a171360f461ecfe3d0a2587cba74e99c2d381ad3d70bea099e9f7e6a7c50d1bd

Sharing

Copy URL Twitter E-mail

General

Target

a171360f461ecfe3d0a2587cba74e99c2d381ad3d70bea099e9f7e6a7c50d1bd
Size

260KB
MD5

56b65b551992e09986c232af4e1ef46e
SHA1

9b769a5f171077d29cf73ba447f27bfd75964c52
SHA256

a171360f461ecfe3d0a2587cba74e99c2d381ad3d70bea099e9f7e6a7c50d1bd
SHA512

fe27ce770d308f19d72797df0435eb3bf12f054e769203ae004842695117b966a9cbdbc710ae30c576b0870003a41d27ea21d96799611a3149b164e85030d820
SSDEEP

3072:uBHmlf4JqkWxb1bQwYZwHf1T+WyJzidk/0xWn8/ib8cJ8bBvHveDzDpvMK7tTBfZ:jxf1JyJz6iWj28xNfve7pvN7tTBwRS

Score

N/A

Malware Config

Signatures

Files

a171360f461ecfe3d0a2587cba74e99c2d381ad3d70bea099e9f7e6a7c50d1bd
.exe windows x86

e3fb6c9f25ea1c7b9e858920fa5f47a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

EnumProcessModules
GetModuleFileNameExA
EnumPageFilesA

kernel32

GetSystemDirectoryA
GetWindowsDirectoryA
FindClose
FindFirstFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateEventA
TerminateThread
WaitForSingleObject
GetModuleFileNameA
GetTempPathA
WriteFile
ResetEvent
WaitForMultipleObjects
SetFilePointer
GetShortPathNameA
TerminateProcess
OpenProcess
CreateDirectoryA
GetFileSize
GetTickCount
SetFileAttributesA
GetFileAttributesA
CreateFileA
ReadFile
DeleteFileA
SetEvent
OpenEventA
CloseHandle
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
AddAtomA
Sleep
CreateThread
GetStartupInfoA
GetModuleHandleA
GlobalAlloc
GlobalFree
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
HeapLock
HeapWalk
HeapUnlock
HeapFree
HeapAlloc
CreatePipe
GetCurrentProcess
GetExitCodeProcess
DuplicateHandle
CreateProcessA
GetDriveTypeA
GetVolumeInformationA
GetLongPathNameA
GetCurrentProcessId
FindNextFileA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetExitCodeThread
HeapCreate
HeapDestroy

user32

AnyPopup
MessageBoxA
IsWindow
SendMessageA
DestroyWindow
PostThreadMessageA
GetMessageA
GetWindowTextA
GetWindowLongA
GetWindowThreadProcessId
GetWindow
GetDesktopWindow
PostMessageA
FindWindowA
GetSystemMetrics

gdi32

GetObjectA
BeginPath
CreateCompatibleBitmap
CreateDCA
BitBlt
CreateCompatibleDC
GetDIBits

advapi32

RegQueryInfoKeyA
AbortSystemShutdownA
RegCloseKey
RegOpenKeyExA
RegEnumValueA

shell32

ShellExecuteA
SHFormatDrive
SHFileOperationA

ws2_32

WSACreateEvent
connect
send
shutdown
getsockname
recvfrom
WSAGetLastError
ntohs
recv
WSACleanup
WSAStartup
gethostbyname
gethostname
closesocket
WSAIoctl
socket
bind
htons
sendto

gdiplus

GdiplusShutdown
GdiplusStartup
GdipAlloc
GdipFree
GdipLoadImageFromFile
GdipSaveImageToFile
GdipDisposeImage
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCloneImage

mfc42

ord3626
ord3663
ord2414
ord640
ord665
ord1979
ord5186
ord354
ord5785
ord1641
ord1640
ord323
ord800
ord1601
ord537
ord3571

msvcrt

malloc
pow
free
wcscmp
_strupr
_strset
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
_purecall
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
_ftol
rand
srand
memcmp
strchr
strlen
strrchr
_CxxThrowException
memset
strcpy
strstr
strcmp
__CxxFrameHandler
sprintf
__getmainargs
memcpy

ole32

StringFromGUID2
CoInitialize
CoUninitialize
CoCreateGuid

winmm

timeSetEvent
timeKillEvent

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

Sections

.text
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3fb6c9f25ea1c7b9e858920fa5f47a7

Headers

File Characteristics

Imports

psapi

kernel32

user32

gdi32

advapi32

shell32

ws2_32

gdiplus

mfc42

msvcrt

ole32

winmm

avicap32

Sections

.text Size: 212KB - Virtual size: 209KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 212KB - Virtual size: 209KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 9KB