHandle
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadResource
InterlockedExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
VirtualFree
HeapCreate
HeapDestroy
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetProcessHeap
GetVersionExA
HeapReAlloc
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenA
lstrlenW
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
GetModuleFileNameW
OutputDebugStringA
SetLastError
GetLastError
LoadLibraryW
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
LoadLibraryA
GetModuleHandleA
IsProcessorFeaturePresent
InterlockedCompareExchange
GetThreadLocale
FlushFileBuffers
CreateFileA
HeapFree
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA

user32

CreateDialogIndirectParamW
ShowWindow
CharUpperW
UnregisterClassA
GetMessageW
DispatchMessageW
TranslateMessage
CreateAcceleratorTableW
IsWindow
SetFocus
DestroyAcceleratorTable
GetDesktopWindow
CallWindowProcW
FillRect
ReleaseCapture
GetClassNameW
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
MoveWindow
CharNextW
GetSysColor
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetWindowContextHelpId
SendDlgItemMessageW
MapDialogRect
GetClassInfoExW
RegisterClassExW
SendMessageW
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
MapWindowPoints
GetDlgItem
DestroyWindow
LoadCursorW
SetWindowLongW
GetWindowLongW
SetWindowPos
DefWindowProcW
BeginPaint
EndPaint
CreateWindowExW
GetClientRect
GetFocus
IsChild
PostThreadMessageW

gdi32

GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
GetStockObject

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

ole32

CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoUninitialize
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemAlloc

oleaut32

VARIANT_UserUnmarshal
VARIANT_UserMarshal
VARIANT_UserSize
BSTR_UserFree
BSTR_UserUnmarshal
BSTR_UserMarshal
BSTR_UserSize
SysFreeString
VariantClear
SysAllocString
SysStringLen
VariantInit
VariantCopy
SysAllocStringLen
DispCallFunc
LoadRegTypeLi
LoadTypeLi
SysStringByteLen
OleCreateFontIndirect
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
VARIANT_UserFree

rpcrt4

CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
NdrStubCall2
NdrStubForwardingFunction
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrCStdStubBuffer_Release
NdrCStdStubBuffer2_Release
CStdStubBuffer_DebugServerRelease

shlwapi

UrlGetPartW

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rorpc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f8455fb1c39e065c8c68a11d75990af1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

rpcrt4

shlwapi

Sections

.text Size: 108KB - Virtual size: 104KB

.orpc Size: 4KB - Virtual size: 844B

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 8KB - Virtual size: 7KB

.rorpc Size: 76KB - Virtual size: 76KB

.text
Size: 108KB - Virtual size: 104KB

.orpc
Size: 4KB - Virtual size: 844B

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 8KB - Virtual size: 7KB

.rorpc
Size: 76KB - Virtual size: 76KB