72340d8230a0d925b814fa110a10089f1eb6ebf81b17c4db0c28d6a050775b62

Sharing

Copy URL Twitter E-mail

General

Target

72340d8230a0d925b814fa110a10089f1eb6ebf81b17c4db0c28d6a050775b62
Size

408KB
MD5

23e0b5816435e3e6569df104534d8c14
SHA1

0bc5f272855878eb077c74f90030796316479872
SHA256

72340d8230a0d925b814fa110a10089f1eb6ebf81b17c4db0c28d6a050775b62
SHA512

e86abfdb822da9233724f0559974e977fee55a6e4004192d6816ca0d8dfc6c8fa8d06809449f8e30dea25aeab3e1b99d1ed9021feb562d6ed522acb13c227665
SSDEEP

6144:suARviO+FY+CG8pijicPXXxj0xK3ZKb2zsg0wOLU0KOGPYibKBmpZTnzR/W1y:s1QCG8YXxj0xK3ZqVfU0fhimwpxno1y

Score

N/A

Malware Config

Signatures

Files

72340d8230a0d925b814fa110a10089f1eb6ebf81b17c4db0c28d6a050775b62
.exe windows x86

5b0c7e5ab9360ea7ac9d99e2b25bab5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
FreeLibrary
lstrcmpiW
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrlenW
DeleteCriticalSection
LeaveCriticalSection
RaiseException
EnterCriticalSection
WaitForSingleObject
CreateThread
LockResource
FindResourceExW
CreateFileW
ReadFile
CloseHandle
MoveFileW
Sleep
WideCharToMultiByte
FindFirstFileW
GetFileAttributesW
FindClose
FindNextFileW
GetFileSize
SetFilePointer
MapViewOfFile
UnmapViewOfFile
SystemTimeToFileTime
GetTickCount
WriteFile
GetLocalTime
CreateFileMappingW
GetFileInformationByHandle
LoadLibraryW
GetCurrentThreadId
OpenProcess
GetVersionExW
WritePrivateProfileStringW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalMemoryStatusEx
GetCurrentProcessId
SetEndOfFile
SetLastError
DeleteFileW
RemoveDirectoryW
GetPrivateProfileIntW
OutputDebugStringW
lstrlenA
GetSystemDirectoryW
GetCommandLineW
GetFileSizeEx
SleepEx
ExpandEnvironmentStringsA
FormatMessageA
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
SetStdHandle
InitializeCriticalSection
GetLastError
MultiByteToWideChar
GetWindowsDirectoryA
FileTimeToLocalFileTime
GetModuleHandleW
GetProcAddress
GetUserDefaultLangID
GetModuleFileNameW
FileTimeToSystemTime
GetPrivateProfileStringW
IsValidCodePage
GetOEMCP
GetTimeZoneInformation
GetCPInfo
LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
ExitThread
FindFirstFileA
GetDriveTypeA
GetStartupInfoW
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FlushFileBuffers
GetCurrentProcess
TerminateProcess
GetProcessHeap
HeapSize
GetConsoleMode
GetConsoleCP
GetCurrentDirectoryA
GetFullPathNameA
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
VirtualAlloc
VirtualFree
HeapCreate
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
GetModuleHandleA

user32

UnregisterClassA
GetDesktopWindow
CharNextW
DestroyWindow

advapi32

RegEnumKeyExW
RegQueryValueExW
RegOpenKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegCloseKey
RegOpenKeyExW

shell32

CommandLineToArgvW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree

oleaut32

VarUI4FromStr

shlwapi

PathAppendA
PathFindExtensionW
PathAppendW
PathRemoveExtensionW
PathRemoveFileSpecW
PathFileExistsW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

psapi

GetProcessMemoryInfo
EnumProcesses
GetModuleFileNameExW

dbghelp

StackWalk64
MiniDumpReadDumpStream

ws2_32

bind
ntohs
getsockname
send
connect
WSAGetLastError
htons
WSAStartup
WSACleanup
socket
WSASetLastError
freeaddrinfo
getsockopt
getpeername
closesocket
setsockopt
getaddrinfo
__WSAFDIsSet
select
ioctlsocket
recv

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b0c7e5ab9360ea7ac9d99e2b25bab5a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

version

psapi

dbghelp

ws2_32

Sections

.text Size: 332KB - Virtual size: 331KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 332KB - Virtual size: 331KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 8KB - Virtual size: 4KB