64662dc1ad0586852819dcbd0725eea9bb45e5b988f41e42a6d4afe7e6b4acc5

Sharing

Copy URL

Twitter E-mail

General

Target

64662dc1ad0586852819dcbd0725eea9bb45e5b988f41e42a6d4afe7e6b4acc5
Size

278KB
MD5

6fd02302b66b15218cda16b5d913f9e5
SHA1

9f4514e5813308a105352597caffec5b71492211
SHA256

64662dc1ad0586852819dcbd0725eea9bb45e5b988f41e42a6d4afe7e6b4acc5
SHA512

8e274ee7a7a03a089ee558a91a8a26cb7b7ec427c13fa24f6aee501f066e7613d5c4426b029a7efe9d7752493ce410bcb67533e7544e30aec2a5362eb166ce7b
SSDEEP

6144:nAiabOf40yzLEnt2uOa+dyeqjQuw35hXnuRfX5KKss1BDP:nvbvyzLEtvOOeqjEhXuVQKssHT

Score

N/A

Malware Config

Signatures

Files

64662dc1ad0586852819dcbd0725eea9bb45e5b988f41e42a6d4afe7e6b4acc5
.exe windows x86

fbe8cd3d0541b25a8614e35efc94e739

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
wsprintfW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

psapi

GetModuleFileNameExW
EnumProcessModules
EnumProcesses

cabinet

ord14
ord10
ord11
ord13

shlwapi

PathRenameExtensionW
PathRemoveBlanksW
PathRemoveFileSpecW
PathAppendW
PathFileExistsW
PathStripPathW
PathFindFileNameW
PathRemoveExtensionW
PathUnquoteSpacesW
StrTrimW

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW
SHCreateDirectoryExW

kernel32

GetDriveTypeW
FileTimeToSystemTime
GetFileSize
GetShortPathNameW
WaitForSingleObject
LockResource
LocalAlloc
SignalObjectAndWait
CreateIoCompletionPort
GetProcessVersion
WaitForMultipleObjects
MoveFileW
DeleteCriticalSection
LocalFree
OpenEventW
GetModuleHandleW
LoadResource
LeaveCriticalSection
GetLocalTime
VirtualQuery
CloseHandle
MapViewOfFile
Module32FirstW
OutputDebugStringA
CreateFileW
DebugBreak
HeapFree
GetLongPathNameW
Module32NextW
SetWaitableTimer
GetFileAttributesExW
FindFirstFileW
GetSystemDirectoryW
ReadFile
CreateMutexW
CreateDirectoryW
GetFileInformationByHandle
IsDebuggerPresent
GetCurrentThreadId
CreateToolhelp32Snapshot
FindClose
HeapSize
FindResourceW
UnmapViewOfFile
CreateWaitableTimerW
HeapAlloc
GetFileSizeEx
ReleaseMutex
SetLastError
SetUnhandledExceptionFilter
GetProcessTimes
WriteFile
HeapDestroy
ProcessIdToSessionId
PostQueuedCompletionStatus
ReadProcessMemory
CreateFileA
HeapReAlloc
GlobalUnlock
GetSystemInfo
EnterCriticalSection
GlobalLock
CreateFileMappingW
InitializeCriticalSectionAndSpinCount
GetVolumeNameForVolumeMountPointW
CopyFileW
SetEndOfFile
OpenProcess
WaitForMultipleObjectsEx
FileTimeToDosDateTime
CreateEventW
UnhandledExceptionFilter
GetSystemTime
FindNextFileW
GetSystemDirectoryA
lstrcmpiW
SystemTimeToFileTime
DeleteFileW
SetFilePointer
GetSystemTimeAsFileTime
DeviceIoControl
GetQueuedCompletionStatus
FindResourceExW
GlobalMemoryStatus
RaiseException
GetTempPathW
GetProcessHeap
SizeofResource
OpenMutexW
WideCharToMultiByte
GlobalFree
CreateProcessW
GetOverlappedResult
FreeLibrary
ResetEvent
OpenFileMappingW
GlobalAlloc
ExpandEnvironmentStringsW
GetVersion
VirtualAlloc

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize

iphlpapi

NotifyAddrChange

advapi32

RegisterServiceCtrlHandlerExW
CryptCreateHash
InitializeAcl
SetServiceStatus
RegOpenKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
ImpersonateLoggedOnUser
AddAccessAllowedAce
RegCloseKey
CryptAcquireContextW
StartServiceW
GetUserNameW
CryptHashData
RegEnumValueW
RegDeleteValueW
AllocateAndInitializeSid
OpenServiceW
GetLengthSid
RegSetValueExW
CloseServiceHandle
CryptDestroyHash
SetSecurityDescriptorDacl
GetSidIdentifierAuthority
RevertToSelf
RegEnumKeyW
GetNamedSecurityInfoW
StartServiceCtrlDispatcherW
CryptGetHashParam
OpenSCManagerW
RegQueryValueExW
GetSidSubAuthorityCount
GetAce
QueryServiceStatus
RegOpenKeyW
AddAce
GetAclInformation
InitializeSecurityDescriptor
RegCreateKeyExW
QueryServiceStatusEx
OpenProcessToken
GetSidSubAuthority
DuplicateTokenEx
CryptReleaseContext
FreeSid

oleaut32

VariantClear
VariantInit

wtsapi32

WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSFreeMemory

rasapi32

RasGetEntryPropertiesW
RasEnumConnectionsW
RasGetProjectionInfoW

mpr

WNetGetConnectionW

ws2_32

WSAGetLastError
inet_ntoa
htonl
WSACloseEvent
WSACreateEvent
WSASetLastError
gethostbyname
inet_addr
WSACleanup
WSAStartup
htons
getservbyname
getservbyport
WSAResetEvent
gethostbyaddr
ntohs

duser

CreateAction
SetActionTimeslice
AttachWndProcA
SetGadgetFillI
FindStdColor
SetGadgetBufferInfo
PeekMessageExA
DUserDeleteGadget
UnregisterGadgetMessageString
BuildInterpolation
GetStdPalette
CreateGadget
GetGadgetFocus
RemoveGadgetMessageHandler
GetActionTimeslice

dpnaddr

DirectPlay8AddressCreate

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 245KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbe8cd3d0541b25a8614e35efc94e739

Headers

File Characteristics

Imports

user32

version

psapi

cabinet

shlwapi

shell32

kernel32

ole32

iphlpapi

advapi32

oleaut32

wtsapi32

rasapi32

mpr

ws2_32

duser

dpnaddr

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 245KB - Virtual size: 247KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 245KB - Virtual size: 247KB

.rsrc
Size: 9KB - Virtual size: 9KB