c5163565f28554b7f96a039fc8f1bd0e342f9da6868e25c0e21dcc23434083f9

Sharing

Copy URL Twitter E-mail

General

Target

c5163565f28554b7f96a039fc8f1bd0e342f9da6868e25c0e21dcc23434083f9
Size

261KB
MD5

24fc717842826e3b7513e3eae83af880
SHA1

425c4884152e061deaeaae2209abcf517c4f553c
SHA256

c5163565f28554b7f96a039fc8f1bd0e342f9da6868e25c0e21dcc23434083f9
SHA512

f449c1c7be32fef86c283bd1731f3900b89265f1d2fc6a6c8dfa8bee7007b8dc1b0f148035d6957f15d58ea44a65a54c61d544b27d048b99c6787dc9b8a7be0a
SSDEEP

6144:j3rgmldoOYgIzfbT80Mv75j+7A63fC7t:jb4g+80YV+j3fYt

Score

N/A

Malware Config

Signatures

Files

c5163565f28554b7f96a039fc8f1bd0e342f9da6868e25c0e21dcc23434083f9
.exe windows x86

ce8f9b47ffcc0807cc5af01dada06157

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
GetModuleFileNameA
ReleaseMutex
GetModuleHandleA
ExpandEnvironmentStringsA
CreateMutexA
OpenProcess
Process32Next
CreateToolhelp32Snapshot
CloseHandle
InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetACP
HeapSize
GetCommandLineA
GetStartupInfoA
HeapReAlloc
WaitForSingleObject
ExitProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapAlloc
HeapFree
RaiseException
RtlUnwind
LocalAlloc
GetProcessHeap
SetEvent
CreateEventA
CreateFileW
MultiByteToWideChar
GetTickCount
ExitThread
CreateThread
GetCurrentProcess
GetVersionExA
lstrcatA
MoveFileA
WriteFile
SetFilePointer
ReadFile
CreateFileA
LocalReAlloc
FindNextFileA
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
lstrlenA
GetFileAttributesA
CreateDirectoryA
GetLastError
DeleteFileA
OutputDebugStringA
lstrcpyA
Sleep
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
LocalFree
LocalSize
FlushFileBuffers
GetOEMCP
GetCPInfo
GlobalFlags
lstrcmpA
GetProcessVersion
FreeLibrary
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
TerminateProcess
GetCurrentThreadId
GetVersion
TlsGetValue
TlsSetValue
GetProcAddress
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalUnlock
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
SetLastError
lstrcpynA
InitializeCriticalSection
TlsAlloc
GlobalFree

user32

GrayStringA
DrawTextA
TabbedTextOutA
PostQuitMessage
ClientToScreen
PtInRect
GetClassNameA
GetSysColorBrush
LoadCursorA
SetWindowTextA
LoadIconA
MapWindowPoints
GetSysColor
DestroyMenu
IsWindow
CloseWindow
CreateWindowExA
PostMessageA
GetThreadDesktop
GetUserObjectInformationA
SetThreadDesktop
CloseDesktop
EnumWindows
IsWindowVisible
GetWindowThreadProcessId
GetInputState
PostThreadMessageA
GetMessageA
GetProcessWindowStation
OpenWindowStationA
SetProcessWindowStation
GetCursorPos
ReleaseDC
GetDesktopWindow
GetDC
SetRect
GetSystemMetrics
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetCursorPos
WindowFromPoint
SetCapture
mouse_event
MapVirtualKeyA
keybd_event
SystemParametersInfoA
SendMessageA
BlockInput
DestroyCursor
GetKeyState
GetAsyncKeyState
GetForegroundWindow
GetWindowTextA
ExitWindowsEx
wsprintfA
CharNextA
LoadStringA
EnableWindow
MessageBoxA
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
UnhookWindowsHookEx
SetWindowsHookExA
PeekMessageA
CallNextHookEx
DispatchMessageA
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetWindowRect
GetWindowPlacement
IsIconic
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetWindow
SetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
DestroyWindow
GetDlgCtrlID
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus

advapi32

InitializeSecurityDescriptor
RegCreateKeyExA
GetTokenInformation
LookupAccountSidA
GetUserNameA
RegOpenKeyA
RegSaveKeyA
RegRestoreKeyA
RegEnumValueA
RegQueryInfoKeyA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegEnumKeyExA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
RegSetValueExA
SetSecurityDescriptorDacl
RegSetKeySecurity
FreeSid
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyExA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
ControlService
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCloseKey

shell32

SHGetFileInfoA

winmm

waveInGetNumDevs

comctl32

ord17

ws2_32

socket
htons
getsockname
bind
getpeername
accept
listen
WSAStartup
setsockopt
sendto
recvfrom
__WSAFDIsSet
select
htonl
WSASocketA
WSAGetLastError
gethostname
connect
closesocket
ntohs
inet_addr
inet_ntoa
gethostbyname
recv
send
WSACleanup

netapi32

NetUserAdd
NetLocalGroupAddMembers

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

msvfw32

ICClose
ICOpen
ICCompressorFree
ICSeqCompressFrame
ICSeqCompressFrameStart
ICSeqCompressFrameEnd
ICSendMessage

psapi

EnumProcessModules

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

Sections

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 230KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce8f9b47ffcc0807cc5af01dada06157

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

winmm

comctl32

ws2_32

netapi32

wininet

avicap32

msvfw32

psapi

wtsapi32

winspool.drv

Sections

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 230KB - Virtual size: 249KB

.rsrc Size: 2KB - Virtual size: 2KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 230KB - Virtual size: 249KB

.rsrc
Size: 2KB - Virtual size: 2KB