a96fdbfd7474802b50df6d9c61467ad981ed5afdf9d6980f1c2ff4d465dc5801

Sharing

Copy URL

Twitter E-mail

General

Target

a96fdbfd7474802b50df6d9c61467ad981ed5afdf9d6980f1c2ff4d465dc5801
Size

253KB
MD5

c51368faa2131922b23c7745b009f192
SHA1

b52c9502cde5eb52705f85eaab4eaa6e37d3d5ce
SHA256

a96fdbfd7474802b50df6d9c61467ad981ed5afdf9d6980f1c2ff4d465dc5801
SHA512

0911a89106d6f1caafd55882617a04bfba8be9ab11af62698b2d90b128ce71a986690dd2fa0cc6f60346c167d8e203c49fac4ca25c2614a155b6466ca0d84a19
SSDEEP

3072:PaSh7D7ktA9SWq5TwnVW2BlnOfJcrhfiF7iH7sD/wVrVZsqTFzpA0tOojB5s03hb:/bkgx82eShqligDW/yAOotdhk/wB7DeS

Score

N/A

Malware Config

Signatures

Files

a96fdbfd7474802b50df6d9c61467ad981ed5afdf9d6980f1c2ff4d465dc5801
.exe windows x86

2128f7888f2c622b637401702af2fa3b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateEventW
FreeLibrary
RemoveDirectoryW
GetTempPathW
GetTempFileNameW
lstrcpynW
GetModuleHandleW
lstrlenA
lstrlenW
OpenEventW
CompareFileTime
CreateMutexW
ExpandEnvironmentStringsA
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
lstrcatW
lstrcmpW
GetLocalTime
ExpandEnvironmentStringsW
lstrcpynA
SystemTimeToFileTime
FileTimeToSystemTime
GetTimeFormatW
GetDateFormatW
GetVolumeInformationW
GetSystemDirectoryW
GetWindowsDirectoryW
LocalAlloc
LocalFree
CreateDirectoryW
LoadLibraryA
GetProcAddress

user32

GetForegroundWindow
GetActiveWindow
MessageBoxW
MoveWindow
GetTopWindow
RegisterWindowMessageW
SetTimer
LoadCursorW
GetSystemMetrics
LoadIconW
CopyRect
GetSysColor
PeekMessageW
IsWindow
EnumWindows
PostMessageW
GetCursorPos
DestroyIcon
GetFocus
InvalidateRect
LoadMenuW
GetSubMenu
EnableMenuItem
CheckMenuItem
OffsetRect
SetWindowPos
LoadImageW
SendMessageW
EnableWindow

gdi32

CreatePatternBrush
DeleteObject
CreateSolidBrush
CreatePen
CreateRectRgn
GetStockObject
CreateCompatibleDC
CreateFontIndirectW

advapi32

AddAccessAllowedAce
RegOpenKeyExA
RegQueryValueExA
QueryServiceConfigW
ChangeServiceConfigW
DeleteService
ControlService
OpenServiceW
StartServiceW
QueryServiceStatus
OpenSCManagerW
CreateServiceW
CloseServiceHandle
LookupPrivilegeValueW
AdjustTokenPrivileges
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
FreeSid
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
SetSecurityDescriptorDacl
RevertToSelf
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
GetUserNameW

shell32

ShellExecuteW
ShellExecuteExW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysAllocStringLen
SysFreeString

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

uxtheme

GetThemeFont
GetThemeBackgroundExtent
GetThemeSysBool
GetThemeInt
GetThemeColor
GetCurrentThemeName
GetThemeBool

certmgr

DllUnregisterServer
DllRegisterServer
DllCanUnloadNow
DllInstall

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Mvf
Size: 1024B - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ouxdt
Size: 3KB - Virtual size: 563KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hOC
Size: 74KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.U
Size: 5KB - Virtual size: 895KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hUG
Size: 2KB - Virtual size: 575KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Qlxfk
Size: 512B - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ij
Size: 138KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2128f7888f2c622b637401702af2fa3b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

uxtheme

certmgr

Sections

.text Size: 15KB - Virtual size: 14KB

.Mvf Size: 1024B - Virtual size: 118KB

.ouxdt Size: 3KB - Virtual size: 563KB

.rdata Size: 4KB - Virtual size: 45KB

.hOC Size: 74KB - Virtual size: 115KB

.U Size: 5KB - Virtual size: 895KB

.hUG Size: 2KB - Virtual size: 575KB

.data Size: 6KB - Virtual size: 281KB

.Qlxfk Size: 512B - Virtual size: 53KB

.ij Size: 138KB - Virtual size: 139KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 15KB - Virtual size: 14KB

.Mvf
Size: 1024B - Virtual size: 118KB

.ouxdt
Size: 3KB - Virtual size: 563KB

.rdata
Size: 4KB - Virtual size: 45KB

.hOC
Size: 74KB - Virtual size: 115KB

.U
Size: 5KB - Virtual size: 895KB

.hUG
Size: 2KB - Virtual size: 575KB

.data
Size: 6KB - Virtual size: 281KB

.Qlxfk
Size: 512B - Virtual size: 53KB

.ij
Size: 138KB - Virtual size: 139KB

.rsrc
Size: 2KB - Virtual size: 2KB