797faba83985be516381b343613cd8fb5eb1a21e439666620c5a41c72048b95c

Sharing

Copy URL Twitter E-mail

General

Target

797faba83985be516381b343613cd8fb5eb1a21e439666620c5a41c72048b95c
Size

452KB
MD5

bb560e6b1428bb0f6fd52061d8917298
SHA1

e6de3a1d510516e2ce755a86eaf0803dc976ce3d
SHA256

797faba83985be516381b343613cd8fb5eb1a21e439666620c5a41c72048b95c
SHA512

fb93ae1a02e6032fccec152c4d1d1d290f7b636e77560b8d24ab2e947924e0c70381b0e95fe1a9d41ff4888463b271d601ce930ff18d38b79fa8135173f332ff
SSDEEP

12288:Q9y8JCz0J5ZDof0YUn0pJQoQgufjYXwk90gx7:Sy8JbumaJ+Dfj+Z

Score

N/A

Malware Config

Signatures

Files

797faba83985be516381b343613cd8fb5eb1a21e439666620c5a41c72048b95c
.dll windows x86

9e7038620c2cd4e188f4e8daf51ab7af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenW
InternetQueryDataAvailable
InternetQueryOptionW
InternetReadFile
InternetConnectW
InternetSetStatusCallbackW
HttpAddRequestHeadersA
InternetCloseHandle
HttpSendRequestW
HttpQueryInfoW
HttpOpenRequestW
InternetSetOptionW

kernel32

ExitThread
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesW
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeExW
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
ExitProcess
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenEventA
OpenMutexW
OpenProcess
OutputDebugStringW
Process32FirstW
Process32NextW
EnumSystemLocalesA
RaiseException
ReadFile
ReleaseMutex
ResetEvent
RtlUnwind
SearchPathW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
EnterCriticalSection
DisconnectNamedPipe
DeleteFileW
DeleteCriticalSection
CreateToolhelp32Snapshot
CreateThread
CreateProcessW
CreateMutexW
CreateFileA
CreateEventW
CreateEventA
CopyFileW
CompareStringW
CompareStringA
CloseHandle
CancelIo
AllocConsole
GetTimeFormatA
QueryPerformanceCounter

shlwapi

PathCompactPathExW

shell32

SHCreateDirectoryExW
CommandLineToArgvW
ShellExecuteW
SHGetFolderPathW
ShellExecuteExW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

rpcrt4

UuidToStringW
UuidFromStringW
UuidCreate
RpcStringFreeW

advapi32

AdjustTokenPrivileges
RegDeleteKeyW
RegCreateKeyExW
StartServiceW
SetTokenInformation
SetSecurityDescriptorSacl
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
AllocateAndInitializeSid
CheckTokenMembership
CloseServiceHandle
ControlService
CreateProcessAsUserW
DuplicateTokenEx
FreeSid
GetUserNameW
InitializeSecurityDescriptor
LookupPrivilegeValueW
OpenProcessToken
OpenSCManagerW
OpenServiceW
QueryServiceStatusEx
RegCloseKey
RegDeleteValueW

user32

EndDialog
wsprintfW
ShowWindow
SetWindowTextW
SetWindowPos
SetTimer
SetForegroundWindow
SetDlgItemTextW
SetActiveWindow
SendMessageW
PostMessageW
OffsetRect
MessageBoxW
BringWindowToTop
CopyRect
CreateDialogParamW
CreateWindowExW
LoadStringW
DialogBoxParamW
EnableWindow
DestroyWindow
ExitWindowsEx
GetClientRect
GetDesktopWindow
GetDlgItem
GetDlgItemTextW
GetParent
GetSystemMetrics
GetWindowRect
IsWindow
KillTimer
LoadImageW

gdi32

SetBkColor
CreateSolidBrush

ole32

CoUninitialize
CoInitializeEx

Exports

Exports

AsDouble
Int_ClearFreeList
List_AsTuple
Mem_Realloc
Number_Remainder
SetNone
SetProfile
_Contains
get_x_pixels_per_meter

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 267KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e7038620c2cd4e188f4e8daf51ab7af

Headers

File Characteristics

Imports

wininet

kernel32

shlwapi

shell32

version

rpcrt4

advapi32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 267KB - Virtual size: 266KB

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 25KB - Virtual size: 25KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 267KB - Virtual size: 266KB

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 25KB - Virtual size: 25KB

.reloc
Size: 5KB - Virtual size: 5KB