054eb319bc1c29ed4ecc9f75fb3082fa0eeb0d754bf18cb3a2b0172e286df5ac

Sharing

Copy URL Twitter E-mail

General

Target

054eb319bc1c29ed4ecc9f75fb3082fa0eeb0d754bf18cb3a2b0172e286df5ac
Size

256KB
MD5

15dbdce50ed80f9c111a92e61a3ed800
SHA1

6c9068f80cf67ae73c9c0ad3068efaae96770222
SHA256

054eb319bc1c29ed4ecc9f75fb3082fa0eeb0d754bf18cb3a2b0172e286df5ac
SHA512

546316a36ff413879d7e92cfd3df0a7cb14526a3a8afd2851227fb58524214602387c48e2c06647cc0781a2e867d0ee63ba03193b5dcf0b05e21e4a0f2e5c9c3
SSDEEP

6144:Jdaxo9s0a8Hh7u4V6PX7/gYbbWDFE1PbLszcmOQWZLH:JdaxOs0LHlNcD/gYbbWOHszcmO3

Score

N/A

Malware Config

Signatures

Files

054eb319bc1c29ed4ecc9f75fb3082fa0eeb0d754bf18cb3a2b0172e286df5ac
.exe windows x86

da5bfe53f21e9a0464873c9a39b6d91e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetDiskFreeSpaceA
GetWindowsDirectoryA
GetDriveTypeA
SetErrorMode
Process32Next
Process32First
CreateToolhelp32Snapshot
GetVersionExA
RemoveDirectoryA
GetFileAttributesA
CreateDirectoryA
MoveFileA
GetVersion
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
FlushFileBuffers
SetEnvironmentVariableA
CompareStringW
CompareStringA
VirtualProtect
GetTimeZoneInformation
InitializeCriticalSection
IsBadCodePtr
OpenProcess
VirtualQuery
InterlockedExchange
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
LCMapStringW
LCMapStringA
SetStdHandle
VirtualFree
HeapCreate
HeapDestroy
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
HeapSize
GetCurrentProcess
EnterCriticalSection
CloseHandle
FreeLibrary
FindFirstFileA
FindClose
CreateProcessA
GetTickCount
GetExitCodeProcess
InterlockedIncrement
WaitForSingleObject
TerminateProcess
GetModuleFileNameA
DeleteFileA
FindResourceA
LoadResource
LockResource
SizeofResource
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
Sleep
GetSystemDirectoryA
GetTempPathA
GetTempFileNameA
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetSystemInfo
GetLastError
FindNextFileA
LoadLibraryA
ReadFile
GetProcAddress
InterlockedDecrement
IsBadReadPtr
ExitProcess
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
SetEndOfFile
SetFilePointer
HeapAlloc
HeapFree
HeapReAlloc
SetFileAttributesA
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
DeleteCriticalSection
LeaveCriticalSection
SetEnvironmentVariableW

user32

CharPrevA
CharNextA
WaitForInputIdle
GetDesktopWindow
PeekMessageA
TranslateMessage
DispatchMessageA
SetWindowTextA
LoadIconA
GetSystemMenu
EnableMenuItem
SystemParametersInfoA
GetParent
SetWindowPos
DestroyWindow
CreateDialogParamA
IsWindow
DialogBoxIndirectParamA
ShowWindow
GetWindowRect
MoveWindow
DialogBoxParamA
SetDlgItemTextA
InvalidateRect
UpdateWindow
SendDlgItemMessageA
EndDialog
GetAsyncKeyState
GetDlgItem
GetClientRect
GetSystemMetrics
PostMessageA
GetDC
SendMessageA
ReleaseDC
GetSysColor
FillRect
LoadBitmapA
DrawTextExA
LoadStringA
MessageBoxA

advapi32

RegCreateKeyA
RegEnumKeyA
RegSetValueA
RegQueryValueA
RegCreateKeyExA
RegEnumKeyExA
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
EqualSid
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyA
RegQueryInfoKeyA
RegCloseKey

gdi32

GetStockObject
GetCurrentObject
CreateFontIndirectA
CreateSolidBrush
DeleteObject
GetObjectA
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
SetTextColor
SetBkColor

comctl32

ord17

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da5bfe53f21e9a0464873c9a39b6d91e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

comctl32

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 84KB - Virtual size: 84KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 84KB - Virtual size: 84KB