3f07e2cce1bb81ad1f686440289e2312308822efaaa5b04617ee5b20d0ae0d9c

Sharing

Copy URL

Twitter E-mail

General

Target

3f07e2cce1bb81ad1f686440289e2312308822efaaa5b04617ee5b20d0ae0d9c
Size

1.7MB
MD5

4335624daae55adf8adff839030c9011
SHA1

3f06cd2ece356399dcb3146011d4a9600da55573
SHA256

3f07e2cce1bb81ad1f686440289e2312308822efaaa5b04617ee5b20d0ae0d9c
SHA512

6376caf928ff5faa65fdbe351185fe96f424d6a95b058aecc1adf652b301997742259e1e9d6eb6eac12da1acf97ee8005a4d7b389580a4c3c3bd666d65c5e012
SSDEEP

49152:6m1TIWZw8XuZ9c0Fyxwy7xyxf98rug7h:VEAS7sCydSar9

Score

N/A

Malware Config

Signatures

Files

3f07e2cce1bb81ad1f686440289e2312308822efaaa5b04617ee5b20d0ae0d9c
.exe windows x86

7d3621acc6644351777fbcebcaebfbca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

TransparentBlt

shell32

SHCreateDirectoryExW
ShellExecuteW
SHGetSpecialFolderLocation
CommandLineToArgvW
SHGetPathFromIDListW
SHFileOperationW
SHGetSpecialFolderPathW
SHBrowseForFolderW
Shell_NotifyIconW

msi

ord92
ord195
ord32
ord159
ord118
ord8
ord88
ord141
ord169
ord131
ord70
ord137
ord160

advapi32

QueryServiceStatus
OpenSCManagerW
StartServiceW
OpenServiceW
RegOpenKeyExW
RegCreateKeyW
RegCloseKey
RegDeleteValueW
RegSetValueExW
ChangeServiceConfigW
RegEnumKeyW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
CloseServiceHandle

shlwapi

PathFileExistsW
PathStripToRootW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

htons
socket
recv
WSACleanup
send
inet_addr
htonl
connect
WSAStartup
closesocket

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
GetTickCount
GetCurrentProcessId
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameW
SetFilePointer
GetStartupInfoA
GetFileType
SetHandleCount
FlushFileBuffers
LoadLibraryA
HeapSize
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetModuleFileNameA
GetStdHandle
FormatMessageW
LocalFree
GetLastError
InitializeCriticalSection
FindFirstFileW
CreateMutexW
GetVersionExW
DeleteCriticalSection
SetFileAttributesW
GetSystemDirectoryW
GetCurrentDirectoryW
CloseHandle
GetFileAttributesW
VirtualFree
VirtualAlloc
WriteFile
SizeofResource
ReadFile
CreateFileW
MultiByteToWideChar
LockResource
FreeResource
GetDriveTypeW
FindResourceW
IsValidLocale
CreateDirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
CreateThread
EnterCriticalSection
Sleep
LeaveCriticalSection
CreateProcessW
GetPrivateProfileStringW
RemoveDirectoryW
GetDiskFreeSpaceExW
FindNextFileW
FreeLibrary
FindClose
GetProcAddress
lstrcmpW
WideCharToMultiByte
LoadLibraryW
GetPrivateProfileIntW
DeleteFileW
GetCurrentThreadId
GetWindowsDirectoryW
MoveFileExW
CopyFileW
WritePrivateProfileStringW
QueryPerformanceFrequency
QueryPerformanceCounter
IsBadReadPtr
IsBadWritePtr
DeleteFileA
TerminateProcess
OpenProcess
lstrcatA
GetACP
Process32FirstW
CreateToolhelp32Snapshot
MoveFileW
RemoveDirectoryA
Process32NextW
WaitForSingleObject
lstrcmpiW
HeapReAlloc
HeapCreate
HeapDestroy
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
RaiseException
GetStartupInfoW
GetProcessHeap
GetVersionExA
ExitProcess
SetStdHandle
GetModuleHandleA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
HeapAlloc
HeapFree
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
InterlockedCompareExchange
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CreateFileA
SetEndOfFile
GetThreadLocale
LoadResource
LocalAlloc

user32

SetCursor
EnumWindows
GetWindowThreadProcessId
BringWindowToTop
SetWindowLongW
SetClassLongW
PostQuitMessage
SetFocus
CreateWindowExW
IsWindow
GetDlgItemTextW
GetFocus
PtInRect
GetCursorPos
GetWindowDC
MapVirtualKeyW
LoadCursorW
GetWindowRect
CreateDialogParamW
GetDlgCtrlID
UpdateWindow
SetWindowPos
DestroyWindow
SetDlgItemTextW
GetClientRect
DrawTextW
GetWindowLongW
ShowWindow
GetDlgItem
SendMessageW
SetWindowTextW
EnableWindow
GetWindowTextW
DispatchMessageW
TranslateAcceleratorW
TranslateMessage
GetMessageW
LoadAcceleratorsW
MessageBoxW
DialogBoxParamW
EndDialog
SetTimer
InvalidateRect
LoadImageW
GetWindow
SetWindowRgn
GetActiveWindow
GetParent
TrackMouseEvent
GetDC
GetClassNameW
GetKeyState
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
DestroyIcon
DrawIconEx
OffsetRect
LoadBitmapW
ReleaseCapture
ReleaseDC
KillTimer
PostMessageW

gdi32

DeleteObject
GetTextExtentExPointW
GetObjectW
CreateRoundRectRgn
SetBkColor
CreateCompatibleBitmap
BitBlt
SelectObject
DeleteDC
GetStockObject
CreateFontW
CreateCompatibleDC
SetTextColor
SetBkMode

ole32

CoUninitialize
CoCreateInstance
StringFromCLSID
CreateStreamOnHGlobal
CoInitializeEx

oleaut32

SysAllocString
SysStringLen
SysFreeString

Sections

.text
Size: 272KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32.3MB - Virtual size: 32.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.]rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7d3621acc6644351777fbcebcaebfbca

Headers

File Characteristics

Imports

msimg32

shell32

msi

advapi32

shlwapi

version

ws2_32

kernel32

user32

gdi32

ole32

oleaut32

Sections

.text Size: 272KB - Virtual size: 270KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 8KB - Virtual size: 47KB

.rsrc Size: 32.3MB - Virtual size: 32.3MB

.]rdata Size: 68KB - Virtual size: 68KB

.text
Size: 272KB - Virtual size: 270KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 8KB - Virtual size: 47KB

.rsrc
Size: 32.3MB - Virtual size: 32.3MB

.]rdata
Size: 68KB - Virtual size: 68KB