85c5658a26849a2410590ad09d6dc2dd1478e7f7d497245b6628037359b99b69

Sharing

Copy URL Twitter E-mail

General

Target

85c5658a26849a2410590ad09d6dc2dd1478e7f7d497245b6628037359b99b69
Size

253KB
MD5

3377a9623d7db99a327c04e66d144d08
SHA1

936cf0ff57152256457cb571d0eae89d92b1b696
SHA256

85c5658a26849a2410590ad09d6dc2dd1478e7f7d497245b6628037359b99b69
SHA512

234b545e9f01c4a86ef76e96573e9d024679963645464d7af14dd161cc241f89a95f3f5eed9c9e000854d407315bb34148207aee49ba20e2c8ba50427a11dbfc
SSDEEP

3072:oaSh7D7ktA9SWq5TwnVW2BlnOfJcrhfiF7iH7sD/wVrVZsqTFzpA0tOojB5s03hb:kbkgx82eShqligDW/yAOotdhk/wB7DeS

Score

N/A

Malware Config

Signatures

Files

85c5658a26849a2410590ad09d6dc2dd1478e7f7d497245b6628037359b99b69
.exe windows x86

2128f7888f2c622b637401702af2fa3b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateEventW
FreeLibrary
RemoveDirectoryW
GetTempPathW
GetTempFileNameW
lstrcpynW
GetModuleHandleW
lstrlenA
lstrlenW
OpenEventW
CompareFileTime
CreateMutexW
ExpandEnvironmentStringsA
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
lstrcatW
lstrcmpW
GetLocalTime
ExpandEnvironmentStringsW
lstrcpynA
SystemTimeToFileTime
FileTimeToSystemTime
GetTimeFormatW
GetDateFormatW
GetVolumeInformationW
GetSystemDirectoryW
GetWindowsDirectoryW
LocalAlloc
LocalFree
CreateDirectoryW
LoadLibraryA
GetProcAddress

user32

GetForegroundWindow
GetActiveWindow
MessageBoxW
MoveWindow
GetTopWindow
RegisterWindowMessageW
SetTimer
LoadCursorW
GetSystemMetrics
LoadIconW
CopyRect
GetSysColor
PeekMessageW
IsWindow
EnumWindows
PostMessageW
GetCursorPos
DestroyIcon
GetFocus
InvalidateRect
LoadMenuW
GetSubMenu
EnableMenuItem
CheckMenuItem
OffsetRect
SetWindowPos
LoadImageW
SendMessageW
EnableWindow

gdi32

CreatePatternBrush
DeleteObject
CreateSolidBrush
CreatePen
CreateRectRgn
GetStockObject
CreateCompatibleDC
CreateFontIndirectW

advapi32

AddAccessAllowedAce
RegOpenKeyExA
RegQueryValueExA
QueryServiceConfigW
ChangeServiceConfigW
DeleteService
ControlService
OpenServiceW
StartServiceW
QueryServiceStatus
OpenSCManagerW
CreateServiceW
CloseServiceHandle
LookupPrivilegeValueW
AdjustTokenPrivileges
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
FreeSid
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
SetSecurityDescriptorDacl
RevertToSelf
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
GetUserNameW

shell32

ShellExecuteW
ShellExecuteExW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysAllocStringLen
SysFreeString

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

uxtheme

GetThemeFont
GetThemeBackgroundExtent
GetThemeSysBool
GetThemeInt
GetThemeColor
GetCurrentThemeName
GetThemeBool

certmgr

DllUnregisterServer
DllRegisterServer
DllCanUnloadNow
DllInstall

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Mvf
Size: 1024B - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ouxdt
Size: 3KB - Virtual size: 563KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hOC
Size: 74KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.U
Size: 5KB - Virtual size: 895KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hUG
Size: 2KB - Virtual size: 575KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Qlxfk
Size: 512B - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ij
Size: 138KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2128f7888f2c622b637401702af2fa3b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

uxtheme

certmgr

Sections

.text Size: 15KB - Virtual size: 14KB

.Mvf Size: 1024B - Virtual size: 118KB

.ouxdt Size: 3KB - Virtual size: 563KB

.rdata Size: 4KB - Virtual size: 45KB

.hOC Size: 74KB - Virtual size: 115KB

.U Size: 5KB - Virtual size: 895KB

.hUG Size: 2KB - Virtual size: 575KB

.data Size: 6KB - Virtual size: 281KB

.Qlxfk Size: 512B - Virtual size: 53KB

.ij Size: 138KB - Virtual size: 139KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 15KB - Virtual size: 14KB

.Mvf
Size: 1024B - Virtual size: 118KB

.ouxdt
Size: 3KB - Virtual size: 563KB

.rdata
Size: 4KB - Virtual size: 45KB

.hOC
Size: 74KB - Virtual size: 115KB

.U
Size: 5KB - Virtual size: 895KB

.hUG
Size: 2KB - Virtual size: 575KB

.data
Size: 6KB - Virtual size: 281KB

.Qlxfk
Size: 512B - Virtual size: 53KB

.ij
Size: 138KB - Virtual size: 139KB

.rsrc
Size: 2KB - Virtual size: 2KB