805bc1206bfb223fef4b1f6f733d3c9c1f453f87250c616d5c7931b35b5be39c

Sharing

Copy URL Twitter E-mail

General

Target

805bc1206bfb223fef4b1f6f733d3c9c1f453f87250c616d5c7931b35b5be39c
Size

140KB
MD5

0f6392b6c926fb3d43302fbfcb951a86
SHA1

aa2ef26367abf836053be4de0843ebb061bdd2be
SHA256

805bc1206bfb223fef4b1f6f733d3c9c1f453f87250c616d5c7931b35b5be39c
SHA512

4478337e9d6035cd95b4e9e279ea4e4e7e09e6b321ec9d23bd158ae3899c67c86ecd4d4ce94191f85977c602ffc390757cb589f6b5fe40e8bdc8c0f37a6e0528
SSDEEP

3072:LS2MgvU2whJfzuNBCOjQ/hkzukDeuvjkYgT64nYUnXiRQBY3TG3:2Zx64hhkz3Deu7aPYUSRQh

Score

N/A

Malware Config

Signatures

Files

805bc1206bfb223fef4b1f6f733d3c9c1f453f87250c616d5c7931b35b5be39c
.exe windows x86

e63bcd899c6493a9350f54a7435780ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
GetLogicalDrives
GetUserDefaultLCID
GetThreadPriority
GlobalFindAtomW
SearchPathA
IsBadCodePtr
Beep
EnumCalendarInfoA
LocalFree
GetTempPathA
CreatePipe
CreateMutexA
ReplaceFileW
GetTickCount
GetLongPathNameW
GetDateFormatW
LoadLibraryExA
OpenFile
GetModuleHandleW
GetFullPathNameA
SetComputerNameW
CreateMutexW
CreateSemaphoreA
GetShortPathNameA
GetStringTypeA
GetModuleHandleA
GetProcAddress
FileTimeToLocalFileTime
GetMailslotInfo
GetFileAttributesW
GetComputerNameA
GetVolumeInformationA
GetEnvironmentStringsA
CreateSemaphoreW
lstrcpyA
GetAtomNameW
lstrlenA
IsBadStringPtrA
GetACP
BeginUpdateResourceW

user32

EndDialog
GetIconInfo
AdjustWindowRect
UpdateLayeredWindow
GetTopWindow
CreatePopupMenu
GetMenuItemID
GetCapture
CreateWindowExA
GetClassInfoW
CreateDialogIndirectParamW
SetWindowRgn
CreateAcceleratorTableA
SetWindowTextW
GetWindowRgn
CharNextA
MessageBoxW
IsWindow
LoadMenuA
InvalidateRgn
GetFocus
RegisterWindowMessageW
GetMenuItemCount
CreateDesktopW
MonitorFromWindow
GetCursorPos
GetMenuStringW
SetParent
CreateAcceleratorTableW
SetDlgItemTextW
GetMenuItemInfoA
wvsprintfW
GetKeyboardLayout
SetCursor
GetMenuState
EnumWindows
GetDlgItemTextA
GetMenuStringA
PostMessageA
UnregisterClassA
SetWindowPos
UnregisterClassW
LoadIconW
GetForegroundWindow
GetClassInfoExW
FindWindowW
WaitForInputIdle
SetMenu
EnumClipboardFormats
LoadMenuIndirectW
GetDCEx
DialogBoxIndirectParamA
WinHelpA
GetMenuItemInfoW
GetCaretPos
ShowWindow
GetClassInfoExA
GetDlgItemInt
CharPrevA
WinHelpW
GetDesktopWindow
SetFocus
IsIconic
CharNextW
RegisterClassW
MessageBoxIndirectA
RegisterWindowMessageA
CreateDialogParamW
SetCapture
GetCapture
GetSysColor

gdi32

RemoveFontResourceW
CreateScalableFontResourceW
CreateDIBPatternBrushPt
DeleteObject
RemoveFontResourceExW
CreateFontW
GetTextExtentPointW
CreatePolygonRgn
TranslateCharsetInfo
AddFontResourceW
GetMetaFileA
GetEnhMetaFilePixelFormat
CreateMetaFileA
CreateColorSpaceA
GetMetaFileW
CreateHatchBrush
StretchDIBits
SetMetaFileBitsEx
CreatePen
CreateColorSpaceW
CreateRoundRectRgn
AddFontResourceA
RemoveFontResourceA
CreateFontIndirectA
GetRasterizerCaps
GetEnhMetaFileA
CreateMetaFileW
CreateCompatibleDC
CreateFontA

shell32

StrRStrIA
ExtractIconExA
StrRChrIW
FreeIconList
ExtractAssociatedIconW

ole32

CoDosDateTimeToFileTime
CoGetCurrentProcess
CoGetInstanceFromFile
CoGetClassVersion

mprapi

MprAdminUserOpen
MprAdminUserClose

sqlunirl

_OpenFile_@12
_GetClassName_@12
_CreateAcceleratorTable_@8
_RegRestoreKey_@12
_LoadLibrary@4
_NDdeSetShareSecurity_@16
_SendMessageTimeout_@28
_CreateProcessAsUser_@44
_RegEnumKey_@16
_ShellExecute_@24
_NDdeGetShareSecurity_@24

crypt32

CryptGetOIDFunctionValue
CertFindCTLInStore
I_CryptAddRefLruEntry
CertDuplicateStore
CertNameToStrW
CryptEncryptMessage
CertGetNameStringW
CertFreeCertificateChain
CryptSignAndEncryptMessage

Sections

.dkcv
Size: 1024B - Virtual size: 666B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Da
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZWRe
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pBQfQ
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Wyk
Size: 1KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zGD
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tqjFio
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fcINDV
Size: 3KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VWsC
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.X
Size: 17KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Cd
Size: 3KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SFoT
Size: 4KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e63bcd899c6493a9350f54a7435780ab

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

mprapi

sqlunirl

crypt32

Sections

.dkcv Size: 1024B - Virtual size: 666B

.Da Size: 92KB - Virtual size: 91KB

.ZWRe Size: 3KB - Virtual size: 8KB

.pBQfQ Size: 1024B - Virtual size: 151KB

.Wyk Size: 1KB - Virtual size: 169KB

.zGD Size: 10KB - Virtual size: 10KB

.tqjFio Size: 5KB - Virtual size: 8KB

.fcINDV Size: 3KB - Virtual size: 397KB

.VWsC Size: 89KB - Virtual size: 88KB

.X Size: 17KB - Virtual size: 244KB

.Cd Size: 3KB - Virtual size: 100KB

.SFoT Size: 4KB - Virtual size: 248KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 1024B

.dkcv
Size: 1024B - Virtual size: 666B

.Da
Size: 92KB - Virtual size: 91KB

.ZWRe
Size: 3KB - Virtual size: 8KB

.pBQfQ
Size: 1024B - Virtual size: 151KB

.Wyk
Size: 1KB - Virtual size: 169KB

.zGD
Size: 10KB - Virtual size: 10KB

.tqjFio
Size: 5KB - Virtual size: 8KB

.fcINDV
Size: 3KB - Virtual size: 397KB

.VWsC
Size: 89KB - Virtual size: 88KB

.X
Size: 17KB - Virtual size: 244KB

.Cd
Size: 3KB - Virtual size: 100KB

.SFoT
Size: 4KB - Virtual size: 248KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 1024B