8f847399d8cf648b72a5a770e480dbecf2ece44e2ad24bc699772d82b9537607

Sharing

Copy URL Twitter E-mail

General

Target

8f847399d8cf648b72a5a770e480dbecf2ece44e2ad24bc699772d82b9537607
Size

687KB
MD5

b7b4cd2663e3356c3331db2ccb386886
SHA1

bd677f393d446a972aa4bb6df73ba05d976c4723
SHA256

8f847399d8cf648b72a5a770e480dbecf2ece44e2ad24bc699772d82b9537607
SHA512

ff4cc0e87e5bc97a077f289d22e1dc33f949767ffca790e9d48778d32364cb7a82bf5909e683d2931401bb188e19f494c491669db3189f4b1b0b5b26a5a242e3
SSDEEP

12288:ripUCPY3hJbcR+dUJYHLeLg11P9/nrDGI6k0yszQOfZ9o9C1Kp9U3Sl:rpCPYhJg4WJYHLek1LraG0ys/9oip3Sl

Score

N/A

Malware Config

Signatures

Files

8f847399d8cf648b72a5a770e480dbecf2ece44e2ad24bc699772d82b9537607
.exe windows x86

ca7d437ff56b1bdbaa51d8c0278e3f45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
CreateCompatibleBitmap
CreateSolidBrush
BitBlt
CreateCompatibleDC
DeleteObject
DeleteDC
GetStockObject
SelectObject
GetObjectW

shlwapi

UrlApplySchemeW
PathCombineW
UrlGetPartW
UrlCanonicalizeW
UrlCombineW
PathAppendW

kernel32

GetCurrentProcess
HeapAlloc
VirtualLock
CreateThread
GetCurrentThreadId
ResetEvent
DeleteCriticalSection
CreateEventW
HeapReAlloc
CreateFileW
LoadLibraryA
MulDiv
InterlockedIncrement
GetStartupInfoW
GetSystemTimeAsFileTime
LocalAlloc
Sleep
GetVersionExW
WaitForSingleObject
InterlockedCompareExchange
SizeofResource
ReleaseMutex
UnhandledExceptionFilter
LocalFree
GetLocaleInfoW
FindResourceExW
InitializeCriticalSection
GetTempPathW
FlushInstructionCache
LockResource
InterlockedExchange
TerminateProcess
FindResourceW
GetSystemDirectoryW
RaiseException
IsProcessorFeaturePresent
EnterCriticalSection
SetLastError
GetProcAddress
GetACP
GetSystemInfo
lstrlenA
OpenProcess
QueryPerformanceCounter
InterlockedDecrement
LeaveCriticalSection
SetEvent
GetModuleFileNameW
GetThreadLocale
HeapSetInformation
ProcessIdToSessionId
HeapFree
GlobalUnlock
WideCharToMultiByte
LCMapStringW
CloseHandle
VirtualAlloc
GetLastError
HeapDestroy
lstrcmpW
CreateMutexW
SetUnhandledExceptionFilter
GetTickCount
GlobalAlloc
WaitForMultipleObjects
GlobalHandle
MultiByteToWideChar
LoadLibraryW
IsDebuggerPresent
LoadLibraryExW
LoadResource
FreeLibrary
GlobalLock
VirtualUnlock
GetVersionExA
GetComputerNameW
GlobalFree
HeapSize
VirtualFree
FormatMessageW
GetLocaleInfoA
GetProcessId
lstrlenW
GetModuleHandleW

msvcrt

iswdigit
memset
_initterm
__p__commode
fabs
__wgetmainargs
_wtoi64
_controlfp
_amsg_exit
_cexit
?terminate@@YAXXZ
__set_app_type
__setusermatherr
_wcmdln
_exit
exit
memcpy
_initterm
__p__fmode
_XcptFilter

gdiplus

GdipFree
GdipDisposeImage
GdipAlloc
GdiplusStartup
GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipCloneImage
GdiplusShutdown
GdipCreateBitmapFromFileICM

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

secur32

GetUserNameExW

shell32

SHAppBarMessage
ShellExecuteW
CommandLineToArgvW
SHGetFolderPathW
FindExecutableW
Shell_NotifyIconW
ShellExecuteExW

wtsapi32

WTSUnRegisterSessionNotification
WTSFreeMemory
WTSQuerySessionInformationW
WTSEnumerateSessionsW
WTSRegisterSessionNotification

ddraw

DirectDrawCreate
DirectDrawCreateEx

ole32

CreateStreamOnHGlobal
CoUninitialize
CoSetProxyBlanket
CoGetClassObject
OleInitialize
CoInitializeEx
CoCreateInstance
CoTaskMemFree
OleLockRunning
OleUninitialize
CoAllowSetForegroundWindow
CoInitializeSecurity
StringFromCLSID
CoTaskMemAlloc
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoCreateGuid

crypt32

CryptUnprotectData
CryptProtectData

Sections

.text
Size: 419KB - Virtual size: 418KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca7d437ff56b1bdbaa51d8c0278e3f45

Headers

File Characteristics

Imports

gdi32

shlwapi

kernel32

msvcrt

gdiplus

version

secur32

shell32

wtsapi32

ddraw

ole32

crypt32

Sections

.text Size: 419KB - Virtual size: 418KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 261KB - Virtual size: 260KB

.rsrc Size: 1024B - Virtual size: 1024B

.text
Size: 419KB - Virtual size: 418KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 261KB - Virtual size: 260KB

.rsrc
Size: 1024B - Virtual size: 1024B