942f08f5cd8694577e0ec88ef6dbd07064780b9b49676ab186820c1d01231de5

Sharing

Copy URL Twitter E-mail

General

Target

942f08f5cd8694577e0ec88ef6dbd07064780b9b49676ab186820c1d01231de5
Size

468KB
MD5

eee78e0f8dff3f101ff61f12fb4c976c
SHA1

67fdd661eff9f9e834647be8df44dae4abf30c3a
SHA256

942f08f5cd8694577e0ec88ef6dbd07064780b9b49676ab186820c1d01231de5
SHA512

b65789460fb019c510310e9b5fcb9cc94d51b0455ab3c1e4c8a8c70eb6e55cd35320913f4dc0dfdd39b9b39c3154a0bd695cd324e897025026f33a0a2ed63dcb
SSDEEP

6144:Jo5VPfEqmB7RyQw0KR/ATKlN5VknyGIUBe7VrZgwxfcjVNaNQ:Jo5VQ7cQ/qYTKlKnyEBe7BqwZcjVNv

Score

N/A

Malware Config

Signatures

Files

942f08f5cd8694577e0ec88ef6dbd07064780b9b49676ab186820c1d01231de5
.exe windows x86

551c4a646368667c4ea454c229c80d1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
FormatMessageA
lstrcpynA
FindResourceA
TlsGetValue
TlsAlloc
InitializeCriticalSection
DeleteCriticalSection
TlsFree
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
lstrcpyA
lstrlenA
CreateThread
GetModuleHandleA
CreateFileW
SetStdHandle
LCMapStringW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoA
GetStringTypeW
GetLocaleInfoW
FreeLibrary
VirtualQuery
GetProcessHeap
GetConsoleMode
GetConsoleCP
SetFilePointer
GetProcAddress
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
HeapDestroy
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetConsoleCtrlHandler
ExitProcess
OutputDebugStringW
GetFileType
WriteConsoleW
WriteFile
GetStdHandle
LoadLibraryW
MultiByteToWideChar
WideCharToMultiByte
IsProcessorFeaturePresent
IsBadReadPtr
HeapValidate
FatalAppExitA
InitializeCriticalSectionAndSpinCount
GetCurrentThread
SetLastError
TerminateThread
CreateProcessA
WaitForSingleObject
TerminateProcess
CloseHandle
HeapQueryInformation
GetModuleHandleW
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
Sleep
InterlockedExchange
RtlUnwind
RaiseException
DecodePointer
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
GetModuleFileNameW
GetCommandLineA
HeapSetInformation
GetStartupInfoW
FlushFileBuffers

comctl32

ord17

urlmon

URLDownloadToFileA

user32

GetUpdateRect
BeginPaint
EndPaint
GetDC
ReleaseDC
GetWindowLongA
SetParent
LoadImageA
RegisterClassA
LoadStringA
LoadBitmapA
GetWindowTextA
GetWindowTextLengthA
GetDlgItemTextA
IsChild
SetWindowLongA
DefWindowProcA
LoadCursorA
CreateWindowExA
GetClassInfoA
SystemParametersInfoA
GetWindowRect
SetWindowPos
CallWindowProcA
DestroyIcon
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DestroyAcceleratorTable
DestroyWindow
CreateDialogIndirectParamA
CreateDialogParamA
IsWindow
DialogBoxIndirectParamA
DialogBoxParamA
EndDialog
SetTimer
GetDlgItem
SendMessageA
SetWindowTextA
KillTimer
wsprintfA
MessageBoxA
PostQuitMessage
GetSystemMetrics
GetParent

gdi32

GetStockObject

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

Sections

.textbss
Size: - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 375KB - Virtual size: 374KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

551c4a646368667c4ea454c229c80d1d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

urlmon

user32

gdi32

advapi32

shell32

Sections

.textbss Size: - Virtual size: 173KB

.text Size: 375KB - Virtual size: 374KB

.rdata Size: 76KB - Virtual size: 76KB

.data Size: 5KB - Virtual size: 14KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 5KB - Virtual size: 4KB

.textbss
Size: - Virtual size: 173KB

.text
Size: 375KB - Virtual size: 374KB

.rdata
Size: 76KB - Virtual size: 76KB

.data
Size: 5KB - Virtual size: 14KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 5KB - Virtual size: 4KB