39fcdeec92dada02b3987eb094bc6c2ee212092e1ff10094bc341f1e7c11a6eb

Sharing

Copy URL

Twitter E-mail

General

Target

39fcdeec92dada02b3987eb094bc6c2ee212092e1ff10094bc341f1e7c11a6eb
Size

88KB
MD5

03d95d544aa8cf245aa1bed17cf9ca77
SHA1

7179457a79c636106b89a1b2ee6e15ba05014276
SHA256

39fcdeec92dada02b3987eb094bc6c2ee212092e1ff10094bc341f1e7c11a6eb
SHA512

5a98832b9c082f5e93566c7f947f18f0cb5284ed06f6770a24d96c339db3a94bd5ac6c9517fe089706286517b94bda1f7171700982fe93ed17127a31409275eb
SSDEEP

1536:4EqLKU4+dwC/p0cQ7ZCAINqPDHuXnvE0oK11tmYz2S9OQB2PIF1R:4VLrp0cQ7QAINqPDHQncamYb9T2Q

Score

N/A

Malware Config

Signatures

Files

39fcdeec92dada02b3987eb094bc6c2ee212092e1ff10094bc341f1e7c11a6eb
.exe windows x86

b51f22a4896575229889a74a6c48f13a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
ReadFile
EnterCriticalSection
GetFileSize
WriteFile
UnmapViewOfFile
MapViewOfFile
GetVersionExA
SetEvent
LeaveCriticalSection
GetSystemTime
InterlockedIncrement
InterlockedDecrement
SystemTimeToFileTime
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
CompareFileTime
CreateDirectoryA
FindResourceA
GetFileAttributesA
FindFirstFileA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
SetFileAttributesA
SetFileAttributesW
FindNextFileA
FindNextFileW
FindFirstFileW
GetFileAttributesW
ReleaseMutex
GetPrivateProfileIntA
GetPrivateProfileIntW
GetLastError
CreateThread
QueryPerformanceFrequency
MultiByteToWideChar
LoadResource
QueryPerformanceCounter
MoveFileA
MoveFileW
RemoveDirectoryA
RemoveDirectoryW
CreateMutexA
CreateMutexW
LoadLibraryA
WritePrivateProfileStringA
WritePrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileStringW
CreateProcessA
CreateProcessW
lstrcpynA
GetProcAddress
FreeLibrary
SetFilePointer
IsBadReadPtr
GetCurrentThreadId
IsDBCSLeadByte
GetSystemTimeAsFileTime
GetCurrentProcessId
GetProcessTimes
GetCurrentProcess
GetLocalTime
FlushFileBuffers
GetAtomNameA
lstrcmpA
IsBadWritePtr
CreateFileMappingA
CreateFileMappingW
GetVersionExW
DeleteCriticalSection
InitializeCriticalSection
GetACP
GlobalFree
GlobalAlloc
LocalAlloc
LocalReAlloc
LocalFree
OpenProcess
CloseHandle
WaitForSingleObject
lstrlenA
ExitProcess
GetCommandLineA
GetTickCount
lstrlenW
FindClose
lstrcmpiA
WideCharToMultiByte
TerminateProcess
RtlUnwind

user32

GetWindowLongA
GetWindowLongW
GetWindowTextLengthA
LoadCursorA
LoadCursorW
LoadIconA
LoadIconW
LoadStringW
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
CharNextA
SendMessageTimeoutA
SendMessageA
SendMessageW
SetWindowLongA
SetWindowLongW
RegisterClassExA
RegisterClassExW
PostQuitMessage
FindWindowExW
FindWindowExA
FindWindowW
DispatchMessageA
DispatchMessageW
DefWindowProcA
DefWindowProcW
CreateDialogParamW
CreateWindowExW
CreateWindowExA
CreateDialogParamA
GetSystemMetrics
TranslateMessage
MsgWaitForMultipleObjects
DestroyWindow
GetWindowTextA
IsWindow
GetWindowThreadProcessId
GetDesktopWindow
DestroyIcon
GetDlgItem

shlwapi

SHSetValueW
PathAddExtensionW
StrCatBuffW
StrStrIW
StrToIntExW
StrChrW
PathRemoveBackslashW
PathCombineW
PathFindExtensionW
SHGetValueW
StrCpyNW
PathRemoveFileSpecW
PathFindFileNameW
PathAppendW
PathFileExistsW
StrCmpIW
PathFindFileNameA
PathAddBackslashW
wvnsprintfA
SHStrDupW
PathRemoveFileSpecA
PathAddBackslashA
SHRegGetUSValueW
StrCatBuffA
wnsprintfA
StrCmpNIW
StrToIntW
StrCmpNW
wnsprintfW

shfolder

SHGetFolderPathW

oleaut32

SysAllocString
SysFreeString

ole32

CreateBindCtx
StringFromGUID2
CoUninitialize
CoCreateInstance
CoInitialize

advapi32

RegCloseKey
AllocateAndInitializeSid
FreeSid
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA

shell32

SHFileOperationA

version

GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeW
VerQueryValueA

urlmon

CreateURLMoniker
RegisterBindStatusCallback

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b51f22a4896575229889a74a6c48f13a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

shfolder

oleaut32

ole32

advapi32

shell32

version

urlmon

Sections

.text Size: 60KB - Virtual size: 56KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 20KB - Virtual size: 40KB

.text
Size: 60KB - Virtual size: 56KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 20KB - Virtual size: 40KB