e96ccaac298a12bff30a85d08bb754f840475841ee23c205d3c6af3ddf639b4f

Sharing

Copy URL

Twitter E-mail

General

Target

e96ccaac298a12bff30a85d08bb754f840475841ee23c205d3c6af3ddf639b4f
Size

4.2MB
MD5

ea7b2dd68f0da84da497693c464e91f8
SHA1

ad22e7bd63f7ce4ccbff03608a8b320d7167b56c
SHA256

e96ccaac298a12bff30a85d08bb754f840475841ee23c205d3c6af3ddf639b4f
SHA512

3fabafef9fc9dde96ff02be6675920c48187a8c8522738299a2a005802df0a1a5aa42ad4dd9d7dca3dc8726241f427ecaa80b03ec19dca09da003c86f59176dd
SSDEEP

98304:S3iBhezMAOmecB+A8XL2TxRkb+E91p6pQ/nUcdj0km:4iCXes+A8XwxE6pQ/naN

Score

N/A

Malware Config

Signatures

Files

e96ccaac298a12bff30a85d08bb754f840475841ee23c205d3c6af3ddf639b4f
.exe windows x86

b2cf45a80bd727bf8697bfe56e0da71f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

GetThreadLocale
GetVersionExA
LoadLibraryA
GetSystemDirectoryA
SetDllDirectoryA
GetLongPathNameA
GetWindowsDirectoryA
GetEnvironmentVariableA
ReadFile
CreateEventA
GetNativeSystemInfo
GetTempPathA
SetFilePointer
GetTickCount
GetCurrentProcessId
GetUserDefaultUILanguage
FindClose
FindFirstFileA
ExitProcess
LocalFree
LocalAlloc
FormatMessageA
TerminateProcess
OpenProcess
SetEndOfFile
Process32Next
Process32First
CreateToolhelp32Snapshot
GetLocaleInfoA
InterlockedExchange
ResetEvent
CreateThread
CreateProcessA
RemoveDirectoryA
SetEnvironmentVariableA
CompareStringW
CreateFileW
WriteConsoleW
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetFileType
SetHandleCount
GetTimeZoneInformation
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
Sleep
LoadLibraryW
HeapSize
HeapReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleFileNameW
GetStdHandle
HeapCreate
GetStartupInfoW
HeapSetInformation
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
RtlUnwind
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualProtect
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
MultiByteToWideChar
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
GetProcAddress
GetModuleHandleA
WaitForSingleObject
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
GetCommandLineA
lstrcpynA
CreateDirectoryA
GlobalHandle
GlobalFree
LoadLibraryExA
FreeLibrary
SetLastError
GlobalLock
GlobalUnlock
GetModuleFileNameA
MulDiv
IsDBCSLeadByte
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
lstrlenW
WideCharToMultiByte
DeleteFileA
GetExitCodeProcess
lstrlenA
lstrcatA
CreateFileA
WriteFile
CloseHandle
lstrcmpA
lstrcpyA
lstrcmpiA
FindResourceA

user32

SetForegroundWindow
SetCursor
PtInRect
GetWindowRect
GetCursorPos
IsDlgButtonChecked
PeekMessageA
EndDialog
DispatchMessageW
TranslateMessage
GetMessageA
GetMessageW
IsWindowUnicode
MsgWaitForMultipleObjectsEx
SetWindowLongA
GetWindowLongA
DestroyWindow
wsprintfA
LoadStringA
CharNextA
DefWindowProcA
GetSysColor
ShowWindow
LoadBitmapA
GetDlgCtrlID
SetWindowContextHelpId
MapDialogRect
IsWindowVisible
GetSystemMenu
LoadImageA
EnableMenuItem
DispatchMessageA
MoveWindow
SetWindowPos
GetClientRect
ClientToScreen
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
RedrawWindow
SetCapture
IsChild
GetParent
GetDlgItem
GetClassNameA
ReleaseCapture
FillRect
CallWindowProcA
EndPaint
BeginPaint
DestroyAcceleratorTable
SetFocus
GetWindow
GetFocus
UnregisterClassA
GetDesktopWindow
SendMessageA
IsWindow
GetClassInfoExA
LoadCursorA
RegisterClassExA
CreateWindowExA
CreateAcceleratorTableA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
RegisterWindowMessageA
CheckDlgButton
EnableWindow
EnumWindows
GetWindowThreadProcessId
PostMessageA
MessageBoxA
GetActiveWindow
CreateDialogIndirectParamA
DialogBoxIndirectParamA

gdi32

CreateDIBSection
SetDIBColorTable
SetBkMode
StretchBlt
SetTextColor
SaveDC
SetGraphicsMode
ModifyWorldTransform
SetViewportOrgEx
SetWindowOrgEx
DPtoLP
CreateFontIndirectA
RestoreDC
GetStockObject
GetObjectA
CreateSolidBrush
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC
GetDeviceCaps

advapi32

CryptGetHashParam
RegCloseKey
RegOpenKeyA
RegQueryInfoKeyA
RegOpenCurrentUser
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptHashData
RegOpenKeyExA
CryptDestroyHash
RegEnumKeyA
RegEnumKeyExA
RegQueryInfoKeyW
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA

shell32

SHGetFolderPathA
ShellExecuteExA
SHGetFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
FindExecutableA

ole32

CoTaskMemAlloc
CoInitialize
CoUninitialize
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

oleaut32

LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
VarUI4FromStr
SysAllocString
SysFreeString
SysAllocStringLen
SysStringLen
LoadTypeLi

urlmon

URLDownloadToFileA

version

GetFileVersionInfoA
VerQueryValueA

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetErrorDlg
HttpOpenRequestA

gdiplus

GdipDeleteGraphics
GdipGetImagePixelFormat
GdipFree
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage
GdipAlloc
GdipGetImagePaletteSize

Sections

.text
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27.5MB - Virtual size: 27.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2cf45a80bd727bf8697bfe56e0da71f

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

urlmon

version

wininet

gdiplus

Sections

.text Size: 167KB - Virtual size: 166KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 11KB - Virtual size: 20KB

.rsrc Size: 27.5MB - Virtual size: 27.5MB

.reloc Size: 86KB - Virtual size: 85KB

.text
Size: 167KB - Virtual size: 166KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 11KB - Virtual size: 20KB

.rsrc
Size: 27.5MB - Virtual size: 27.5MB

.reloc
Size: 86KB - Virtual size: 85KB