6152e7cfa150841f84f004960f3e79453e2cf893870eb8ece746c2f5e6f19f67

Sharing

Copy URL Twitter E-mail

General

Target

6152e7cfa150841f84f004960f3e79453e2cf893870eb8ece746c2f5e6f19f67
Size

704KB
MD5

cebb798d3bf2972cf378bd8d3c4c22ea
SHA1

93960f860290a4931c30838c221057e12c7c0844
SHA256

6152e7cfa150841f84f004960f3e79453e2cf893870eb8ece746c2f5e6f19f67
SHA512

ba6dba79e544e4ad519742941fa62f6def298280381060236ac1286118d22c14b747aa0f0335d69cab090433ad9eef3bff8e4f18d9f1cd302ab1db3ebac65f1e
SSDEEP

12288:BtUe9bNPQGDQawApWMthVhpzwWcs+k5CjpqK:FcanRVhpMWcs+k5CjpZ

Score

N/A

Malware Config

Signatures

Files

6152e7cfa150841f84f004960f3e79453e2cf893870eb8ece746c2f5e6f19f67
.exe windows x86

981d93806a9ed09af5502faadfb32c71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpSendRequestW
InternetGetConnectedState
HttpOpenRequestW
HttpQueryInfoW
InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle
InternetCrackUrlW
InternetConnectW

kernel32

LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
WritePrivateProfileStringW
GetModuleHandleA
SetErrorMode
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
ExitThread
CreateThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
InterlockedDecrement
InterlockedIncrement
lstrlenA
GlobalFindAtomW
CompareStringW
GetVersionExA
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
ReleaseSemaphore
CreateSemaphoreW
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FindClose
FreeResource
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GlobalAddAtomW
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
lstrcmpW
GlobalDeleteAtom
GetModuleHandleW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
lstrlenW
MulDiv
InterlockedExchange
InterlockedCompareExchange
LoadLibraryA
LCMapStringW
LCMapStringA
GetStringTypeExA
GetUserDefaultLCID
WriteFile
GetFileSize
CreateFileA
FreeLibrary
LocalFree
GetCurrentThreadId
GetSystemTime
GetShortPathNameW
DeleteCriticalSection
WaitForMultipleObjects
LockResource
EnterCriticalSection
GetProcAddress
GetTempPathW
MultiByteToWideChar
GetModuleFileNameW
GetFileAttributesW
LeaveCriticalSection
GetVersionExW
SizeofResource
CopyFileW
InitializeCriticalSectionAndSpinCount
LoadLibraryW
GetVolumeInformationA
WideCharToMultiByte
InitializeCriticalSection
GetTickCount
GetComputerNameW
WaitForSingleObject
CreateDirectoryW
MoveFileExW
LoadResource
FindResourceW
lstrcmpA
ExitProcess
SetLastError
GetLastError
Sleep
CreateMutexW
GetCommandLineW
CloseHandle
CreateFileW
ReadFile
HeapReAlloc

user32

DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
LoadCursorW
GetDC
ReleaseDC
GetSysColorBrush
ShowWindow
IsDialogMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CharUpperW
RegisterClipboardFormatW
GetDesktopWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
PeekMessageW
ValidateRect
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
SetCursor
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
SendMessageW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
LoadStringA
PostMessageW
SetForegroundWindow
GetParent
WaitForInputIdle
GetMenu
UnregisterClassW
DestroyMenu
PostThreadMessageW
EndPaint
BeginPaint
GrayStringW
GetClassNameW
EnumChildWindows
SendMessageTimeoutW
IsWindowVisible
GetWindow
EnumThreadWindows
AttachThreadInput
GetClientRect
GetForegroundWindow
BringWindowToTop
SetWindowTextW
GetWindowThreadProcessId
SetTimer
RegisterWindowMessageW
SetParent
wsprintfW
GetWindowTextW
GetCursorPos
EnableWindow
UnregisterClassA
CallWindowProcW

gdi32

DeleteDC
GetStockObject
TextOutW
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
RestoreDC
SaveDC
DeleteObject
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
SetMapMode
ExtTextOutW

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

CryptReleaseContext
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyW
CryptHashData
CryptDestroyHash
CryptCreateHash
CloseServiceHandle
CryptAcquireContextW
CryptGetHashParam
RegCloseKey
ControlService
RegOpenKeyExW
QueryServiceStatus
StartServiceW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
OpenServiceW
OpenSCManagerW

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

comctl32

InitCommonControlsEx

shlwapi

StrCmpNW
StrCmpNIW
PathAppendW
PathFileExistsW
StrCmpW
StrCmpIW
StrCatW
StrStrIW
PathFindFileNameW
StrNCatW
PathFindExtensionW
PathIsDirectoryW
StrCpyNW
PathRemoveExtensionW
StrCpyW
StrStrW
StrChrW
StrDupW
SHSetValueW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleRun
CoInitialize
CoCreateInstance
CoCreateGuid
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoDisconnectObject
CoUninitialize

oleaut32

SysAllocString
VariantChangeType
SysAllocStringLen
SysStringLen
VariantInit
VariantCopy
SysFreeString
LoadTypeLi
VariantClear
GetErrorInfo

urlmon

URLDownloadToFileW

ws2_32

htons
bind
closesocket
gethostbyname
recvfrom
socket
WSAStartup

Sections

.text
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 212KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

981d93806a9ed09af5502faadfb32c71

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

ws2_32

Sections

.text Size: 404KB - Virtual size: 403KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 212KB - Virtual size: 296KB

.rsrc Size: 4KB - Virtual size: 932B

.text
Size: 404KB - Virtual size: 403KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 212KB - Virtual size: 296KB

.rsrc
Size: 4KB - Virtual size: 932B