8ba3d52e4b6d6e6d4701ca8f8ad831ef8ca8607188649fb547a3ba5185e04208

Sharing

Copy URL

Twitter E-mail

General

Target

8ba3d52e4b6d6e6d4701ca8f8ad831ef8ca8607188649fb547a3ba5185e04208
Size

442KB
MD5

281114d7bd390e68676ab3ef6276855e
SHA1

1c8c58c8897dcbc699ede7ecf0ddfa3ab7eb39f9
SHA256

8ba3d52e4b6d6e6d4701ca8f8ad831ef8ca8607188649fb547a3ba5185e04208
SHA512

2d78bca427c821ede3e3b98dd0fb3ffc066aad09ce32a9a874a4b17e0797fae0cf3ac4d447020019df30cfe1327f41d2cad4c48c2add6b0b5162de0a479b6358
SSDEEP

12288:WP4qjzQY2XDaHznlXxQPZtrohaHzN81nZO2TAF:mklDaHhBQvohaHzupPT

Score

N/A

Malware Config

Signatures

Files

8ba3d52e4b6d6e6d4701ca8f8ad831ef8ca8607188649fb547a3ba5185e04208
.dll windows x86

9e7038620c2cd4e188f4e8daf51ab7af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenW
InternetQueryDataAvailable
InternetQueryOptionW
InternetReadFile
InternetConnectW
InternetSetStatusCallbackW
HttpAddRequestHeadersA
InternetCloseHandle
HttpSendRequestW
HttpQueryInfoW
HttpOpenRequestW
InternetSetOptionW

kernel32

ExitThread
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesW
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeExW
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
ExitProcess
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenEventA
OpenMutexW
OpenProcess
OutputDebugStringW
Process32FirstW
Process32NextW
EnumSystemLocalesA
RaiseException
ReadFile
ReleaseMutex
ResetEvent
RtlUnwind
SearchPathW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
EnterCriticalSection
DisconnectNamedPipe
DeleteFileW
DeleteCriticalSection
CreateToolhelp32Snapshot
CreateThread
CreateProcessW
CreateMutexW
CreateFileA
CreateEventW
CreateEventA
CopyFileW
CompareStringW
CompareStringA
CloseHandle
CancelIo
AllocConsole
GetTimeFormatA
QueryPerformanceCounter

shlwapi

PathCompactPathExW

shell32

SHCreateDirectoryExW
CommandLineToArgvW
ShellExecuteW
SHGetFolderPathW
ShellExecuteExW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

rpcrt4

UuidToStringW
UuidFromStringW
UuidCreate
RpcStringFreeW

advapi32

AdjustTokenPrivileges
RegDeleteKeyW
RegCreateKeyExW
StartServiceW
SetTokenInformation
SetSecurityDescriptorSacl
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
AllocateAndInitializeSid
CheckTokenMembership
CloseServiceHandle
ControlService
CreateProcessAsUserW
DuplicateTokenEx
FreeSid
GetUserNameW
InitializeSecurityDescriptor
LookupPrivilegeValueW
OpenProcessToken
OpenSCManagerW
OpenServiceW
QueryServiceStatusEx
RegCloseKey
RegDeleteValueW

user32

EndDialog
wsprintfW
ShowWindow
SetWindowTextW
SetWindowPos
SetTimer
SetForegroundWindow
SetDlgItemTextW
SetActiveWindow
SendMessageW
PostMessageW
OffsetRect
MessageBoxW
BringWindowToTop
CopyRect
CreateDialogParamW
CreateWindowExW
LoadStringW
DialogBoxParamW
EnableWindow
DestroyWindow
ExitWindowsEx
GetClientRect
GetDesktopWindow
GetDlgItem
GetDlgItemTextW
GetParent
GetSystemMetrics
GetWindowRect
IsWindow
KillTimer
LoadImageW

gdi32

SetBkColor
CreateSolidBrush

ole32

CoUninitialize
CoInitializeEx

Exports

Exports

BytesWarning
IncrementalEncoder
IsContiguous
Mem_Malloc
Number_Divide

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 257KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e7038620c2cd4e188f4e8daf51ab7af

Headers

File Characteristics

Imports

wininet

kernel32

shlwapi

shell32

version

rpcrt4

advapi32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 257KB - Virtual size: 256KB

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 257KB - Virtual size: 256KB

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 5KB - Virtual size: 4KB