5db23fbf888764e31c98e3c5b9ab1812dc90f3048fe517511b21e97e74457151

Sharing

Copy URL Twitter E-mail

General

Target

5db23fbf888764e31c98e3c5b9ab1812dc90f3048fe517511b21e97e74457151
Size

1.8MB
MD5

a510ef80ffa85a1072a7adaa107c1c65
SHA1

c2f2625838ad3d67ca06adabdb21cddcc7f28e56
SHA256

5db23fbf888764e31c98e3c5b9ab1812dc90f3048fe517511b21e97e74457151
SHA512

9c243d58a560492cbf5a5b2f8fbe54b38879f0d815d0f61b48f82c2b4a816f13db25097f8d513688a1c4f807bc08a3fb2eeea728a47e189c36ae09e0b9d36c8c
SSDEEP

49152:iGKPG0SZJ4FlboULKLu6bUAtKZbFEaa6lKyXXrwQHcn:jJ4FKULQdbtb4K87

Score

N/A

Malware Config

Signatures

Files

5db23fbf888764e31c98e3c5b9ab1812dc90f3048fe517511b21e97e74457151
.exe windows x86

6b535edcdfb8be5b42e83b827af1755c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathRemoveFileSpecW

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlW
HttpQueryInfoW
InternetOpenW

kernel32

DeleteCriticalSection
SetFilePointer
FileTimeToSystemTime
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileSectionW
PeekNamedPipe
CreateProcessW
GetCurrentProcess
WaitForSingleObject
GetExitCodeProcess
GetModuleFileNameW
CreateEventW
CreatePipe
DuplicateHandle
GetCurrentDirectoryW
FormatMessageW
LocalFree
FindResourceExW
FindResourceW
LoadResource
SizeofResource
LockResource
GetProcAddress
GetModuleHandleW
Process32FirstW
GetDiskFreeSpaceW
EnterCriticalSection
MultiByteToWideChar
TerminateProcess
LeaveCriticalSection
OpenProcess
InitializeCriticalSection
SystemTimeToFileTime
CreateMutexW
GetVolumeInformationW
GetDiskFreeSpaceExW
VirtualAlloc
VirtualFree
LoadLibraryW
FreeLibrary
CreateFileA
GetFileTime
FindNextFileW
FindClose
MoveFileW
FindFirstFileW
GetFileSize
GetModuleHandleA
FlushFileBuffers
DeleteFileW
GetLocalTime
GetFileAttributesW
SetFileTime
DosDateTimeToFileTime
MulDiv
FreeResource
CreateToolhelp32Snapshot
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
SetStdHandle
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
LoadLibraryA
WideCharToMultiByte
CreateDirectoryW
GetFileSizeEx
CreateThread
GetSystemTime
GlobalFree
Sleep
GlobalAlloc
GetDateFormatA
GetTimeFormatA
CloseHandle
DeviceIoControl
GetLastError
CreateFileW
ReadFile
WriteFile
GetTickCount
SetFilePointerEx
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
GetOEMCP
GetACP
GetStringTypeW
LCMapStringA
LCMapStringW
GetCPInfo
RtlUnwind
RaiseException
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeA
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitThread
HeapReAlloc
HeapDestroy
Process32NextW
HeapCreate
ExitProcess
HeapSize
SetLastError
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
TlsFree

user32

wvsprintfW
wsprintfW
CharLowerW
MessageBoxW
ShowWindow
FindWindowW
CharLowerA
GetSystemMetrics
SendMessageW
RegisterDeviceNotificationW
CharUpperW
GetClientRect
IsZoomed
PostQuitMessage
ScreenToClient
ClientToScreen
SetWindowPos
GetWindowTextW
PtInRect
GetWindowTextLengthW
PostMessageW
MoveWindow
GetMonitorInfoW
DestroyWindow
LoadCursorW
RegisterClassExW
GetWindowRgn
CreateWindowExW
DefWindowProcW
GetDC
InflateRect
OffsetRect
ReleaseDC
SetWindowRgn
GetWindowRect
IsIconic
SetForegroundWindow
GetParent
IntersectRect
IsWindow
DispatchMessageW
TranslateMessage
SetFocus
GetMessageW
EnableWindow
GetWindow
LoadImageW
CallWindowProcW
GetPropW
SetPropW
RegisterClassW
GetClassInfoExW
GetKeyState
InvalidateRect
SetTimer
KillTimer
SetCapture
ReleaseCapture
CharNextW
GetFocus
GetCursorPos
UpdateLayeredWindow
IsRectEmpty
EndPaint
BeginPaint
GetUpdateRect
SetCursor
MapWindowPoints
DrawIconEx
CreateCaret
HideCaret
ShowCaret
SetCaretPos
GetSysColor
FillRect
DrawTextW
CharPrevW
SetRect
InvalidateRgn
CreateAcceleratorTableW
SetWindowTextW
GetWindowLongW
MonitorFromWindow
SetWindowLongW

gdi32

CreatePen
CreateDIBSection
PtInRegion
CreateRectRgn
DeleteObject
CreateRoundRectRgn
BitBlt
DeleteDC
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
SetStretchBltMode
GetTextMetricsW
CreateFontIndirectW
GetObjectW
GetStockObject
SetWindowOrgEx
Rectangle
RestoreDC
SaveDC
GetDeviceCaps
GetObjectA
SelectClipRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
CombineRgn
StretchBlt
ExtTextOutW
SetBkColor
CreateSolidBrush
LineTo
MoveToEx
CreatePenIndirect
RoundRect
SetTextColor
SetBkMode
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCreateKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueExA

shell32

SHGetPathFromIDListW
SHFileOperationW
SHGetSpecialFolderPathW
ord165
ShellExecuteW
SHBrowseForFolderW

ole32

OleSetContainedObject
CoCreateInstance
CoInitialize
OleUninitialize
OleInitialize
CoUninitialize
OleLockRunning
CLSIDFromString
CLSIDFromProgID

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

ws2_32

getservbyname
closesocket
recv
gethostbyaddr
htons
inet_addr
WSAStartup
gethostname
htonl
gethostbyname
send
WSACleanup
socket
connect

iphlpapi

GetAdaptersInfo

gdiplus

GdipFree
GdipCloneBrush
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawString
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateLineBrushI
GdiplusShutdown
GdiplusStartup
GdipDeleteBrush
GdipAlloc
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteGraphics
GdipDeleteFont

winmm

timeSetEvent
timeKillEvent
timeEndPeriod

comctl32

ord17
_TrackMouseEvent

Sections

.text
Size: 795KB - Virtual size: 795KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 855KB - Virtual size: 854KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b535edcdfb8be5b42e83b827af1755c

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

iphlpapi

gdiplus

winmm

comctl32

Sections

.text Size: 795KB - Virtual size: 795KB

.rdata Size: 127KB - Virtual size: 127KB

.data Size: 13KB - Virtual size: 25KB

.rsrc Size: 855KB - Virtual size: 854KB

.reloc Size: 52KB - Virtual size: 52KB

.text
Size: 795KB - Virtual size: 795KB

.rdata
Size: 127KB - Virtual size: 127KB

.data
Size: 13KB - Virtual size: 25KB

.rsrc
Size: 855KB - Virtual size: 854KB

.reloc
Size: 52KB - Virtual size: 52KB