6d0bd7a10b391378116c3681eb74987040ad4d11e2d3cc3e680a55346ecf0222

Sharing

Copy URL

Twitter E-mail

General

Target

6d0bd7a10b391378116c3681eb74987040ad4d11e2d3cc3e680a55346ecf0222
Size

414KB
MD5

7491f26b226d7b075315805ae62aa3d5
SHA1

46359ef2ab610a0b597bb57af66d7b8ad2fe3973
SHA256

6d0bd7a10b391378116c3681eb74987040ad4d11e2d3cc3e680a55346ecf0222
SHA512

3129f22640ba8996d14241919f1e0c3c4f84c297eeae70bf8466319518184e238b4631f0385783d213eeae90ff2bea3bfe7a6ac482fbdbdc65d9806788cf162d
SSDEEP

6144:lQsvA466PF9iUKDOfR/Rx7ch57IauEK8iqmsM6cjpr0jIx2C:lBT9Pl37C5loV7xL

Score

N/A

Malware Config

Signatures

Files

6d0bd7a10b391378116c3681eb74987040ad4d11e2d3cc3e680a55346ecf0222
.exe windows x86

2698e9dc4afb958d831caee24c1e34ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
FindFirstFileA
lstrcpynA
SetFileTime
GetFileTime
GetSystemDirectoryA
GetVersionExA
GetDiskFreeSpaceA
GetShortPathNameA
SetCurrentDirectoryA
HeapDestroy
HeapAlloc
HeapCreate
GetLocaleInfoA
GlobalUnlock
GlobalHandle
GlobalLock
GetComputerNameA
GetLocalTime
lstrlenA
lstrcmpA
GetTickCount
GetProcAddress
FreeLibrary
GetCurrentDirectoryA
FindClose
GetVolumeInformationA
lstrcatA
IsDBCSLeadByte
MulDiv
GetTimeZoneInformation
VirtualAlloc
VirtualFree
GetFileType
GetStdHandle
UnhandledExceptionFilter
RtlUnwind
GetCPInfo
GetOEMCP
GetACP
WideCharToMultiByte
GetCommandLineA
GetEnvironmentStrings
GetStartupInfoA
SetEnvironmentVariableA
GetFullPathNameA
FindNextFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitProcess
lstrcpyA
LoadResource
LockResource
FreeResource
GetLogicalDrives
GetLogicalDriveStringsA
SetFileAttributesA
DeleteFileA
GlobalMemoryStatus
CreateFileA
ReadFile
SetFilePointer
OpenFile
WriteFile
CloseHandle
MultiByteToWideChar
GetModuleFileNameA
GlobalAlloc
GlobalFree
GetPrivateProfileStringA
lstrcmpiA
GetLastError
GetWindowsDirectoryA
GetTempPathA
GetModuleHandleA
LoadLibraryExA
GetVersion
GetSystemDefaultLCID
LoadLibraryA
SetErrorMode
GetDriveTypeA

advapi32

RegDeleteKeyA
RegEnumKeyExA
GetUserNameA
RegDeleteValueA
RegEnumValueA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA

user32

SendDlgItemMessageA
BroadcastSystemMessage
CallWindowProcA
GetSysColor
GetClassLongA
CopyRect
GetDlgCtrlID
CharLowerA
SetCursor
ShowCursor
InvalidateRect
ScreenToClient
CharNextA
GetDialogBaseUnits
ClientToScreen
GetClientRect
CharPrevA
wsprintfA
GetDlgItemTextA
DefWindowProcA
SetWindowTextA
ReleaseDC
LoadIconA
EndPaint
DrawIcon
SetWindowLongA
GetWindowTextA
BeginPaint
SetRect
GetWindowLongA
DrawFocusRect
RegisterClassA
GetActiveWindow
EndDialog
LoadBitmapA
LoadCursorA
LoadStringA
GetDlgItemInt
CharUpperBuffA
SetFocus
GetSystemMetrics
GetFocus
InflateRect
CheckRadioButton
FillRect
MessageBeep
CharUpperA
InvertRect
SendNotifyMessageA
SetWindowPos
DrawTextA
DestroyWindow
GetParent
MessageBoxA
GetKeyState
GetWindowRect
GetDlgItem
PostMessageA
GetWindow
SendMessageA
GetDC
ShowWindow
EnableWindow
SetDlgItemTextA
GetSystemMenu
RemoveMenu
FindWindowA
SetForegroundWindow
IsWindowEnabled

gdi32

DeleteObject
ExtTextOutA
CreateFontIndirectA
GetDeviceCaps
GetObjectA
GetTextExtentPointA
SelectObject
SetBkColor
GetNearestColor
SetTextColor
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateDiscardableBitmap
CreateDIBitmap
GetTextMetricsA
GetStockObject
AddFontResourceA
RemoveFontResourceA
CreateScalableFontResourceA
PatBlt
StretchBlt
CreateSolidBrush
CreatePatternBrush
CreateBitmap
RestoreDC
IntersectClipRect
SaveDC
GetPixel

ole32

OleInitialize
OleUninitialize
CoCreateInstance

mpr

WNetCancelConnectionA
WNetAddConnectionA
WNetConnectionDialog
WNetGetLastErrorA
WNetCancelConnection2A
WNetAddConnection2A
WNetGetConnectionA

mssetup

GetRegKeyValue32
SetAdminMode
SetSilentMode
FRegCreateKey32
WriteLogDivider
DeleteRegKeyValue32
SetErrorParamConst
PrependToPath
FWriteToLogFile
RenameFile
GetEnvVariableValue
AddShareToAutoexec
FReadResource
CompareFileVersions
StampResource
EercOpenFile
LfaSeekFile
SetErrorParamInt
FCloseFile
CbStrCopyToBuffer
CbReadFile
FChmodFile
AddLineToRestartFile
FLanguageMismatchInf
FGetKeyInfo
GetVersionNthField
GetSectionKeyFilename
DoesInfSectionExist
DoesInfSectionKeyExist
GetSectionKeyVersion
SetErrorParamCopy
CreateProgmanItem
EnsurePathExists
DeleteProgmanItem
MakeListFromProgmanGroups
ShowProgmanGroup
DoesIniKeyExist
RemoveIniKey
IsFileInUseBySystem
FRemoveOurDir
CreateDir
RemoveDir
IsWindowsShared
ShowWaitCursor
HmodUIHookDll
RemoveSectionFilesToCopyList
MakeListFromSectionSize
BindImage
LogValidate
AddSpecialFileToCopyList
AddSectionKeyFileToCopyList
RemoveSpecialFileToCopyList
RemoveSectionKeyFileToCopyList
ReactivateSetupScript
FSetSymbolValue
HdlgShowHelp
ProcessMessageId
UIPop
ForceNewDialog
GetScreenHeight
UIStartExeDlg
GetWindowsMode
SzLastChar
IsCtl3dEnabled
RemoveSymbol
GetListItem
GetListLength
UIStartExeDlgWinHelp
GetSymbolValue
SetPassInfo
HwndFrame
CopyFilesInCopyList
LogMessageId
Validate
GetCopyListCost
ClearCopyList
SetRestartDir
HandleOOM
PbAlloc
DoesFileExist
ReadInfFile
AddListItem
ClearBillboardList
SetCopyGaugePosition
ReplaceListItem
GetFreeSpaceForDrive
DriveNumToRootPath
SetErrorParam
FValidFilePath
IsDriveNetwork
CrcStringCompareI
CbGetListItem
GetNetworkDrivesList
SetSymbolValue
DoesDirExist
GetWindowsSysDir
FindTargetOnEnvVar
RestartListEmpty
RestoreCursor
FRegCloseKey
SetRegKeyValue32Ex
GetRegKeyValue32Ex
GetSectionKeySize
AddSectionFilesToCopyList
TermIME
EnableIME
InitIME
InitSetupToolkit
SetFEFontProc
InitLongFileNames
SetAcmeInst
AddToBillboardList
GetScreenWidth
DoMsgBox
SuppressLongFileNames
FindFileUsingFileOpen
GetNthFieldFromIniString
SetTitle
SetBitmap
SetSizeCheckMode
SetAbout
EndSetupToolkit
FCloseLogFile
FFree
ExitExecRestart
OpenIME
GetDOSMajorVersion
IsDirWritable
GetWindowsDirPath
SetRegKeyValue32
FLongFileNamesSuppressed
CreateIniKeyValue
CrcStringCompare
GetIniKeyString
FOpenLogFile
SzGetLastSetupErrMsg
ForceRestartOn
CbGetSymbolValue
IsWindows
IsDriveRemovable
RemoveFile
FCloseSrcFile
EercReadSrcFile
EercOpenSrcFileEx
EercWriteSrcFile
EercOpenSrcFile
EercFindHddiFloppy
SetErrorParamChar
GetVersionOfFile
IsDriveLocalHard
IsFileWritable
FindFileInTree

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

shell32

ShellExecuteA

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pbss
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2698e9dc4afb958d831caee24c1e34ba

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

ole32

mpr

mssetup

version

shell32

Sections

.text Size: 200KB - Virtual size: 199KB

.bss Size: - Virtual size: 2KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 22KB - Virtual size: 21KB

.idata Size: 9KB - Virtual size: 9KB

.edata Size: 512B - Virtual size: 53B

.rsrc Size: 87KB - Virtual size: 87KB

.reloc Size: 16KB - Virtual size: 16KB

.pbss Size: 68KB - Virtual size: 68KB

.text
Size: 200KB - Virtual size: 199KB

.bss
Size: - Virtual size: 2KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 22KB - Virtual size: 21KB

.idata
Size: 9KB - Virtual size: 9KB

.edata
Size: 512B - Virtual size: 53B

.rsrc
Size: 87KB - Virtual size: 87KB

.reloc
Size: 16KB - Virtual size: 16KB

.pbss
Size: 68KB - Virtual size: 68KB