49e7d110df536c5295da581434a0ccc49b37606880a945e808c88f9aed6c5464

Sharing

Copy URL Twitter E-mail

General

Target

49e7d110df536c5295da581434a0ccc49b37606880a945e808c88f9aed6c5464
Size

304KB
MD5

3544569f769871bc331b01858511bfe0
SHA1

da9c2de40a1b11af706cb42d05b8e9091350f977
SHA256

49e7d110df536c5295da581434a0ccc49b37606880a945e808c88f9aed6c5464
SHA512

8da99cfb1aed3d5752ec17b7cdc926eadcfbdd43edb2e7b22cba48b07df3a97f94e878c68fefc751b755926574aa9cd856483da72d6b3a027a54d998610811d6
SSDEEP

3072:WKWmXmSvB4sDSrP0gVZy0nvH5VQAKJGNcIqeZSm5ydKE3ASG2t500EKl999+P3VT:WMXmSOsmzpP5VtKoNcIq8/IdG+50bE4

Score

N/A

Malware Config

Signatures

Files

49e7d110df536c5295da581434a0ccc49b37606880a945e808c88f9aed6c5464
.exe windows x86

fc321b21b3f792be490e7d432e653694

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendDlgItemMessageA
CopyIcon
CreateDialogIndirectParamA
SetCapture
DestroyMenu
SetCursorPos
OffsetRect
OpenClipboard
SetWindowsHookExA
DrawMenuBar
CreateWindowExA
GetForegroundWindow
SetMenu
CloseClipboard
GetSystemMetrics
CreatePopupMenu
SendMessageA
GetMenu
DispatchMessageA
UpdateWindow
AttachThreadInput
wsprintfA
GetClassInfoA
GetKeyState
MessageBoxA
GetWindowDC
ReleaseCapture
DrawTextExA
SetWindowTextA
DestroyCursor
GetMessagePos
IsDlgButtonChecked
SetFocus
DestroyCaret
InvalidateRect
IsWindowVisible
GetParent
DestroyWindow
SetWindowLongA
IsMenu
GetMessageTime
ReleaseDC
PtInRect
RegisterClassExA
GetMenuCheckMarkDimensions
WindowFromPoint
GetIconInfo
RegisterClassA
keybd_event
GetWindow
MsgWaitForMultipleObjects
MessageBeep
SystemParametersInfoA
GetDC
RedrawWindow
SetWindowPos
SetScrollPos
GetMenuStringA
DrawIconEx
TrackPopupMenuEx
SetCaretPos
IsZoomed
CheckMenuItem
ShowWindow
GetDlgCtrlID
SetScrollRange
GetWindowLongA
DefWindowProcA

version

GetFileVersionInfoA
VerQueryValueA

ole32

OleSave
OleCreate
DoDragDrop
CLSIDFromString
StgOpenStorage
OleCreateLinkToFile
OleSetMenuDescriptor
CoFreeUnusedLibraries
ReleaseStgMedium
CreateItemMoniker
OleCreateFromFile
OleGetIconOfClass
OleCreateLinkFromData

comctl32

ImageList_AddMasked
ImageList_GetIcon
InitCommonControlsEx
ord17
ImageList_ReplaceIcon
ImageList_Destroy
_TrackMouseEvent
DestroyPropertySheetPage
ImageList_Create

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
ChooseFontA

advapi32

CloseServiceHandle
RegEnumValueA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyExA

kernel32

WriteConsoleW
GetModuleFileNameA
GetPrivateProfileStringA
WriteConsoleA
TlsSetValue
VirtualAlloc
GetTimeZoneInformation
InitializeCriticalSection
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
SetEndOfFile
SetFilePointer
GetTickCount
GetCurrentThread
IsValidLocale
FreeEnvironmentStringsA
CreateFileA
GetTimeFormatA
GetCurrentProcess
VirtualQuery
MultiByteToWideChar
GetFileSize
EnumResourceLanguagesA
TlsAlloc
GetEnvironmentStringsW
OpenMutexA
GetStdHandle
FreeLibrary
SetHandleCount
GetDateFormatA
GetLastError
InterlockedCompareExchange
GetStartupInfoA
WriteFile
DeleteCriticalSection
GetACP
GetProcessHeap
HeapReAlloc
LocalFree
SetConsoleCtrlHandler
TlsGetValue
FlushFileBuffers
GlobalReAlloc
GetConsoleOutputCP
ReadFile
SetEnvironmentVariableA
WideCharToMultiByte
SetUnhandledExceptionFilter
EnumSystemLocalesA
InterlockedIncrement
GetConsoleCP
FatalAppExitA
VirtualFree
GetCPInfo
GetStringTypeW
HeapFree
TerminateProcess
CreateMutexA
MapViewOfFile
GetEnvironmentStrings
GetLocaleInfoA
RaiseException
HeapSize
HeapCreate
UnhandledExceptionFilter
LCMapStringW
GetUserDefaultLCID
LoadLibraryA
GetVersionExA
GetCurrentThreadId
RtlUnwind
LCMapStringA
LocalFileTimeToFileTime
EnterCriticalSection
IsValidCodePage
LeaveCriticalSection
CloseHandle
InterlockedExchange
HeapDestroy
GetOEMCP
GetConsoleMode
CompareStringA
DuplicateHandle
GetProcAddress
ExitProcess
GetCommandLineA
QueryPerformanceCounter
FreeEnvironmentStringsW
InterlockedDecrement
SetStdHandle
SetLastError
GetModuleHandleA
IsDebuggerPresent
HeapAlloc
Sleep
GetFileType
CompareStringW
TlsFree
GetLocaleInfoW
VirtualProtect

urlmon

URLDownloadToFileA

shell32

ShellExecuteW
SHGetMalloc
SHBrowseForFolderW
SHGetFileInfoW

wininet

HttpSendRequestW
InternetCrackUrlW
InternetConnectW
InternetQueryOptionW

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc321b21b3f792be490e7d432e653694

Headers

File Characteristics

Imports

user32

version

ole32

comctl32

comdlg32

advapi32

kernel32

urlmon

shell32

wininet

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 48KB - Virtual size: 65KB

.rsrc Size: 88KB - Virtual size: 84KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 48KB - Virtual size: 65KB

.rsrc
Size: 88KB - Virtual size: 84KB