fa23b3414405d87bb4ee4cf728ad0f80b210040e82684677fae96e169b42352e

Sharing

Copy URL

Twitter E-mail

General

Target

fa23b3414405d87bb4ee4cf728ad0f80b210040e82684677fae96e169b42352e
Size

280KB
MD5

1a227d7cb06fed720cc6a2576f7b83c0
SHA1

fa5e2a43d7e72f3820ef831baacb4209437c03c4
SHA256

fa23b3414405d87bb4ee4cf728ad0f80b210040e82684677fae96e169b42352e
SHA512

2dd9f6b0e09045ddd64c6fc661286fd7317b320050da00f1afd24a6a41ca183e9815f12991934aa1012356411eef9f0a3031d5e1d5fc826294598544faf5ad62
SSDEEP

6144:UN+fzNRhJrb97TwKO0b8ctW0P+cxQ5gzP:VJRb9vFFb8ctvPlGgL

Score

N/A

Malware Config

Signatures

Files

fa23b3414405d87bb4ee4cf728ad0f80b210040e82684677fae96e169b42352e
.exe windows x86

070c7030d6f0ba91459cfd52c5d86047

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

GetCurrentThreadId
GetModuleFileNameA
GetCommandLineA
InterlockedIncrement
DeleteCriticalSection
LocalFree
GetLastError
FreeLibrary
LockResource
LoadResource
FindResourceA
LoadLibraryA
MultiByteToWideChar
CreateProcessA
FindClose
FindFirstFileA
FindNextFileA
LocalAlloc
GetCurrentProcessId
CreateFileW
SetLastError
GetFileAttributesExA
GetFileAttributesExW
GetFileSize
ReadFile
lstrlenA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapFree
GetProcessHeap
HeapAlloc
FlushInstructionCache
GetCurrentProcess
ExitThread
RtlUnwind
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
lstrcmpiA
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
FlushFileBuffers
RaiseException
GetFileType
SetHandleCount
CreateMutexA
Sleep
GetVersionExA
CreateThread
CreateEventA
WaitForMultipleObjects
LeaveCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
GetSystemTimeAsFileTime
GetTimeZoneInformation
InterlockedExchange
EnterCriticalSection
InterlockedDecrement
WideCharToMultiByte
lstrlenW
SetEvent
WaitForSingleObject
InitializeCriticalSection
DebugBreak
OutputDebugStringA
CreateFileA
SetFilePointer
WriteFile
CloseHandle
GetStartupInfoA
HeapReAlloc
LCMapStringW
LCMapStringA
UnhandledExceptionFilter
HeapSize
ExitProcess
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
SetUnhandledExceptionFilter

user32

wvsprintfA
wsprintfA
PostThreadMessageA
CharNextA
DispatchMessageA
TranslateMessage
GetMessageA
LoadStringA
DestroyWindow
EndDialog
IsWindow
PostMessageA
RegisterWindowMessageA
GetActiveWindow
MessageBoxA
MessageBeep
SetForegroundWindow
GetDesktopWindow
SetWindowLongA
GetDlgItem
SendMessageA

advapi32

RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegSetValueExA
RegEnumValueA
RegQueryValueExA

ole32

CreateClassMoniker
GetRunningObjectTable
CoCreateInstance
OleRun
CoInitializeEx
CoResumeClassObjects
CoUninitialize
CoSuspendClassObjects

oleaut32

SafeArrayLock
SafeArrayUnlock
DispCallFunc
VariantClear
SysAllocStringLen
LoadRegTypeLi
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysAllocString
GetErrorInfo
SafeArrayDestroy

wininet

InternetQueryDataAvailable
InternetReadFile
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetGetConnectedState
InternetCloseHandle
InternetConnectA
InternetOpenA

setupapi

SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList

atl

ord30
ord32
ord10
ord11
ord58
ord43
ord38
ord44
ord16
ord57
ord18
ord17
ord20
ord36
ord21
ord23

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

070c7030d6f0ba91459cfd52c5d86047

Headers

File Characteristics

Imports

version

kernel32

user32

advapi32

ole32

oleaut32

wininet

setupapi

atl

Sections

.text Size: 136KB - Virtual size: 134KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 12KB - Virtual size: 16KB

.sxdata Size: 4KB - Virtual size: 340B

.rsrc Size: 100KB - Virtual size: 97KB

.text
Size: 136KB - Virtual size: 134KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 12KB - Virtual size: 16KB

.sxdata
Size: 4KB - Virtual size: 340B

.rsrc
Size: 100KB - Virtual size: 97KB