783a6cca935dd566df8901930e1ae95fd9306fba0a653129fa3aa8016a4eb320

Sharing

Copy URL Twitter E-mail

General

Target

783a6cca935dd566df8901930e1ae95fd9306fba0a653129fa3aa8016a4eb320
Size

283KB
MD5

6903f0e2847c4a71db32ba939ff05b7c
SHA1

481eae4529deca67c61b782ea0b0e697967426c1
SHA256

783a6cca935dd566df8901930e1ae95fd9306fba0a653129fa3aa8016a4eb320
SHA512

ab95a88ab1344eaa204b65c820688b524b8dc95d68a1eba871492830d737e9789559102d287239b76104a5b6d8de197f18c1775768cbc6b4cfe52ad74a842b1e
SSDEEP

6144:v/BUqEn0jXhr6RuiauHVSVshR8wTEIJGksqUk2ADlAAfjY63r28:SB0jXJGplVSs8wAIJwkFlAAfjY2K8

Score

N/A

Malware Config

Signatures

Files

783a6cca935dd566df8901930e1ae95fd9306fba0a653129fa3aa8016a4eb320
.exe windows x86

c0e57092f656748d3f37987f44b92ed9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext
CryptDestroyKey
CryptExportKey
RegSetValueExW
CryptCreateHash
GetAce
ConvertStringSecurityDescriptorToSecurityDescriptorW
AllocateAndInitializeSid
SetEntriesInAclW
LookupAccountNameW
FreeSid
CryptGenKey
InitializeSecurityDescriptor
GetSidSubAuthorityCount
GetSidIdentifierAuthority
SetSecurityDescriptorSacl
ConvertSidToStringSidW
AddAccessAllowedAce
GetSecurityDescriptorSacl
CryptHashData
SetSecurityDescriptorDacl
IsTextUnicode
CryptDecrypt
RegOpenKeyW
GetLengthSid
SetNamedSecurityInfoW
RegCreateKeyExW
CryptGetHashParam
InitializeAcl
RegQueryValueW
CryptDestroyHash
RegOpenKeyExW
CryptGenRandom
GetNamedSecurityInfoW
RegQueryValueExW
AddAce
GetAclInformation
RegCloseKey
CryptAcquireContextW
GetUserNameW
GetSidSubAuthority

shell32

DragFinish
SHGetPathFromIDListW
SHBrowseForFolderW
DragQueryFileW
SHGetFileInfoW
ShellExecuteExW
SHGetFolderPathW
SHCreateDirectoryExW
ShellExecuteW

user32

IsWindowVisible
GetIconInfo
LoadIconW
SetWindowLongW
FindWindowExW
InvalidateRect
GetSystemMetrics
GetClassNameW
UnionRect
SetTimer
RegisterHotKey
MapDialogRect
ScreenToClient
DrawTextW
GetCursorPos
GetParent
LoadImageW
GetSysColor
LoadCursorW
RemovePropW
SetForegroundWindow
IsIconic
GetClientRect
IsZoomed
GetWindowPlacement
SetLayeredWindowAttributes
SetWindowPos
LoadBitmapW
GetKeyState
ClientToScreen
FindWindowW
ReleaseDC
GetWindowDC
PostThreadMessageW
GetDlgItem
GetWindowRect
UpdateWindow
PtInRect
UnregisterHotKey
GetDlgCtrlID
GetWindowLongW
SetPropW
LoadMenuW
GetAncestor
DestroyIcon
GetDesktopWindow
MoveWindow
GetWindow
GetPropW
SetRectEmpty
GetMenuItemID
CallWindowProcW
FillRect
SystemParametersInfoW
GetSubMenu
GetForegroundWindow
GetDC
GetCursor
IsWindow
MessageBeep
SendNotifyMessageW
LockWindowUpdate
SendMessageW
KillTimer
GetMenuItemCount
CopyRect
EnableWindow
FlashWindowEx
SetCursor
RedrawWindow
PostMessageW

iphlpapi

GetIfTable

kernel32

GetVolumeInformationW
lstrcpyW
DeleteFileW
CreateThread
ResumeThread
GetSystemInfo
LocalLock
IsDebuggerPresent
HeapAlloc
GetCurrentThreadId
ExpandEnvironmentStringsW
EnterCriticalSection
SizeofResource
LockResource
GetLocalTime
RaiseException
WideCharToMultiByte
WaitForSingleObject
FindResourceW
GetProcessHeap
LeaveCriticalSection
OpenMutexW
MapViewOfFile
LocalAlloc
GetFileSize
WinExec
ReleaseMutex
SetEndOfFile
ProcessIdToSessionId
GetTempPathW
CreateMutexW
lstrlenW
SetFilePointer
GlobalLock
WriteFile
SetLastError
CreateDirectoryW
LoadResource
GetSystemTime
FormatMessageW
GlobalFree
GetShortPathNameW
HeapFree
VirtualQuery
OpenEventW
ReadFile
InitializeCriticalSectionAndSpinCount
CreateFileW
UnmapViewOfFile
FindFirstFileW
CreateEventW
DeleteCriticalSection
WaitForMultipleObjects
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GlobalUnlock
GlobalAlloc
LocalUnlock
FindNextFileW
LocalFree
CreateFileMappingW
lstrcmpiW
lstrlenA
FreeLibrary
ResetEvent
FindClose
GetModuleHandleW
CloseHandle
GetSystemTimeAsFileTime
OpenFileMappingW
TlsAlloc
VirtualAlloc

shlwapi

PathUnquoteSpacesW
PathRemoveBlanksW
PathFileExistsW
PathAppendW
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsA

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

PlaySoundW

oleaut32

VariantChangeType
SysStringLen
DispCallFunc
LoadTypeLi
LoadRegTypeLi
SysStringByteLen
VariantInit
GetErrorInfo
SysAllocString
VariantClear
SysFreeString
SysAllocStringByteLen

gdi32

CreateSolidBrush
DeleteObject
CreateCompatibleDC
ExcludeClipRect
Rectangle
DeleteDC
GetPixel
GetTextExtentPoint32W
SelectObject
BitBlt
Polygon
GetObjectW
CreatePen
GetStockObject
CreateFontIndirectW
SetTextJustification
GetCurrentObject
GetTextMetricsW
GetDeviceCaps
CreateDCW
CreateDIBSection
CreatePolyPolygonRgn
CreateMetaFileA
UpdateICMRegKeyA
CreatePalette

comctl32

ImageList_DrawEx

wsock32

send
setsockopt
inet_addr
select
ioctlsocket
WSAStartup
gethostname
connect
gethostbyname
inet_ntoa
recv
htons
socket
WSAGetLastError
WSACleanup
closesocket
WSASetLastError

ole32

CoInitialize
CoUninitialize
OleUninitialize
OleRun
CoCreateInstance
CoCreateGuid
StringFromGUID2
CoInitializeEx
OleInitialize

asycfilt

DllCanUnloadNow

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 239KB - Virtual size: 810KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0e57092f656748d3f37987f44b92ed9

Headers

File Characteristics

Imports

advapi32

shell32

user32

iphlpapi

kernel32

shlwapi

version

winmm

oleaut32

gdi32

comctl32

wsock32

ole32

asycfilt

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 239KB - Virtual size: 810KB

.rsrc Size: 12KB - Virtual size: 33KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 239KB - Virtual size: 810KB

.rsrc
Size: 12KB - Virtual size: 33KB