6302f58992d613a12e0e4c074377cfb468bdbafd6e2350782be811d86e5d4e99

Sharing

Copy URL Twitter E-mail

General

Target

6302f58992d613a12e0e4c074377cfb468bdbafd6e2350782be811d86e5d4e99
Size

537KB
MD5

89592e8d1b55e30d1d1b6d7fae8fcb84
SHA1

a6d2b8fbe6693d1f4d5a13bf4f1b38d393c4b7c1
SHA256

6302f58992d613a12e0e4c074377cfb468bdbafd6e2350782be811d86e5d4e99
SHA512

35917c35c1c1d96eee8ac86af0c2bacd399c638ab680c54b1869570e2221aa95ef47bd4615d3234b5ba6de06d874e4c6e4cbf99cfaa01e734f63f5b7c0fc67c1
SSDEEP

6144:t2oTn/Mm5hiSDVvUiuBsG0TO6ADFg4UB5BoOyCpDMl+sTv8tM83LbXuXkJDQn6b2:tTbj5593RADF2KOyCe+Wv8tHHuNwG9

Score

N/A

Malware Config

Signatures

Files

6302f58992d613a12e0e4c074377cfb468bdbafd6e2350782be811d86e5d4e99
.exe windows x86

1492df48ea297f1d09f7a876583d0294

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetWindowOrgEx
GetTextCharacterExtra
GetSystemPaletteUse
CreateDIBPatternBrushPt
EnumFontsW
CopyEnhMetaFileW
SetRectRgn
CopyEnhMetaFileA
CreateScalableFontResourceW
GetEnhMetaFileHeader
GetTextMetricsW
GetLogColorSpaceW
ColorCorrectPalette
GetStockObject
OffsetClipRgn
DeleteMetaFile
GetRandomRgn
GetBitmapDimensionEx
LPtoDP
GetArcDirection
SwapBuffers
SetTextAlign
FlattenPath
LineTo
GetFontLanguageInfo
SetPixelFormat
CreateBrushIndirect
CombineRgn
CreateSolidBrush
GetDIBits
CombineTransform
CloseEnhMetaFile
RestoreDC
GetViewportExtEx
CreateColorSpaceW
EnumFontFamiliesA
TextOutW
PolyBezier
PolyPolyline
SetTextColor
CreatePolygonRgn
CreateCompatibleDC
IntersectClipRect
CreateMetaFileA
RectInRegion
CreateDCW
RectVisible
CopyMetaFileA
GetWinMetaFileBits
GetGraphicsMode
GetBrushOrgEx
GetLayout
DrawEscape
SetColorAdjustment
AnimatePalette
SetSystemPaletteUse
SetMagicColors
GetStretchBltMode
CreatePalette
LineDDA
CreateDIBSection
CheckColorsInGamut
TranslateCharsetInfo
InvertRgn
ChoosePixelFormat
gdiPlaySpoolStream
CreateDiscardableBitmap
FixBrushOrgEx
GetTextExtentExPointA
GdiPlayDCScript
SetArcDirection
GetMetaFileW
GetDCOrgEx
GetTextExtentPoint32A
SetMetaRgn
CreateEllipticRgnIndirect
GetTextColor

wininet

FtpCreateDirectoryA
FindNextUrlCacheEntryA
InternetSetOptionA
InternetQueryDataAvailable
CommitUrlCacheEntryW
InternetSetDialState
InternetDialW
InternetOpenUrlA
InternetErrorDlg
FindNextUrlCacheContainerA
InternetConfirmZoneCrossingW
InternetSetDialStateA
InternetCrackUrlA
InternetGetConnectedStateEx
InternetCombineUrlA
InternetTimeToSystemTime
HttpQueryInfoA
InternetConnectA
FtpDeleteFileA
HttpQueryInfoW
SetUrlCacheEntryGroupA
InternetQueryFortezzaStatus
FtpFindFirstFileA
InternetShowSecurityInfoByURL
HttpAddRequestHeadersA
FtpRemoveDirectoryA
FtpFindFirstFileW
RetrieveUrlCacheEntryFileW
FtpGetCurrentDirectoryA
FindFirstUrlCacheGroup
SetUrlCacheConfigInfoW
SetUrlCacheConfigInfoA
RunOnceUrlCache
HttpSendRequestExW
InternetQueryOptionA
InternetSetFilePointer
InternetOpenUrlW
RetrieveUrlCacheEntryFileA
InternetGoOnlineA
HttpSendRequestExA
InternetWriteFileExA
UnlockUrlCacheEntryFile
InternetGetCookieA

advapi32

RegSetValueA
RegOpenKeyW
RegOpenKeyExA
CryptEnumProvidersW
CryptGetDefaultProviderW
StartServiceW
RegEnumKeyExA
CryptGetProvParam
CryptVerifySignatureW
CryptVerifySignatureA
RegDeleteKeyW
RegQueryInfoKeyA
CryptAcquireContextA
AbortSystemShutdownW
RegEnumKeyW
CryptSetProviderA
RegReplaceKeyW
RegConnectRegistryW
RegQueryInfoKeyW
CryptExportKey
RegDeleteValueW
CreateServiceA
CryptSetKeyParam
LogonUserW
RegEnumValueW
RegQueryValueW
LookupAccountNameW
CryptImportKey
CryptEnumProvidersA
RegSetValueExW
CryptGetKeyParam
ReportEventW
RegEnumValueA
CryptEncrypt
RegLoadKeyW
CryptCreateHash
InitializeSecurityDescriptor
InitiateSystemShutdownA
CryptHashData
LookupPrivilegeValueW
CryptGetUserKey
RegConnectRegistryA
InitiateSystemShutdownW
RevertToSelf
LookupSecurityDescriptorPartsA
RegDeleteKeyA
CryptGenKey
CryptDuplicateKey
CryptGetHashParam
CryptSetHashParam
RegSetValueW
CryptSignHashA
CryptReleaseContext
CryptDeriveKey
ReportEventA
RegQueryMultipleValuesA
RegLoadKeyA
RegNotifyChangeKeyValue
AbortSystemShutdownA
RegFlushKey
RegReplaceKeyA
CryptEnumProviderTypesA
RegSetKeySecurity
RegQueryValueExW
LookupSecurityDescriptorPartsW
RegRestoreKeyW
CryptContextAddRef
LogonUserA
LookupPrivilegeDisplayNameW
LookupPrivilegeDisplayNameA
RegOpenKeyA
CryptSetProviderExW
CryptDuplicateHash
RegCreateKeyA
RegSaveKeyA
RegSaveKeyW
CryptEnumProviderTypesW
RegRestoreKeyA
DuplicateTokenEx
RegQueryValueA
RegSetValueExA
CryptSetProvParam
RegCloseKey
DuplicateToken
LookupPrivilegeNameA
GetUserNameW
GetUserNameA
RegQueryValueExA
RegQueryMultipleValuesW
CryptHashSessionKey
LookupAccountSidW
CryptSignHashW
StartServiceA
CryptDestroyHash
RegCreateKeyExA
RegOpenKeyExW
CreateServiceW
LookupPrivilegeValueA
CryptGenRandom
CryptSetProviderW
RegEnumKeyA

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
WaitNamedPipeW
GetProfileSectionW
LoadLibraryExA
GlobalFindAtomA
GetLogicalDrives
SetComputerNameA
GlobalFlags
InterlockedIncrement
EnumResourceNamesW
SetComputerNameW
EnumSystemCodePagesW
GetVersionExW
UnlockFile
GetTempFileNameW
LoadResource
GetLocaleInfoA
WriteProfileSectionA
WideCharToMultiByte
GlobalWire
GetFullPathNameA
VirtualLock
CreateMailslotW
HeapValidate
GetCalendarInfoW
GetCompressedFileSizeA

shell32

SHEmptyRecycleBinA
SHGetDataFromIDListA
DragQueryFileW
ShellAboutW
SHGetInstanceExplorer
ShellExecuteExA
ExtractIconEx
FreeIconList
SHGetNewLinkInfo
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListW
SHGetSpecialFolderPathA
ExtractIconW
ShellHookProc
SHGetPathFromIDList
SHEmptyRecycleBinW
DragFinish
SheSetCurDrive
ExtractAssociatedIconExA
SHGetSettings
DragQueryFileA

user32

CreateWindowStationW
OemToCharW
GetTabbedTextExtentW
SetMenuContextHelpId
SetForegroundWindow
GetUserObjectSecurity
CopyRect
EditWndProc
CallMsgFilterW
RealGetWindowClass
LoadKeyboardLayoutA
GetMenuItemCount
InSendMessageEx
DdeCreateStringHandleA
CharUpperBuffA
DdeDisconnect
InvalidateRgn
IntersectRect
AnimateWindow
GetMenuContextHelpId
DdeAbandonTransaction
InsertMenuItemA
LoadImageW
ToAsciiEx
DragDetect
GetProcessDefaultLayout
CreateMDIWindowA
IsCharAlphaW
SetProcessWindowStation
IsMenu
GetDoubleClickTime
GetWindowTextLengthA
CallMsgFilterA
GetPropW
DestroyMenu
CreateMenu
EnumChildWindows
MonitorFromRect
DefWindowProcW
CreateDialogIndirectParamW
LookupIconIdFromDirectoryEx
ChangeDisplaySettingsW
SetDeskWallpaper
SetWindowLongA
SendNotifyMessageW
ScrollDC
DdeAccessData
GetDlgItem
CreateAcceleratorTableW
DrawIcon
FlashWindowEx

comdlg32

ChooseFontA
ReplaceTextW
GetOpenFileNameA
PrintDlgW
ReplaceTextA
PrintDlgA
GetOpenFileNameW
ChooseFontW
ChooseColorW
PageSetupDlgW
FindTextA
LoadAlterBitmap
ChooseColorA
GetSaveFileNameA
GetFileTitleA
GetFileTitleW

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1492df48ea297f1d09f7a876583d0294

Headers

File Characteristics

Imports

gdi32

wininet

advapi32

kernel32

shell32

user32

comdlg32

Sections

.text Size: 107KB - Virtual size: 107KB

.data Size: 75KB - Virtual size: 75KB

.bss Size: 110KB - Virtual size: 109KB

.idata Size: 243KB - Virtual size: 243KB

.text
Size: 107KB - Virtual size: 107KB

.data
Size: 75KB - Virtual size: 75KB

.bss
Size: 110KB - Virtual size: 109KB

.idata
Size: 243KB - Virtual size: 243KB