2525df8f4e03cccb1dbd3a9bfba85adaf38fff83cc3085749d9a02711a670263

Sharing

Copy URL Twitter E-mail

General

Target

2525df8f4e03cccb1dbd3a9bfba85adaf38fff83cc3085749d9a02711a670263
Size

277KB
MD5

4957293dc3ddc61499a33b7f2a343f17
SHA1

35b057389d00b7774586203e3d4ee051af92f9de
SHA256

2525df8f4e03cccb1dbd3a9bfba85adaf38fff83cc3085749d9a02711a670263
SHA512

bbdf1a7953267b1ffe6fcb276ded8fa293af5d307cc642441e66baac498e9d646e93244906c5cf131744cbde699c07167c35e7f2953e88a51618b761692414de
SSDEEP

6144:e3XMdsGTM/i8ZdlaOVE476rftUPTnywnyl4aeF0nTWJO:eH0aigdlLVEZrWryGaeFcJ

Score

N/A

Malware Config

Signatures

Files

2525df8f4e03cccb1dbd3a9bfba85adaf38fff83cc3085749d9a02711a670263
.exe windows x86

90ae89c4a1ecfdefe924a42a51d8028b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupIterateCabinetW

ole32

CoCreateInstance
CoRevokeClassObject
CoTaskMemFree
CLSIDFromProgID
CoTaskMemAlloc
StringFromCLSID
CoLoadLibrary
CoTaskMemRealloc
OleRun
CLSIDFromString
CoUninitialize
CoInitializeEx
StringFromGUID2
CoRegisterClassObject
CoInitialize
CoIsOle1Class
CoDisconnectObject
BindMoniker
CoCreateGuid
CoGetPSClsid
CoFreeLibrary

shlwapi

PathRemoveFileSpecW
PathCombineW

gdi32

GetDeviceCaps
CreateFontIndirectW
DeleteObject

shell32

CommandLineToArgvW
SHGetFolderPathW

user32

SetWindowPos
MsgWaitForMultipleObjectsEx
GetWindowTextW
DestroyWindow
UnregisterClassA
EnableMenuItem
DefWindowProcW
BeginPaint
SetWindowLongW
CreateWindowExW
EnableWindow
CharPrevW
MsgWaitForMultipleObjects
GetMonitorInfoW
TranslateMessage
LoadCursorW
GetDlgItemTextW
CreateDialogParamW
GetWindowRect
CharNextW
EndPaint
MonitorFromWindow
GetMessageA
SetForegroundWindow
ReleaseDC
CallWindowProcW
MapWindowPoints
PostThreadMessageW
GetWindow
DispatchMessageW
GetClientRect
GetFocus
SetCapture
GetSystemMenu
LoadIconW
GetSystemMetrics
LoadStringW
IsWindowUnicode
GetParent
SystemParametersInfoW
PostMessageW
GetDlgItem
SetCursor
GetDC
SendMessageW
GetMessageW
TranslateAcceleratorW
GetWindowPlacement
ReleaseCapture
RegisterClassExW
GetWindowTextLengthW
MessageBoxW
IsWindow
GetClassInfoExW
PeekMessageW
ShowWindow
DialogBoxParamW
SetDlgItemTextW
SetWindowTextW
EndDialog
GetWindowLongW
SetWindowPlacement
DispatchMessageA
SetFocus
GetDesktopWindow

kernel32

FindClose
FileTimeToSystemTime
EnterCriticalSection
GetModuleHandleA
LCMapStringW
TlsFree
GetLocalTime
WaitForSingleObject
FlushInstructionCache
SetEnvironmentVariableA
CompareStringW
HeapReAlloc
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
SetHandleCount
VirtualFree
GetTempFileNameW
EnumUILanguagesW
FindFirstFileW
GetPrivateProfileSectionW
SetStdHandle
CreateThread
LockResource
lstrlenA
WriteConsoleW
GetCurrentThreadId
GetFileInformationByHandle
GetWindowsDirectoryW
GetConsoleMode
DeleteCriticalSection
GetCurrentDirectoryW
FindNextFileW
Process32FirstW
GetExitCodeThread
GetModuleHandleW
UnhandledExceptionFilter
GetFullPathNameW
TlsSetValue
RaiseException
GetACP
lstrcmpiW
GetSystemTimeAsFileTime
LocalAlloc
FindResourceW
GetShortPathNameW
CreateToolhelp32Snapshot
GetSystemDefaultLCID
GetCommandLineW
GetPrivateProfileStringW
SetUnhandledExceptionFilter
InterlockedPushEntrySList
CreateFileW
WideCharToMultiByte
IsDebuggerPresent
IsValidLocale
InterlockedPopEntrySList
MulDiv
MapViewOfFile
GetTempPathW
CreateEventW
FlushFileBuffers
UnmapViewOfFile
TlsAlloc
ResetEvent
HeapAlloc
FindResourceExW
GetSystemInfo
GetOEMCP
lstrlenW
CreateMutexW
GetSystemDirectoryW
FindFirstFileExW
LeaveCriticalSection
LoadResource
EnumSystemLocalesA
ReleaseMutex
Process32NextW
DeleteFileW
GetConsoleCP
DuplicateHandle
LoadLibraryExW
GetCommandLineA
FreeEnvironmentStringsW
SetErrorMode
GetStdHandle
CreateDirectoryW
VirtualAlloc
CreateProcessW
SetLastError
GetDriveTypeW
RtlUnwind
HeapSize
SetEndOfFile
IsWow64Process
GetTimeZoneInformation
IsValidCodePage
CloseHandle
lstrcmpA
WriteFile
OutputDebugStringW
TlsGetValue
CreateFileMappingW
HeapDestroy
FreeLibrary
SetFileAttributesW
GetProcessHeap
ReadFile
SizeofResource
RemoveDirectoryW
FormatMessageW
GetFileType
IsProcessorFeaturePresent
HeapFree
SetFilePointer
LocalFree
PeekNamedPipe

msi

ord205
ord111
ord120
ord92
ord32
ord113
ord8
ord70
ord204
ord159
ord45
ord160

oleaut32

VariantClear
VarUI4FromStr
CreateErrorInfo
SafeArrayDestroy
SysAllocStringLen
SysAllocString
SafeArrayGetElement
VarBstrCmp
SetErrorInfo
VariantInit
SysStringLen
SysFreeString
LoadTypeLi
SafeArrayGetLBound
SafeArrayGetDim
GetErrorInfo
SafeArrayGetUBound
LoadRegTypeLi

comdlg32

GetOpenFileNameW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

icm32

CMCreateTransformW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 240KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90ae89c4a1ecfdefe924a42a51d8028b

Headers

File Characteristics

Imports

setupapi

ole32

shlwapi

gdi32

shell32

user32

kernel32

msi

oleaut32

comdlg32

version

icm32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 240KB - Virtual size: 242KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 240KB - Virtual size: 242KB

.rsrc
Size: 14KB - Virtual size: 13KB