74929f5f36fac0c9672b03126d1222880963257e0f49730f189f8ec7cc44469b

Sharing

Copy URL Twitter E-mail

General

Target

74929f5f36fac0c9672b03126d1222880963257e0f49730f189f8ec7cc44469b
Size

616KB
MD5

2eb1db04dced5668434fd21739dcdb08
SHA1

ea36849f35febb944f981b4d798b1ae76663cd5f
SHA256

74929f5f36fac0c9672b03126d1222880963257e0f49730f189f8ec7cc44469b
SHA512

c18647f927ef3e9aad603b9ac466421447d055e05d17426e30741771cbf6e525df8a2237d1050f91d0112f8e1853035a982a62875f9155358536dd2e71b7870f
SSDEEP

12288:LtvTzG8cw4xt/WgLwJUs1p244Zy6S1dQJ5oj5pKKUBv9V:LtvG5n/WgLw6ap240y6S1dKG3K9lV

Score

N/A

Malware Config

Signatures

Files

74929f5f36fac0c9672b03126d1222880963257e0f49730f189f8ec7cc44469b
.exe windows x86

9ee54042ff0cecb692fd554fc9c750d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

RealShellExecuteA

gdi32

GetRgnBox
GdiPlayScript

kernel32

HeapSize
UnhandledExceptionFilter
ResumeThread
SetConsoleOutputCP
SetConsoleCursorInfo
CreateProcessA
GetProcAddress
LoadLibraryA
EnterCriticalSection
GetCalendarInfoA
IsDebuggerPresent
InitializeCriticalSection
FreeLibrary
RtlUnwind
ReadFile
GetCPInfo
CompareStringW
LCMapStringA
GetSystemTimeAsFileTime
HeapReAlloc
GetEnvironmentStringsW
GetStdHandle
GetModuleFileNameA
GetACP
WideCharToMultiByte
TlsAlloc
CloseHandle
GetDateFormatA
TlsFree
GetConsoleMode
WriteFile
GetEnvironmentStrings
GetModuleHandleA
VirtualFree
CreateThread
LeaveCriticalSection
GetStringTypeA
FreeEnvironmentStringsA
HeapFree
CreateFileA
GetCurrentThread
SetStdHandle
CreateMailslotW
IsValidCodePage
GetLastError
QueryPerformanceCounter
CreateMutexA
SetLastError
GetVersionExA
EnumSystemLocalesA
TlsGetValue
FreeEnvironmentStringsW
GetTimeZoneInformation
GetNumberFormatW
GetLocaleInfoW
GetUserDefaultLCID
SetConsoleCP
SetHandleCount
WriteConsoleA
WriteConsoleW
EnumResourceTypesA
GetCurrentProcess
GetCurrentProcessId
GetConsoleOutputCP
VirtualAlloc
IsValidLocale
GetTickCount
TlsSetValue
GetLocaleInfoA
HeapDestroy
GetProcessAffinityMask
InterlockedExchange
TerminateProcess
SetEnvironmentVariableA
HeapCreate
GetConsoleCP
SetUnhandledExceptionFilter
SetFilePointer
InterlockedDecrement
GetFileType
MultiByteToWideChar
LCMapStringW
SetConsoleCtrlHandler
GetTimeFormatA
GetOEMCP
GetCurrentThreadId
Sleep
GetCommandLineA
VirtualQuery
GetDiskFreeSpaceExW
ExitProcess
InterlockedIncrement
FlushFileBuffers
GetStringTypeW
ContinueDebugEvent
GetProfileStringA
CompareStringA
GetProcessHeap
HeapAlloc
DeleteCriticalSection
OpenMutexA
GetStartupInfoA

comdlg32

ChooseFontA
PrintDlgW
ReplaceTextA
PageSetupDlgW

user32

CreateDialogParamW
SendNotifyMessageA
UnionRect
InsertMenuItemA
SetTimer
SetClipboardViewer
CloseDesktop
DeleteMenu
MessageBoxExA
ScrollWindow
CreateWindowExA
CharToOemA
IsCharAlphaNumericA
SetDebugErrorLevel
GetWindowTextA
CheckMenuItem
PostThreadMessageW
GetThreadDesktop
RegisterClassA
WinHelpW
DestroyWindow
LoadIconW
DdeSetUserHandle
wvsprintfW
GetMessageW
CreateCursor
SetCapture
TranslateMDISysAccel
GetMenuItemInfoW
MapVirtualKeyExW
GetKBCodePage
DrawStateA
SetWindowRgn
PackDDElParam
ShowWindow
DdeQueryStringA
DefWindowProcW
wsprintfA
GetProcessWindowStation
RegisterWindowMessageA
DefWindowProcA
GetClipboardViewer
GetClassInfoA
TranslateAccelerator
SubtractRect
LoadImageA
GetTabbedTextExtentW
UnhookWinEvent
MapVirtualKeyA
GetMenuDefaultItem
GetClassLongA
FrameRect
RegisterClassExA
ChangeDisplaySettingsW
CheckDlgButton
DdeAbandonTransaction
SetProcessDefaultLayout
ReuseDDElParam
CharLowerBuffA
GetMenu
MessageBoxA
CheckMenuRadioItem
LockWindowUpdate

comctl32

InitCommonControlsEx
ImageList_EndDrag
ImageList_DragLeave
DrawStatusTextA
ImageList_Remove
ImageList_DragMove
ImageList_BeginDrag
CreateStatusWindow
ImageList_SetFlags
ImageList_Duplicate
DrawStatusText

wininet

FtpGetFileW

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 308KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ee54042ff0cecb692fd554fc9c750d9

Headers

File Characteristics

Imports

shell32

gdi32

kernel32

comdlg32

user32

comctl32

wininet

Sections

.text Size: 148KB - Virtual size: 146KB

.rdata Size: 308KB - Virtual size: 306KB

.data Size: 124KB - Virtual size: 154KB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 148KB - Virtual size: 146KB

.rdata
Size: 308KB - Virtual size: 306KB

.data
Size: 124KB - Virtual size: 154KB

.rsrc
Size: 32KB - Virtual size: 28KB