64df0359701b28ddb8fc79bdfa23bac1604c58b568886b986eca9999848da967

Sharing

Copy URL Twitter E-mail

General

Target

64df0359701b28ddb8fc79bdfa23bac1604c58b568886b986eca9999848da967
Size

306KB
MD5

a8f1208ac06620c4dd46a826ea92d3f7
SHA1

4caad70604711b1aa82d35c05c9fd3e62fae65ac
SHA256

64df0359701b28ddb8fc79bdfa23bac1604c58b568886b986eca9999848da967
SHA512

f74a92966b5658eea9173104f36e826e693cb050b70e011bf58276993bce425015cabfa7d22acc147bbff27040f508b9a6c914f95d0b095bb9e20004d1bbaf93
SSDEEP

6144:SyWT3bGr2nim9wKMxC15hbJncB6Q/nTfxLubqZN4wMn:wbI+n0OhbJO//LNu+ZNu

Score

N/A

Malware Config

Signatures

Files

64df0359701b28ddb8fc79bdfa23bac1604c58b568886b986eca9999848da967
.exe windows x86

0b94e817188f1bb8577ceb84721a481d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
lstrcatA
GetLastError
GlobalReAlloc
PeekNamedPipe
SizeofResource
FindFirstFileA
WideCharToMultiByte
WriteFile
SetEnvironmentVariableA
CompareStringW
RaiseException
HeapAlloc
TlsSetValue
GetWindowsDirectoryA
SetUnhandledExceptionFilter
HeapFree
GetSystemDefaultLangID
GetStringTypeW
GetCurrentProcess
GetVersion
FindNextFileA
SetEvent
lstrcpynA
HeapSize
WaitForSingleObject
GetFileSize
GetCommandLineA
GetEnvironmentVariableA
DeleteFileA
LocalReAlloc
MultiByteToWideChar
SetFileAttributesA
FormatMessageA
GetExitCodeProcess
MoveFileExA
CreateThread
GetVersionExA
GetSystemTime
UnhandledExceptionFilter
SetLastError
GetPrivateProfileStringA
InterlockedIncrement
SetHandleCount
CloseHandle
lstrlenA
GetACP
IsBadCodePtr
GetCurrentThreadId
CopyFileA
GetProcAddress
InitializeCriticalSection
HeapReAlloc
TlsFree
TlsAlloc
GetFileType
LeaveCriticalSection
GetFullPathNameA
GetLocalTime
lstrcmpiA
GetOEMCP
GlobalFindAtomA
LCMapStringW
IsBadReadPtr
LoadLibraryW
VirtualProtect
ResumeThread
GetCurrentThread
GetTimeZoneInformation
GetStringTypeA
MulDiv
GetTempFileNameA
DeleteCriticalSection
ReadFile
FindClose
GetDateFormatA
SetThreadPriority
CompareStringA
SetFilePointer
GlobalFree
LockResource
TlsGetValue
GlobalFlags
LocalAlloc
GetProcessVersion
RtlUnwind
SetErrorMode
ExitThread
WritePrivateProfileStringA
GlobalDeleteAtom
SuspendThread
HeapDestroy
CreateProcessA
GlobalLock
HeapCreate
GetDriveTypeA
GetStdHandle
LoadLibraryA
VirtualAlloc
InterlockedDecrement
GetProfileStringA
GetEnvironmentStringsW
EnterCriticalSection
LoadResource
VirtualFree
GlobalAddAtomA
lstrcmpA
RemoveDirectoryA
FreeEnvironmentStringsA
CreateDirectoryA
SetEndOfFile
FreeEnvironmentStringsW
SetStdHandle
Sleep
GlobalGetAtomNameA
GetModuleHandleA
CreatePipe
CreateFileA
GetModuleFileNameA
GlobalHandle
FindResourceA
LocalFree
ExitProcess
GetCurrentDirectoryA
LCMapStringA
GetEnvironmentStrings
FreeLibrary
lstrcpyA
GlobalAlloc
GlobalUnlock
GetCPInfo
GetStartupInfoA
CreateEventA
IsBadWritePtr
TerminateProcess

user32

LoadStringA
ClientToScreen
CharNextA
KillTimer
GetMenuState
DrawTextA
LoadAcceleratorsA
SetWindowLongA
LoadCursorA
GetCapture
TranslateAcceleratorA
BeginPaint
DefWindowProcA
SetWindowTextA
GetClassLongA
ValidateRect
SetDlgItemTextA
GetClientRect
GetPropA
AttachThreadInput
CreateWindowExA
GetActiveWindow
InflateRect
IsWindowEnabled
DrawFocusRect
MoveWindow
PostQuitMessage
GetSysColorBrush
AdjustWindowRectEx
SetPropA
GetForegroundWindow
InvalidateRect
ReleaseDC
GetMessageA
SetWindowsHookExA
GetSubMenu
GetClassInfoA
CreateDialogIndirectParamA
CallWindowProcA
GetTopWindow
GetMenuCheckMarkDimensions
GetMessageTime
TranslateMessage
LoadIconA
RegisterClassA
EnableWindow
SetForegroundWindow
ShowCaret
SetTimer
IsWindowUnicode
GetMenu
IntersectRect
GetMenuStringA
IsWindow
GetDesktopWindow
SetMenuItemBitmaps
PostMessageA
SetWindowPos
DestroyMenu
ScreenToClient
OffsetRect
CallNextHookEx
GetNextDlgTabItem
GetLastActivePopup
GrayStringA
LoadBitmapA
SendDlgItemMessageA
SystemParametersInfoA
UnregisterClassA
EndPaint
EndDialog
GetFocus
DestroyWindow
GetMessagePos
IsWindowVisible
HideCaret
GetWindowTextLengthA
SetActiveWindow
GetDlgItem
GetClassNameA
GetMenuItemCount
WinHelpA
IsDialogMessageA
wsprintfA
GetSystemMetrics
ShowWindow
GetWindow
RemovePropA
SetFocus
TabbedTextOutA
GetWindowLongA
MapWindowPoints
GetWindowRect
GetWindowPlacement
EnableMenuItem
DefDlgProcA
SetCursor
LoadImageA
GetWindowTextA
GetDlgCtrlID
RegisterWindowMessageA
DispatchMessageA
UnhookWindowsHookEx
SendMessageA
ExcludeUpdateRgn
GetKeyState
GetParent
GetCursorPos
ModifyMenuA
CheckMenuItem
PeekMessageA
IsIconic
GetMenuItemID
GetDC
PtInRect
GetWindowDC
UpdateWindow
CopyRect
MessageBoxA
GetSysColor

gdi32

GetClipBox
GetTextExtentPoint32A
PatBlt
ScaleWindowExtEx
OffsetViewportOrgEx
IntersectClipRect
SetTextColor
ScaleViewportExtEx
CreateSolidBrush
CreateBitmap
SetWindowExtEx
GetDeviceCaps
RectVisible
BitBlt
CreateCompatibleDC
DeleteDC
SaveDC
GetStockObject
PtVisible
SetBkMode
CreatePalette
SelectPalette
SelectObject
SetBkColor
SetViewportExtEx
RestoreDC
Escape
SetViewportOrgEx
SetMapMode
GetDIBColorTable
TextOutA
CreateHalftonePalette
GetObjectA
DeleteObject
RealizePalette
CreateDIBitmap
GetTextExtentPointA
ExtTextOutA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegCreateKeyExA
RegLoadKeyA
RegSetValueExA
RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegSaveKeyA
RegQueryInfoKeyA
RegFlushKey
LookupPrivilegeValueA
AdjustTokenPrivileges
RegUnLoadKeyA
OpenProcessToken

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
ExtractIconA
ord680
SHGetMalloc
ShellExecuteA

oleaut32

SysAllocString

comctl32

ImageList_Destroy
ord17

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

InternetSetCookieA
InternetGetCookieExA

setupapi

SetupGetLineCountA
SetupDecompressOrCopyFileA
SetupFindFirstLineA
SetupGetFieldCount
SetupGetBinaryField
SetupFindNextLine
SetupGetLineTextA
SetupGetIntField
SetupOpenInfFileA
SetupCloseInfFile
SetupIterateCabinetA
SetupGetStringFieldA
SetupFindNextMatchLineA

msi

ord44

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ky2l
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kuy2l
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat_0
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b94e817188f1bb8577ceb84721a481d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

version

wininet

setupapi

msi

Sections

.text Size: 11KB - Virtual size: 10KB

.itext Size: 9KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 147KB

.ky2l Size: 105KB - Virtual size: 104KB

.kuy2l Size: 165KB - Virtual size: 165KB

.rsrc Size: 8KB - Virtual size: 7KB

.idat_0 Size: 3KB - Virtual size: 2KB

.text
Size: 11KB - Virtual size: 10KB

.itext
Size: 9KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 147KB

.ky2l
Size: 105KB - Virtual size: 104KB

.kuy2l
Size: 165KB - Virtual size: 165KB

.rsrc
Size: 8KB - Virtual size: 7KB

.idat_0
Size: 3KB - Virtual size: 2KB