559e948a62474254f6bebc0450b976cd091893815949a8d18680581430d9a838

Sharing

Copy URL Twitter E-mail

General

Target

559e948a62474254f6bebc0450b976cd091893815949a8d18680581430d9a838
Size

480KB
MD5

26dfe3cc28f8b637a8ab4a33f2b826e0
SHA1

002bebfc9141569ba10082e448032712b3ed07ee
SHA256

559e948a62474254f6bebc0450b976cd091893815949a8d18680581430d9a838
SHA512

8668f12b68a367ebb16b4bac60f3ad48f8d5e50752656ed9173c9c0b24ed17c6d90515bc5a2b39dbe7d9f5acdb568aeb6de354773e5bf59e7a6b41bb4a76ef8f
SSDEEP

6144:mHb5QV5+OYCUkRBIxAHAfLdf5N+QxfkBN+JmV1d3XgneZYb4LfFu4B5n86g6/y8L:kFQVDY4SRhESmV1dZYb0fzy660

Score

N/A

Malware Config

Signatures

Files

559e948a62474254f6bebc0450b976cd091893815949a8d18680581430d9a838
.exe windows x86

f4b87da0e255af181df1613df7b2f2dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveExtensionW
PathRemoveFileSpecW
PathRemoveArgsW
PathFileExistsW
PathFindExtensionW
PathGetArgsW

winmm

PlaySoundW

comctl32

_TrackMouseEvent

kernel32

WaitForSingleObject
ReleaseMutex
CloseHandle
GetLastError
GetCurrentDirectoryW
LocalFree
CreateMutexW
ExpandEnvironmentStringsW
GetSystemDefaultLangID
WriteConsoleA
SetStdHandle
InitializeCriticalSection
LoadLibraryA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
GetModuleFileNameW
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
HeapSize
Sleep
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
GetExitCodeProcess
GetVersionExW
LocalAlloc
lstrlenW
GetModuleHandleW
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileA
LCMapStringA
GetModuleFileNameA
GetStdHandle
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
ExitProcess
WriteFile
FreeEnvironmentStringsA

user32

DispatchMessageW
RedrawWindow
BeginPaint
CharLowerW
ShowWindow
TranslateAcceleratorW
GetUpdateRect
GetSysColorBrush
DestroyAcceleratorTable
GetDC
TranslateMessage
SetTimer
GetMessageW
LoadIconW
PostQuitMessage
CharNextW
MessageBoxW
UnregisterClassW
CreateAcceleratorTableW
KillTimer
GetSystemMetrics
SendMessageW
UpdateWindow
DrawTextW
EnableWindow
IsWindowEnabled
CallWindowProcW
CopyRect
OffsetRect
InvalidateRect
GetWindowLongW
CharUpperW
SetWindowLongW
DestroyWindow
PostMessageW
CreateWindowExW
SetWindowPos
LoadImageW
EndPaint
DefWindowProcW
ReleaseDC
LoadCursorW
LoadStringW
RegisterClassW

gdi32

CreateFontW
GetObjectW
SetBkMode
SetTextColor
DeleteObject
SelectObject
CreateCompatibleDC
BitBlt
DeleteDC
GetDeviceCaps

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteExW

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 392KB - Virtual size: 16.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4b87da0e255af181df1613df7b2f2dc

Headers

File Characteristics

Imports

shlwapi

winmm

comctl32

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 392KB - Virtual size: 16.0MB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 392KB - Virtual size: 16.0MB

.rsrc
Size: 12KB - Virtual size: 10KB