83ba7075b1ffc544d9993376ad3c80c12f5094ec8e269fd103d48fcca5a420c5

Sharing

Copy URL Twitter E-mail

General

Target

83ba7075b1ffc544d9993376ad3c80c12f5094ec8e269fd103d48fcca5a420c5
Size

271KB
MD5

76443d103547feeff16edbc301f6de6d
SHA1

6c42655578be65f96ca7bf0622c2be7d9b78a114
SHA256

83ba7075b1ffc544d9993376ad3c80c12f5094ec8e269fd103d48fcca5a420c5
SHA512

0382fbd06182c6053df9db8307f5ccbc59953a02df17a75f80acd068ea2d25198f74192ba31f48c97fbec1b573ae056beb0cd851a6ea245eda8e051efa7a482f
SSDEEP

6144:q1hbiJgH27vSjZuCLMkYr6vv/Ha3G9SL6Nn6+QeJlM:bJ5UZuCL5coarD+Q2lM

Score

N/A

Malware Config

Signatures

Files

83ba7075b1ffc544d9993376ad3c80c12f5094ec8e269fd103d48fcca5a420c5
.exe windows x86

1075cf6cf1cd1bc9c5916d723d59d737

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Add
ImageList_Create
ImageList_Destroy
ImageList_GetIconSize

kernel32

CreateDirectoryW
GetFileAttributesW
MoveFileW
GetVersionExW
CreateEventW
SetEvent
WaitForMultipleObjects
DuplicateHandle
InitializeCriticalSection
CreateMutexW
OpenMutexW
LocalFree
FindResourceW
LocalAlloc
GetModuleHandleA
lstrcmpA
lstrlenA
GetCurrentThread
GetTickCount
FileTimeToSystemTime
GetTempFileNameW
IsBadStringPtrA
MultiByteToWideChar
lstrlenW
lstrcpynW
GetFullPathNameA
lstrcpynA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
GetStartupInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
RaiseException
HeapCreate
ExitProcess
TlsAlloc
SetUnhandledExceptionFilter
GetVersion
GetFileAttributesA
GetCurrentThreadId
GetCurrentProcessId
GetTempPathW
LoadLibraryW
SetErrorMode
GetModuleHandleW
WaitForSingleObject
GetCurrentProcess
GetLastError
Sleep
FreeLibrary
GetModuleFileNameW
GetProcessHeap
GetVersionExA
FileTimeToLocalFileTime
GetProcAddress

user32

CreatePopupMenu
SetTimer
FindWindowW
TrackPopupMenu
IsDlgButtonChecked
DialogBoxParamW
EndDialog
SetWindowPos
GetDesktopWindow
SetWindowTextW
GetMenuItemInfoW
GetMenuItemCount
InsertMenuItemW
AppendMenuW
MessageBoxW
PeekMessageW
LoadImageW
CreateWindowExW
IsWindow
SetWindowLongW
SendMessageW
PostMessageW
GetMenuItemID
IsMenu
TrackPopupMenuEx
DestroyMenu

gdi32

DeleteObject

advapi32

RegEnumKeyW
RegDeleteKeyA
EqualSid
RegQueryValueExA
RegOpenKeyA
FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegDeleteKeyW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW

shell32

ord680
ShellExecuteExW
SHGetDesktopFolder

ole32

CoInitializeEx
CoUninitialize

scecli

SceStartTransaction
SceGenerateGroupPolicy
SceDcPromoCreateGPOsInSysvol
SceSetDatabaseSetting
SceSysPrep
SceSetupSystemByInfName

cnvfat

IsConversionAvailable

Sections

.edata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bRTpw
Size: 1KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.B
Size: 2KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bGXVb
Size: 2KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BmDA
Size: 3KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 105KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Gft
Size: 4KB - Virtual size: 563KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 109KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DI
Size: 2KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IYyXV
Size: 2KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1075cf6cf1cd1bc9c5916d723d59d737

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

scecli

cnvfat

Sections

.edata Size: 6KB - Virtual size: 6KB

.bRTpw Size: 1KB - Virtual size: 150KB

.text Size: 18KB - Virtual size: 18KB

.B Size: 2KB - Virtual size: 367KB

.bGXVb Size: 2KB - Virtual size: 26KB

.rdata Size: 3KB - Virtual size: 11KB

.BmDA Size: 3KB - Virtual size: 412KB

.edata Size: 105KB - Virtual size: 180KB

.Gft Size: 4KB - Virtual size: 563KB

.data Size: 7KB - Virtual size: 9KB

.edata Size: 109KB - Virtual size: 173KB

.DI Size: 2KB - Virtual size: 216KB

.IYyXV Size: 2KB - Virtual size: 179KB

.rsrc Size: 2KB - Virtual size: 1KB

.edata
Size: 6KB - Virtual size: 6KB

.bRTpw
Size: 1KB - Virtual size: 150KB

.text
Size: 18KB - Virtual size: 18KB

.B
Size: 2KB - Virtual size: 367KB

.bGXVb
Size: 2KB - Virtual size: 26KB

.rdata
Size: 3KB - Virtual size: 11KB

.BmDA
Size: 3KB - Virtual size: 412KB

.edata
Size: 105KB - Virtual size: 180KB

.Gft
Size: 4KB - Virtual size: 563KB

.data
Size: 7KB - Virtual size: 9KB

.edata
Size: 109KB - Virtual size: 173KB

.DI
Size: 2KB - Virtual size: 216KB

.IYyXV
Size: 2KB - Virtual size: 179KB

.rsrc
Size: 2KB - Virtual size: 1KB