86032cdb7a47a8bb339afc53fd5114dfec7551c9d1be6df3005b4662def46b89

Sharing

Copy URL Twitter E-mail

General

Target

86032cdb7a47a8bb339afc53fd5114dfec7551c9d1be6df3005b4662def46b89
Size

279KB
MD5

cb7c6e7bbb7267e8876493cc72f31e69
SHA1

98a8ef37b69e6dc98b5bca06d1f923d7efbd1335
SHA256

86032cdb7a47a8bb339afc53fd5114dfec7551c9d1be6df3005b4662def46b89
SHA512

6e4821fe04866c96a98c74642c56fee4460e0e4806b9ccf0e31bd47cc75ffbef2f89bd96d96522b6309975cfc88b470bf0ba282770f1e33510624a32edee2a7d
SSDEEP

6144:duYjil2U2uUzvBqKCTlFFITshghAmZf552RJcIq:duYulk1zvoKuLITA8Ac5IcI

Score

N/A

Malware Config

Signatures

Files

86032cdb7a47a8bb339afc53fd5114dfec7551c9d1be6df3005b4662def46b89
.exe windows x86

51b933ceaa41b13da5e546db69cf43b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleInitialize
OleUninitialize

kernel32

OpenMutexA
GetFullPathNameW
DeviceIoControl
FreeEnvironmentStringsW
RaiseException
GetPrivateProfileStringW
RemoveDirectoryW
LeaveCriticalSection
CreateFileA
SuspendThread
UnhandledExceptionFilter
VirtualFree
GetCurrentThreadId
IsDebuggerPresent
TlsGetValue
HeapSize
ReadFile
GetConsoleMode
GetTempPathW
TlsAlloc
WideCharToMultiByte
CreateFileMappingA
GetSystemInfo
RtlUnwind
SetEnvironmentVariableA
GetLogicalDrives
CopyFileW
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetThreadContext
CreateMutexA
EnumSystemLocalesA
EnterCriticalSection
OpenSemaphoreA
ReadProcessMemory
CreateRemoteThread
SetConsoleCtrlHandler
WriteConsoleW
TlsSetValue
WaitForSingleObject
FindClose
FatalAppExitA
UnmapViewOfFile
SetHandleCount
SetThreadAffinityMask
GetWindowsDirectoryW
SetFilePointer
ResumeThread
OpenProcess
ExpandEnvironmentStringsW
HeapReAlloc
GetModuleHandleA
CreateFileW
DeleteCriticalSection
GetFileType
FreeLibrary
GetSystemTimeAsFileTime
LCMapStringW
TerminateThread
WriteConsoleA
GetSystemDirectoryW
SetUnhandledExceptionFilter
GetTimeZoneInformation
TlsFree
VirtualAlloc
GetModuleHandleW
GetACP
CompareStringW
GetStdHandle
LCMapStringA
FindNextFileW
GetDateFormatA
SetLastError
GetPrivateProfileStructW
GetSystemDefaultLangID
ReleaseMutex
HeapAlloc
GetTimeFormatA
MoveFileW
GetDriveTypeW
VirtualQueryEx
VirtualProtectEx
IsValidCodePage
FlushFileBuffers
CreateProcessW
GetConsoleCP
WritePrivateProfileStructW
FindFirstFileW
WriteFile
IsValidLocale
GetCommandLineA
CreateSemaphoreA
SetProcessWorkingSetSize
QueryDosDeviceW
CloseHandle
GetUserDefaultLCID
WritePrivateProfileStringW
HeapDestroy
GetConsoleOutputCP
WriteProcessMemory
GetOEMCP
ReleaseSemaphore
CompareStringA
OpenFileMappingA
GetShortPathNameW
MapViewOfFileEx
FreeEnvironmentStringsA
HeapFree
VirtualAllocEx

advapi32

RegUnLoadKeyW
InitializeAcl
RegCreateKeyExW
StartServiceW
SetSecurityDescriptorOwner
RegSetKeySecurity
EnumServicesStatusW
AdjustTokenPrivileges
AddAccessAllowedAce
RegOpenKeyExW
OpenSCManagerW
ControlService
RegLoadKeyW
RegDeleteValueW
RegEnumKeyExW
RegCloseKey
LookupPrivilegeValueW
DeleteService
RegQueryValueExW
CreateServiceW
AllocateAndInitializeSid
FreeSid
RegEnumValueW
OpenServiceW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetLengthSid
RegQueryInfoKeyW
QueryServiceStatus
CloseServiceHandle
QueryServiceConfigW
OpenProcessToken
RegDeleteKeyW
RegSetValueExW

user32

GetWindowTextW
SendMessageTimeoutW
IsWindowVisible
GetWindowThreadProcessId
PostMessageW
EnumWindows
EnumChildWindows
GetClassNameW
GetDC
GetMenuItemInfoW
LoadMenuW
FindWindowA
GetClassInfoExA
CreateWindowExW
LoadIconA
PeekMessageA
InsertMenuItemW
CharNextA
SetActiveWindow
GetActiveWindow
SetForegroundWindow
CreateAcceleratorTableW
ShowCaret
CharUpperA

gdi32

GetTextColor

mlang

Rfc1766ToLcidA
ConvertINetReset
ConvertINetUnicodeToMultiByte
LcidToRfc1766A
DllCanUnloadNow
DllGetClassObject
ConvertINetMultiByteToUnicode
Rfc1766ToLcidW
LcidToRfc1766W

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 230KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51b933ceaa41b13da5e546db69cf43b5

Headers

File Characteristics

Imports

ole32

kernel32

advapi32

user32

gdi32

mlang

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 230KB - Virtual size: 299KB

.rdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 22KB - Virtual size: 40KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 230KB - Virtual size: 299KB

.rdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 22KB - Virtual size: 40KB