433aeaad269fcf534321a67d05a70ecf3ad54121f80a309bdfd264bfd2a23815

Sharing

Copy URL Twitter E-mail

General

Target

433aeaad269fcf534321a67d05a70ecf3ad54121f80a309bdfd264bfd2a23815
Size

336KB
MD5

6d9217cf6549fe6a75ae751001d5a19b
SHA1

38e611d6179f810e23610f2e83e50eac4c7fa9bb
SHA256

433aeaad269fcf534321a67d05a70ecf3ad54121f80a309bdfd264bfd2a23815
SHA512

2458ef37388bad56bd6b58194f9c21a3e1aeb22fdf8c94f10bb4e0f00e681f36c398467e7bac97d065ede5be6b0bdbac3195ea2e25e3ebbbb7d74c8bb13f924d
SSDEEP

6144:++eO1wuOtjE9aC1n6Dohnhdi80pv3q7i2betmZHmRESR:+BFuOtA9aC1nsgY/q7tesHmB

Score

N/A

Malware Config

Signatures

Files

433aeaad269fcf534321a67d05a70ecf3ad54121f80a309bdfd264bfd2a23815
.exe windows x86

43ba16e3eb243dd395055efb130538c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFolderPathA
SHGetMalloc

user32

MessageBoxA
FindWindowExA
CharUpperW
FindWindowA
LoadStringA
wsprintfA
CharLowerA
GetSystemMetrics
CharUpperA
CharLowerW
PostMessageA
RegisterWindowMessageA
UnregisterClassA
CharToOemA

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

setupapi

SetupOpenInfFileA
SetupInstallServicesFromInfSectionA
SetupInstallFromInfSectionA

advapi32

QueryServiceStatus
RegFlushKey
RegEnumValueA
OpenSCManagerA
RegCreateKeyExA
RegQueryValueExA
ImpersonateSelf
CloseServiceHandle
StartServiceA
DeleteService
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RevertToSelf
OpenServiceA
RegCloseKey
RegQueryInfoKeyA
RegSetValueExA
ControlService
RegOpenKeyExA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

kernel32

LoadLibraryExA
GetFileType
FreeEnvironmentStringsW
GetSystemInfo
GetACP
SetStdHandle
lstrlenW
CreateFileA
FindClose
FreeResource
FreeLibrary
VirtualFree
WideCharToMultiByte
FlushFileBuffers
ReadFile
FatalAppExitA
GetCurrentThreadId
GetSystemTimeAsFileTime
VirtualProtect
FindNextFileA
LoadResource
CompareStringW
RaiseException
FindFirstFileA
IsValidCodePage
HeapFree
GetModuleHandleA
RtlUnwind
IsBadCodePtr
GetLocalTime
VirtualAlloc
GetTimeZoneInformation
GetThreadLocale
lstrcmpiW
SetEnvironmentVariableA
DeleteFileA
TlsGetValue
OpenProcess
ReleaseMutex
RemoveDirectoryA
CompareStringA
CreateProcessA
SetConsoleCtrlHandler
SetHandleCount
SetUnhandledExceptionFilter
lstrlenA
LoadLibraryExW
TlsFree
SetPriorityClass
SetThreadPriority
HeapDestroy
HeapSize
CloseHandle
lstrcmpiA
HeapAlloc
HeapReAlloc
FindResourceExA
GetStringTypeExW
DeleteCriticalSection
WaitForSingleObject
OpenEventA
GetOEMCP
EnumSystemLocalesA
VirtualQuery
WriteFile
FormatMessageA
GetTimeFormatA
TlsAlloc
SetFilePointer
EnterCriticalSection
CreateMutexA
SetLastError
UnhandledExceptionFilter
LCMapStringW
SetFileAttributesA
GetDateFormatA
SizeofResource
ResumeThread
GetTempPathA
GetCommandLineA
TlsSetValue
GetStdHandle
GetUserDefaultLCID
MoveFileExA
LocalFree
GetCurrentDirectoryA
LockResource
GetSystemDirectoryA
LCMapStringA
GetPrivateProfileStringA
GetWindowsDirectoryA
SetEndOfFile
IsValidLocale
FreeEnvironmentStringsA
GetProcessHeap
GetStringTypeExA
LeaveCriticalSection
GetCurrentProcess
VirtualAllocEx

atmlib

ATMFinish
ATMGetNtmFields
ATMRemoveFontA
ATMGetNtmFieldsW
ATMRemoveSubstFontA
ATMGetFontInfoA
ATMGetOutlineA

gpedit

CreateGPOLink

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43ba16e3eb243dd395055efb130538c9

Headers

File Characteristics

Imports

shell32

user32

psapi

setupapi

advapi32

ole32

kernel32

atmlib

gpedit

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 312KB - Virtual size: 1.2MB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 312KB - Virtual size: 1.2MB

.rsrc
Size: 5KB - Virtual size: 4KB