8a1a109ac34e57d2a5807619bb0fb9905a043f148250612a212a4cf142c40411

Sharing

Copy URL Twitter E-mail

General

Target

8a1a109ac34e57d2a5807619bb0fb9905a043f148250612a212a4cf142c40411
Size

289KB
MD5

09b65fa8e9b793e1c2b80aae38c61463
SHA1

96b5e356563b1acf9836e213a2badfba2307c3ca
SHA256

8a1a109ac34e57d2a5807619bb0fb9905a043f148250612a212a4cf142c40411
SHA512

e625fafdfc7cb452463d04f5ce803a92b23127d195e2894807d31151bf92df61561a87085c9e3dc8e82d318f1e98f681c248a6434cdab95c834ff6edf0b15507
SSDEEP

6144:DkrdBZiqbZCkqxpewsbVmmKe1j5iBN1BrhERTGcGMugff3ump:D6Us0xnmVmml1jMN1B1eTGyff3l

Score

N/A

Malware Config

Signatures

Files

8a1a109ac34e57d2a5807619bb0fb9905a043f148250612a212a4cf142c40411
.exe windows x86

16250321b62f5fe537c6d096e0f0ff2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileSectionW
ReleaseMutex
VirtualFree
GetConsoleMode
InitializeCriticalSectionAndSpinCount
HeapReAlloc
LockResource
TlsSetValue
MulDiv
UnmapViewOfFile
GetShortPathNameW
FileTimeToSystemTime
IsValidLocale
RaiseException
CreateMutexW
ReadFile
GetCurrentThreadId
GlobalMemoryStatusEx
UnhandledExceptionFilter
GetStdHandle
FreeLibrary
GetSystemInfo
DeleteFileW
SizeofResource
HeapFree
GetFileType
SetEndOfFile
CreateFileW
GetProcessHeap
CloseHandle
WriteFile
SetFilePointer
SetHandleCount
LocalFree
ExpandEnvironmentStringsW
GetUserDefaultLCID
GetACP
GetLogicalDriveStringsW
LoadResource
lstrcmpiW
GetFullPathNameW
GetTimeZoneInformation
GetPrivateProfileStringW
GetSystemDirectoryW
IsDebuggerPresent
LoadLibraryExW
FreeEnvironmentStringsW
LCMapStringW
CreateFileMappingW
SetLastError
FindFirstFileExW
PeekNamedPipe
GlobalFree
GlobalHandle
FindResourceW
IsProcessorFeaturePresent
lstrlenW
EnumSystemLocalesA
FlushFileBuffers
GlobalLock
WriteConsoleW
TlsFree
HeapSize
IsValidCodePage
GetCommandLineA
CreateThread
MapViewOfFile
GetModuleHandleW
GetTempPathW
GetConsoleCP
GetTempFileNameW
FindResourceExW
WideCharToMultiByte
SetStdHandle
lstrlenA
GetOEMCP
DeleteCriticalSection
GetCurrentDirectoryW
SetEnvironmentVariableA
GetFileInformationByHandle
FormatMessageW
HeapAlloc
GlobalUnlock
EnterCriticalSection
LocalAlloc
lstrcmpW
GetCommandLineW
CreateEventW
VirtualAlloc
InterlockedPopEntrySList
GetDriveTypeW
FreeResource
TlsGetValue
RtlUnwind
SetUnhandledExceptionFilter
HeapDestroy
FindClose
GlobalAlloc
TlsAlloc
CompareStringW
DeviceIoControl
EnumUILanguagesW
LeaveCriticalSection
GetSystemTimeAsFileTime
GetLocalTime
GetFileSize
IsWow64Process
InterlockedPushEntrySList
GetWindowsDirectoryW
FlushInstructionCache

user32

SetScrollPos
SetWindowLongW
BeginPaint
GetSystemMetrics
ReleaseDC
SendMessageW
IsWindow
CallWindowProcW
RegisterWindowMessageW
LoadIconW
GetWindowTextLengthW
DestroyWindow
EnumWindows
EndDialog
GetFocus
LoadCursorW
MapDialogRect
GetWindow
SetFocus
MonitorFromWindow
SetDlgItemTextW
SetWindowTextW
CharNextW
GetActiveWindow
SystemParametersInfoW
GetParent
GetClassNameW
GetDlgItemTextW
FillRect
RegisterClassExW
GetMonitorInfoW
DispatchMessageW
GetDesktopWindow
PeekMessageW
GetDC
IsWindowVisible
GetWindowLongW
SetWindowPos
SetCapture
GetWindowThreadProcessId
IsChild
RedrawWindow
DestroyAcceleratorTable
InvalidateRgn
SetForegroundWindow
ScreenToClient
MsgWaitForMultipleObjects
MessageBoxW
GetWindowRect
InvalidateRect
MoveWindow
GetWindowTextW
TranslateMessage
CreateDialogIndirectParamW
EndPaint
ShowWindow
SetWindowContextHelpId
GetSysColor
SetScrollInfo
CreateCaret
FindWindowW
UnregisterClassA
ClientToScreen
GetClientRect
DialogBoxParamW
CreateAcceleratorTableW
GetKeyboardType
GetDlgItem
CreateWindowExW
ReleaseCapture
MapWindowPoints
DefWindowProcW
GetClassInfoExW
SetDlgItemTextA
CreateDialogIndirectParamA
SetCursor
CreateDialogParamW
SetActiveWindow
SendDlgItemMessageA
IsIconic
SetMenu
DefWindowProcA
AppendMenuA
InsertMenuA
WaitMessage
SetDlgItemInt
DialogBoxIndirectParamA

ole32

OleRun
CLSIDFromString
CoCreateInstance
CoGetClassObject
CoTaskMemRealloc
OleUninitialize
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
CLSIDFromProgID
CoUninitialize
OleLockRunning
StringFromGUID2
CoInitialize
CreateStreamOnHGlobal
CoCreateGuid
CoInitializeEx
StringFromCLSID

gdi32

GetObjectW
CreateSolidBrush
CreateCompatibleBitmap
CreateFontIndirectW
DeleteObject
GetTextExtentPoint32W
SelectObject
GetStockObject
BitBlt
CreateCompatibleDC
DeleteDC
GetDeviceCaps
GetTextColor

oleaut32

VarUI4FromStr
GetErrorInfo
SysFreeString
VariantInit
SysAllocStringByteLen
OleCreateFontIndirect
SafeArrayGetLBound
SysAllocStringLen
VariantClear
SysAllocString
SafeArrayGetDim
SafeArrayGetUBound
VariantCopy
LoadRegTypeLi
SysStringByteLen
SafeArrayCreate
VarBstrCmp
SafeArrayDestroy
LoadTypeLi
SafeArrayPutElement
SetErrorInfo
CreateErrorInfo
SysStringLen
SafeArrayGetElement

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

InternetGetConnectedState
InternetOpenUrlW
InternetOpenW
HttpQueryInfoW

advapi32

SetSecurityDescriptorOwner
QueryServiceStatus
RegQueryValueExW
RegDeleteKeyW
OpenSCManagerW
LsaFreeMemory
SetSecurityDescriptorGroup
OpenThreadToken
LsaQueryInformationPolicy
AllocateAndInitializeSid
RegEnumKeyExW
RegEnumValueW
CloseServiceHandle
LsaClose
SetSecurityDescriptorDacl
GetLengthSid
OpenServiceW
RegOpenKeyW
FreeSid
AddAccessAllowedAce
IsValidSecurityDescriptor
InitializeAcl
LsaOpenPolicy
RegCreateKeyExW
QueryServiceConfigW
RegCreateKeyW
RegCloseKey
RegDeleteValueW
ImpersonateSelf
OpenProcessToken
RevertToSelf
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
InitializeSecurityDescriptor
AccessCheck

setupapi

SetupIterateCabinetW

shell32

CommandLineToArgvW
ShellExecuteW

w32topl

ToplEdgeGetWeight
ToplVertexGetOutEdge
ToplHeapIsElementOf
ToplSTHeapInit
ToplScheduleCacheCreate
ToplScheduleMaxUnavailable
ToplListNumberOfElements

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 245KB - Virtual size: 466KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16250321b62f5fe537c6d096e0f0ff2e

Headers

File Characteristics

Imports

kernel32

user32

ole32

gdi32

oleaut32

version

wininet

advapi32

setupapi

shell32

w32topl

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 245KB - Virtual size: 466KB

.rdata Size: 8KB - Virtual size: 7KB

.rsrc Size: 18KB - Virtual size: 53KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 245KB - Virtual size: 466KB

.rdata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 18KB - Virtual size: 53KB