753527a3c7089c511185e022d03f0cc61c458f67146cd577340682b1d8592e5d

Sharing

Copy URL Twitter E-mail

General

Target

753527a3c7089c511185e022d03f0cc61c458f67146cd577340682b1d8592e5d
Size

189KB
MD5

42f4dfb2ab4bfafd546049014b14db03
SHA1

616a899dac611cf3663964ddd0e2ec6387345c6e
SHA256

753527a3c7089c511185e022d03f0cc61c458f67146cd577340682b1d8592e5d
SHA512

71fead8b668d14b6375d8d2ec8fff6dc88cf1984bc51dc83b98fa68424f54e4d180315793e13cb841bbec49278a93fbd1c731f4dc0f4a14a24e01f52bb7c23ab
SSDEEP

3072:O7AWycopnUp9Y7HscBTgxVNVOWjIvvdSC9Qk+cTzvLumqmc0EDPgj8xCX:3BnS8M+TgxevgsQk+0CmzXEru8xe

Score

N/A

Malware Config

Signatures

Files

753527a3c7089c511185e022d03f0cc61c458f67146cd577340682b1d8592e5d
.exe windows x86

389699389cdc166c0db256fd1ab44087

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
SetLastError
lstrlenA
GetLastError
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalHandle
WaitForSingleObject
CreateThread
GetTempFileNameA
GetTempPathA
InitializeCriticalSection
DeleteCriticalSection
LocalAlloc
Sleep
InterlockedDecrement
InterlockedIncrement
SetEvent
WriteFile
CompareStringA
FreeLibrary
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
VirtualQuery
GetVersion
WideCharToMultiByte
CloseHandle
ExitProcess
InterlockedExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
LocalFree
GlobalAlloc
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
GetThreadLocale
GetLocaleInfoA
GetACP
GetCommandLineW

user32

GetFocus
IsWindow
GetWindow
RedrawWindow
EndDialog
DestroyAcceleratorTable
GetDlgItem
IsChild
MoveWindow
DestroyWindow
UnregisterClassA
GetSysColor
ReleaseCapture
SetCapture
FillRect
GetClientRect
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
GetDesktopWindow
EndPaint
BeginPaint
EnableMenuItem
CheckMenuItem
GetMenu
SetMenuItemBitmaps
ShowWindow
GetWindowPlacement
SetWindowPos
SetMenu
TranslateMessage
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
GetParent
SetFocus

gdi32

CreateSolidBrush
GetStockObject
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject

advapi32

RegQueryValueExW
RegSetValueExA
RegSetValueExW
RegCreateKeyExA
RegCreateKeyExW
RegCloseKey
RegQueryValueExA

ole32

StringFromGUID2
OleLockRunning
CreateStreamOnHGlobal
CoGetClassObject
CLSIDFromProgID
CoInitialize
CoCreateInstance
OleInitialize
OleUninitialize
CoRevokeClassObject
CoRegisterClassObject
CLSIDFromString
CoUninitialize
CoTaskMemAlloc

oleaut32

RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
LoadRegTypeLi
VariantInit
VariantClear
OleCreateFontIndirect
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen

shlwapi

PathFindExtensionW

wininet

InternetQueryDataAvailable
InternetOpenUrlW
InternetOpenW
InternetReadFile
InternetErrorDlg
InternetCloseHandle

msvcr70

_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ
__security_error_handler
exit
_wcmdln
_c_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_exit
_XcptFilter
_amsg_exit
_cexit
wcslen
malloc
__CxxFrameHandler
wcscpy
vswprintf
_vscwprintf
memset
wcsncmp
fopen
_wfopen
ftell
fwrite
fseek
fread
fclose
_purecall
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
_CxxThrowException
memcpy
wcsrchr
wcschr
wcscmp
realloc
??_V@YAXPAX@Z
??3@YAXPAX@Z
memmove
??_U@YAPAXI@Z
??2@YAPAXI@Z
memcmp
sscanf
??1exception@@UAE@XZ
wcsstr
free

msvcp70

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

389699389cdc166c0db256fd1ab44087

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

wininet

msvcr70

msvcp70

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 22KB

.rrdata Size: 68KB - Virtual size: 68KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 22KB

.rrdata
Size: 68KB - Virtual size: 68KB