b0867de9137eeb2aeaddf85639659b03f76c41060a49356cf6e01bfcae67dc60

Sharing

Copy URL Twitter E-mail

General

Target

b0867de9137eeb2aeaddf85639659b03f76c41060a49356cf6e01bfcae67dc60
Size

99KB
MD5

25810f83de9cf837dac8e603523591f0
SHA1

4992d670c9c1f11d233f231140e9b5a42bb44fbf
SHA256

b0867de9137eeb2aeaddf85639659b03f76c41060a49356cf6e01bfcae67dc60
SHA512

ce7d2b20cc02ad914d0e5bdd6dfd58a64ea334c9989b3c52535295bdd31e65a98a4f0efffc254dfb3195b947d345f36a8087b1feaa7786924ed53bcb08784906
SSDEEP

1536:mwSyXp1b0Jiwxxzt6Y39Wtn4IJ1bNcdT5uhjBsxYXL9PTCJ7k2UwdAyT:mHI1b0NX0t4IJ0NudBsW79PTCw21AyT

Score

N/A

Malware Config

Signatures

Files

b0867de9137eeb2aeaddf85639659b03f76c41060a49356cf6e01bfcae67dc60
.exe windows x86

20a7f24ce92696c1ec2c07a8eedcbbf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
lstrcatW
GetProfileStringW
lstrcpyW
OpenEventW
OpenFileMappingW
SearchPathW
UnmapViewOfFile
GetNumberFormatA
LoadResource
LockResource
MapViewOfFile
SetCurrentDirectoryW
lstrlenW
lstrcmpiW
GetExitCodeProcess
WritePrivateProfileStringW
lstrcpynW
GetCommandLineW
VerSetConditionMask
VerifyVersionInfoW
WriteConsoleW
FreeLibrary
GetConsoleOutputCP
EraseTape
SetTapePosition
DeviceIoControl
GetLocaleInfoA
GetSystemInfo
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
LCMapStringA
VirtualQuery
RtlUnwind
GetStringTypeW
GetStringTypeA
HeapCreate
HeapDestroy
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
WideCharToMultiByte
GetProcessHeap
GetVersionExA
GetVersionExW
CreateThread
GlobalAlloc
GlobalFree
ExitProcess
SetEvent
GetModuleHandleW
CreateEventW
CreateMutexW
GetComputerNameW
CopyFileW
SetFileAttributesW
SetLastError
LocalReAlloc
WaitForSingleObject
ReleaseMutex
Sleep
GetVolumeInformationW
LocalAlloc
ReadFile
HeapFree
QueryPerformanceCounter
GetModuleHandleA
GetProcAddress
FileTimeToSystemTime
DeleteFileW
GetTempPathW
CreateFileW
CloseHandle
LoadLibraryW
SystemTimeToFileTime
GetConsoleMode
SetConsoleMode
GetConsoleScreenBufferInfo
MultiByteToWideChar
ReadConsoleW
GetModuleFileNameW
GetFileType
WriteFile
LocalFree
GetUserDefaultUILanguage
GetSystemDefaultLCID
SetThreadLocale
FindFirstFileW
FindNextFileW
FindClose
GetLastError
HeapAlloc
SetConsoleTextAttribute
GetStdHandle
GetTempFileNameW
GetSystemDirectoryW
GetStringTypeExW
GetPrivateProfileIntW
lstrcmpW
GetDateFormatW
FindResourceExW
ExpandEnvironmentStringsW
CreateProcessW
CreateFileMappingW
CreateDirectoryW
CompareStringW
GetFileAttributesW
SetFilePointer
SetErrorMode
OpenProcess
InterlockedCompareExchange
ProcessIdToSessionId
GetLocalTime
FindNextVolumeW
FindVolumeClose
GetVolumePathNamesForVolumeNameW
InterlockedDecrement
GetComputerNameExW
ExitThread
lstrlenA
CreateFileA
DeleteVolumeMountPointW
IsBadCodePtr
lstrcpyA
IsBadWritePtr
LoadLibraryA
SetEndOfFile
SetFilePointerEx
TerminateThread
FindFirstVolumeW
QueryDosDeviceW
DefineDosDeviceW
GetDriveTypeW
lstrcmpiA
LeaveCriticalSection
EnterCriticalSection
GetCurrentThread
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
IsBadStringPtrW
IsBadReadPtr
GetVolumeNameForVolumeMountPointW
UnhandledExceptionFilter
GetVolumePathNameW

user32

LoadCursorW
LoadImageW
LoadMenuW
RegisterClassExW
SetDlgItemTextW
SetWindowLongW
GetMenuItemCount
GetWindowThreadProcessId
EnumThreadWindows
SetDlgItemTextA
GetDlgItem
ScreenToClient
ChildWindowFromPointEx
MsgWaitForMultipleObjects
IsWindow
IsWindowVisible
GetWindowRect
SystemParametersInfoA
SetWindowPos
GetCursorPos
DestroyWindow
TrackPopupMenu
EnableWindow
GetLastActivePopup
SetForegroundWindow
InsertMenuW
GetWindowTextW
GetSubMenu
GetDlgItemTextW
GetClassLongW
DialogBoxParamW
CreateDialogParamW
CharUpperW
CharPrevW
CharLowerW
CallWindowProcW
WinHelpW
IsDlgButtonChecked
GetSystemMenu
AppendMenuW
GetDC
LoadIconW
IsCharAlphaA
wvsprintfW
CreateWindowExW
ShowWindow
DefWindowProcW
UnregisterDeviceNotification
wsprintfW
RegisterDeviceNotificationW
SetFocus
SetTimer
GetParent
EnumChildWindows
EndDialog
DefDlgProcW
CharToOemW
LoadStringW
GetWindowLongW

advapi32

FreeSid
OpenEventLogW
ReadEventLogW
IsTextUnicode
RegQueryValueExA
RegOpenKeyExA
ImpersonateLoggedOnUser
RevertToSelf
RegEnumKeyExW
RegCreateKeyExW
GetUserNameW
OpenProcessToken
LookupAccountNameW
IsValidSecurityDescriptor
DestroyPrivateObjectSecurity
InitializeSid
GetSidSubAuthority
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
CreatePrivateObjectSecurity
RegQueryInfoKeyW
RegDeleteValueW
RegSetValueExW
RegCloseKey
StartServiceCtrlDispatcherW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteKeyA
RegOpenKeyW
InitiateSystemShutdownExW
RegUnLoadKeyW
RegLoadKeyW
RegOpenKeyA
LookupPrivilegeValueW
PrivilegeCheck
AllocateAndInitializeSid
IsValidSid
GetLengthSid
SetServiceStatus
OpenThreadToken
ClearEventLogW

ole32

StringFromGUID2
CoRevertToSelf
CoImpersonateClient
CoTaskMemAlloc
CoSetProxyBlanket
CoUninitialize
CoRegisterClassObject
CoInitializeSecurity
CoInitializeEx

version

GetFileVersionInfoSizeW
VerQueryValueW

msvcrt

tolower
wcscmp
sprintf
isprint
strchr
calloc
vswprintf
vfwprintf
fprintf
setlocale
putchar
swscanf
free
malloc
realloc
iswdigit
wcslen
fclose
fgetws
exit
fwprintf
wcsstr
wcsncpy
wcstod
wcscat
memmove
mbstowcs
wcschr
puts
wcscpy
printf
isdigit

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiOpenDeviceInfoW
SetupDiEnumDeviceInterfaces

rpcrt4

UuidFromStringW
RpcBindingInqAuthClientW
RpcServerRegisterIf
RpcServerUseProtseqEpW
RpcServerRegisterAuthInfoW
RpcServerListen
RpcMgmtStopServerListening
RpcServerUnregisterIf
RpcImpersonateClient
RpcServerRegisterIfEx
RpcRevertToSelf
UuidCreate
UuidEqual

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20a7f24ce92696c1ec2c07a8eedcbbf3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

version

msvcrt

setupapi

rpcrt4

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 15KB - Virtual size: 14KB

.rsrc Size: 21KB - Virtual size: 21KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 21KB - Virtual size: 21KB