83b1ebb580b7c13dd3b788ffdeeb567c472bb18c31b583aba17242db634200c9

Sharing

Copy URL Twitter E-mail

General

Target

83b1ebb580b7c13dd3b788ffdeeb567c472bb18c31b583aba17242db634200c9
Size

176KB
MD5

e7c97210a19710ecfb43a63cf69314f6
SHA1

9c81833caf3818d8e5c6f516643ca67d43e99723
SHA256

83b1ebb580b7c13dd3b788ffdeeb567c472bb18c31b583aba17242db634200c9
SHA512

4b15099625ff08112ef5d7381755034c8c3c2ae9fe0508faa1373c3894d91992f50f8b112e67fe978aaa3ec8606f719bdaa3a18ef463eb061ca9854cb5c4a8ce
SSDEEP

3072:H8j9csBrbeHy27t2OCRRA7oiOTqfRQXneIbZwh+5JvxSiLvF2brvZiDD:cxcsBh20/k7XmqfRQnRZj5JkE2brvW

Score

N/A

Malware Config

Signatures

Files

83b1ebb580b7c13dd3b788ffdeeb567c472bb18c31b583aba17242db634200c9
.exe windows x86

0e3dc98a4d7e939924e91d13cdbbcf3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegisterEventSourceW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
QueryServiceConfigW
ChangeServiceConfigW
ChangeServiceConfig2W
RegQueryInfoKeyW
RegEnumKeyW
RegCreateKeyExW
RegFlushKey
RegSetValueExW
OpenProcessToken
GetTokenInformation
EqualSid
LogonUserW
ImpersonateLoggedOnUser
RevertToSelf
StartServiceW
ProcessTrace
CloseTrace
OpenTraceW
UnregisterTraceGuids
StartTraceW
TraceEvent
ControlTraceW
OpenSCManagerW
OpenServiceW
StartServiceA
CloseServiceHandle
RegQueryValueExA
ControlService
ReportEventW
ReportEventA
RegConnectRegistryW
RegQueryInfoKeyA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
DeregisterEventSource
RegCloseKey

comdlg32

GetOpenFileNameW

crypt32

CryptProtectData
CryptUnprotectData

gdi32

GetTextExtentPoint32W

kernel32

lstrcatA
lstrlenA
lstrcatW
lstrcmpiW
lstrcpyW
WaitForSingleObject
lstrcpyA
HeapFree
HeapReAlloc
HeapAlloc
SetLastError
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetLastError
CreateMutexW
HeapDestroy
CloseHandle
GetProcessHeap
HeapCreate
GetComputerNameW
DisableThreadLibraryCalls
GetVersionExW
MultiByteToWideChar
HeapSize
GetUserDefaultUILanguage
InterlockedExchange
InterlockedCompareExchange
GetSystemTimeAsFileTime
CreateMutexA
GetCurrentThreadId
GetExitCodeThread
CreateThread
SetEvent
CreateEventW
ReleaseMutex
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
CreateFileW
lstrcpynW
lstrcmpiA
lstrcpynA
ReadFile
SetFilePointer
GetLocalTime
SearchPathW
SetErrorMode
GetTimeZoneInformation
Sleep
TerminateThread
CreateEventA
FlushFileBuffers
WriteFile
DebugBreak
SetEndOfFile
UnlockFile
FlushViewOfFile
LockFile
GetWindowsDirectoryA
lstrcmpW
InterlockedIncrement
InterlockedDecrement
WaitForMultipleObjects
LocalFree
GetFileAttributesW
ExpandEnvironmentStringsW
GetCurrentProcessId
WideCharToMultiByte
lstrlenW
VirtualAlloc
GetCommandLineA

msvcrt

floor
wcstoul
wcsncpy
wcstol
swprintf
strstr
_wtoi
_itow
wcschr
sprintf
_ultow
_wsplitpath
wcsncmp
wcsstr
_vsnwprintf
_wcsicmp
wcscmp
_wgetenv
_wtol
_ltow
_ltoa
wcstombs
setlocale
mbstowcs
wcslen
_wfullpath
_sleep
atol
fgets
rewind
_wfopen
fclose
_ultoa
atof
strncmp
_getmbcp

ntdll

RtlStringFromGUID
RtlFreeUnicodeString

ole32

CoInitializeEx
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoInitializeSecurity
CoCreateGuid
CoUninitialize
CoGetInterfaceAndReleaseStream
CoSetProxyBlanket

rpcrt4

UuidCreate

shlwapi

StrCmpNIW

user32

PostMessageW
GetDesktopWindow
GetWindowRect
GetParent
SetWindowPos
SetWindowTextA
ShowWindow
SetWindowTextW
GetWindowTextW
MessageBoxW
MessageBeep
GetFocus
CreateDialogParamW
IsWindowEnabled
SendMessageA
GetDC
LoadStringW
wsprintfW
DialogBoxParamW
EnableWindow
SendDlgItemMessageW
EndDialog
IsDlgButtonChecked
SetCursor
LoadCursorA
GetWindowLongW
SetFocus
CheckRadioButton
SetWindowLongW
WinHelpA
GetDlgCtrlID
SendMessageW
GetDlgItemTextW
ReleaseDC
ChangeDisplaySettingsExW
BlockInput
GetWindowLongA
DefWindowProcA
SendMessageTimeoutA
AnimateWindow
GrayStringA
CreateIconFromResource
SendMessageTimeoutW
EnumChildWindows
EnumDisplayDevicesW
UnlockWindowStation
LoadRemoteFonts
EndPaint
CallMsgFilter
ExcludeUpdateRgn
DefMDIChildProcW
SendNotifyMessageA
LockSetForegroundWindow
LoadCursorW
ToAsciiEx
CreateMDIWindowA
SetSystemCursor
DefWindowProcW
SetWindowsHookExA
ChangeDisplaySettingsA
GetClipboardFormatNameA
SetCaretBlinkTime
GetCursor
UnregisterClassA
SetWinEventHook
RegisterClipboardFormatA
FindWindowExW
GetMouseMovePointsEx
IsDialogMessageW
GetLastInputInfo
SetKeyboardState
SetMessageQueue
GetRawInputBuffer
InflateRect
UserRealizePalette
GetClipCursor
GetClassNameW
GetMonitorInfoW
DdeQueryConvInfo
SetMenuItemInfoW
OemToCharA
TranslateMessage
PostQuitMessage
UpdateWindow
SetDeskWallpaper
GetKeyState
VkKeyScanExA
BuildReasonArray
IsCharAlphaA
FillRect
UnregisterMessagePumpHook
MBToWCSEx
ModifyMenuA
User32InitializeImmEntryTable
GetMenuItemInfoA
MessageBoxA
ChangeMenuA
DdeKeepStringHandle
DdeCreateStringHandleW
BroadcastSystemMessageExA
EndTask
WindowFromPoint
LoadIconW
CreateAcceleratorTableA
GetKeyNameTextA
DefDlgProcA

msls31

LsSetDoc
LsForceBreakSubline
LsSetExpansion
LsdnFinishDeleteAll
LsdnSetAbsBaseLine
LsdnResetObjDim
LsQueryTextCellDetails
LsdnSubmitSublines

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e3dc98a4d7e939924e91d13cdbbcf3e

Headers

File Characteristics

Imports

advapi32

comdlg32

crypt32

gdi32

kernel32

msvcrt

ntdll

ole32

rpcrt4

shlwapi

user32

msls31

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 145KB - Virtual size: 270KB

.reloc Size: 2KB - Virtual size: 59KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 145KB - Virtual size: 270KB

.reloc
Size: 2KB - Virtual size: 59KB

.rsrc
Size: 1KB - Virtual size: 1KB