b87a66ca97a0213095804d9273bc4e3d0a8b37f9ced77d1156b1d9ea61d27922

Sharing

Copy URL Twitter E-mail

General

Target

b87a66ca97a0213095804d9273bc4e3d0a8b37f9ced77d1156b1d9ea61d27922
Size

241KB
MD5

a9aed6761b92a0299db66d806b89a4e4
SHA1

42e5499727efdc376b1988059c18084449ba8db7
SHA256

b87a66ca97a0213095804d9273bc4e3d0a8b37f9ced77d1156b1d9ea61d27922
SHA512

df838997816bb906da0048737799511b636e9ddcb9330fdefb1cbe49b310a463b1e08955dd852ceeeb12eed3856b2d4b24999f905786064abbe1ac20673c86d0
SSDEEP

6144:eTIaOWfp2uHh8Wp1+V/VhMSTurQGvoQau:eNfp2ypW/rMSquQau

Score

N/A

Malware Config

Signatures

Files

b87a66ca97a0213095804d9273bc4e3d0a8b37f9ced77d1156b1d9ea61d27922
.exe windows x86

20d7527ac191cc8623e8ef9b08b89edb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorW
PageSetupDlgA
PrintDlgW
GetFileTitleW
ReplaceTextA
ReplaceTextW
ChooseColorA
FindTextW
PrintDlgA
GetSaveFileNameA
GetSaveFileNameW
ChooseFontW
GetFileTitleA
GetOpenFileNameA
GetOpenFileNameW
FindTextA
ChooseFontA
LoadAlterBitmap

wininet

GopherOpenFileA
SetUrlCacheEntryGroupW
InternetGetConnectedStateExA
InternetTimeToSystemTimeA
SetUrlCacheConfigInfoA
LoadUrlCacheContent
DeleteUrlCacheGroup
InternetConfirmZoneCrossing
FtpPutFileA
IsUrlCacheEntryExpiredW
UnlockUrlCacheEntryFileA
ShowClientAuthCerts
DeleteUrlCacheEntryW
GopherCreateLocatorA
FtpFindFirstFileA
FindNextUrlCacheEntryW
InternetTimeFromSystemTime
InternetGetLastResponseInfoW

user32

GetClipCursor
GetKeyboardLayoutNameW
SendMessageA
CreateDialogParamA
DrawMenuBar
ShowWindowAsync
MoveWindow
CreateMenu
DrawFocusRect
GetWindowDC
ChangeMenuA
TabbedTextOutA
TranslateAcceleratorA
BroadcastSystemMessageA
InSendMessage
SetWindowLongW
SendDlgItemMessageA

advapi32

RegQueryValueA
CryptGetProvParam
RegSetValueExA
LogonUserW
CryptSetProviderExA
LookupPrivilegeDisplayNameW
LookupPrivilegeNameW
CreateServiceW

kernel32

VirtualAlloc
GetUserDefaultLCID
HeapDestroy
InterlockedExchange
GetOEMCP
WideCharToMultiByte
GetFileType
lstrcmpA
QueryPerformanceCounter
GetStringTypeA
FreeLibrary
GetThreadPriority
GetVersionExA
CompareStringW
GetCurrentThread
GetEnvironmentStrings
TlsAlloc
WriteFile
GetProcessHeap
GetLastError
GetCPInfo
LeaveCriticalSection
GetCurrentThreadId
EnumSystemLocalesA
GetTimeFormatA
ExitProcess
GetSystemTimeAsFileTime
IsDebuggerPresent
GetLocaleInfoW
LCMapStringA
Sleep
SetHandleCount
GetACP
HeapCreate
HeapFree
IsValidLocale
TlsSetValue
LoadLibraryA
GetStringTypeW
FreeEnvironmentStringsW
HeapAlloc
InitializeCriticalSection
GetTimeZoneInformation
VirtualFree
VirtualQuery
LCMapStringW
GetCurrentProcessId
TlsGetValue
GetEnvironmentStringsW
GetModuleHandleA
TlsFree
SetLastError
CompareStringA
GetCommandLineA
GetDateFormatA
HeapSize
ResumeThread
HeapReAlloc
GetTickCount
IsValidCodePage
GetCurrentProcess
UnhandledExceptionFilter
GetLocaleInfoA
FreeEnvironmentStringsA
GetStartupInfoA
EnterCriticalSection
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
SetConsoleCtrlHandler
GetProfileSectionW
DeleteCriticalSection
GetProcAddress
SetUnhandledExceptionFilter
TerminateProcess
GetStdHandle
RtlUnwind
SetEnvironmentVariableA
MultiByteToWideChar

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20d7527ac191cc8623e8ef9b08b89edb

Headers

File Characteristics

Imports

comdlg32

wininet

user32

advapi32

kernel32

Sections

.text Size: 126KB - Virtual size: 125KB

.data Size: 112KB - Virtual size: 123KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 126KB - Virtual size: 125KB

.data
Size: 112KB - Virtual size: 123KB

.rsrc
Size: 2KB - Virtual size: 1KB