c375e04aa8ec047a0ddbca2b0ab87735a1773bf0d7e003fb988b0cb768cb6697

Sharing

Copy URL

Twitter E-mail

General

Target

c375e04aa8ec047a0ddbca2b0ab87735a1773bf0d7e003fb988b0cb768cb6697
Size

540KB
MD5

57b134ea941919438df334df781d351b
SHA1

60653c24afeda77623aa6fc3ec2c4c6704edbd52
SHA256

c375e04aa8ec047a0ddbca2b0ab87735a1773bf0d7e003fb988b0cb768cb6697
SHA512

a5e095b2c6bcc7b546f8d4687b9bf69809b48a70629e2f6db7245fd0527786d91b310558afb599dcc9b2dde7a1bf76ed0ec9c7664430f359799e9c5f5f61cb34
SSDEEP

12288:2Uw2keucMXSXvyKmv0FCd15DLAEpF74eDJY1OhEP7GrqT9LG48ON:JzGX2aKmM2YAFMeDS1OhETGgLG48ON

Score

N/A

Malware Config

Signatures

Files

c375e04aa8ec047a0ddbca2b0ab87735a1773bf0d7e003fb988b0cb768cb6697
.cab
Setup.exe
.exe windows x86

d5dd73b168667a8df05ce94250eb9c44

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
FlushInstructionCache
GetCurrentProcess
CopyFileW
SetFileAttributesW
GetFileAttributesW
GetDriveTypeW
CreateMutexW
CloseHandle
GetCurrentThreadId
LoadLibraryW
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
EnterCriticalSection
RaiseException
LeaveCriticalSection
lstrcmpiW
FreeLibrary
GetLastError
WriteFile
CreateFileW
FindResourceExW
GetTempPathW
GetTempFileNameW
DeleteFileW
FindFirstFileW
FindNextFileW
RemoveDirectoryW
FindClose
GetLogicalDriveStringsW
CreateDirectoryW
SetFilePointer
ReadFile
FlushFileBuffers
InterlockedExchange
GetSystemDefaultLangID
GetUserDefaultLangID
EnumResourceLanguagesW
GetLocaleInfoW
GlobalMemoryStatus
OutputDebugStringW
GetSystemDirectoryW
GetWindowsDirectoryW
GetProcAddress
GetEnvironmentVariableW
CreateThread
MulDiv
WaitForSingleObject
GetExitCodeThread
TerminateThread
FindResourceW
CreateEventW
GetFileSize
MoveFileW
Sleep
ResetEvent
CreateFileA
GetDiskFreeSpaceExW
FormatMessageW
CreateProcessW
GetExitCodeProcess
GetVersion
CreateNamedPipeW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
TerminateProcess
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree
LocalAlloc
LoadLibraryA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
HeapCreate
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadResource
LockResource
SizeofResource
GetVersionExW
lstrlenW
MultiByteToWideChar
SetEvent
WideCharToMultiByte

user32

PostQuitMessage
ShowWindow
GetPropW
IsWindowVisible
RedrawWindow
InvalidateRect
SetFocus
LoadStringW
SetForegroundWindow
LoadImageW
GetForegroundWindow
MsgWaitForMultipleObjects
GetSystemMenu
ModifyMenuW
DestroyMenu
ExitWindowsEx
GetDlgCtrlID
SetPropW
RemovePropW
EnableMenuItem
TrackPopupMenu
CallWindowProcW
GetSubMenu
SetTimer
KillTimer
LoadIconW
GetWindowDC
ReleaseDC
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
UnregisterClassA
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
SetWindowTextW
GetDlgItem
IsWindow
PostMessageW
GetDesktopWindow
ScreenToClient
EnableWindow
CreateWindowExW
SendMessageW
DispatchMessageW
TranslateMessage
PeekMessageW
GetDC
GetSystemMetrics
CreateDialogParamW
EndDialog
GetWindow
GetWindowLongW
SystemParametersInfoW
LoadMenuW
DialogBoxParamW
MessageBoxW
GetActiveWindow
SetWindowLongW
DefWindowProcW
CharNextW
DestroyWindow
GetWindowRect

gdi32

GetWindowExtEx
GetViewportExtEx
SetMapMode
GetMapMode
SelectObject
CreateFontIndirectW
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
SetBkMode
DeleteDC
GetObjectW
DeleteObject
GetDeviceCaps

advapi32

OpenSCManagerW
LockServiceDatabase
UnlockServiceDatabase
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyW
RegDeleteKeyW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHBrowseForFolderW
ShellExecuteW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CoCreateInstance
CreateStreamOnHGlobal
CoInitialize

oleaut32

VarUI4FromStr
OleLoadPicture

comctl32

DestroyPropertySheetPage
PropertySheetW
CreatePropertySheetPageW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
your_exe.exe
.exe windows x86

34d2fe703c3fc66607ed901e71827506

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
ExitProcess
InterlockedExchange
GetLastError
GetProcessHeap
VirtualAlloc

shell32

PathResolve

Sections

.textbss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 512B - Virtual size: 363B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d5dd73b168667a8df05ce94250eb9c44

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

version

Sections

.text Size: 232KB - Virtual size: 232KB

.rdata Size: 54KB - Virtual size: 53KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 194KB - Virtual size: 193KB

34d2fe703c3fc66607ed901e71827506

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.textbss Size: - Virtual size: 3KB

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 176B

.idata Size: 512B - Virtual size: 270B

.rsrc Size: 2KB - Virtual size: 2KB

.debug Size: 512B - Virtual size: 363B

.text
Size: 232KB - Virtual size: 232KB

.rdata
Size: 54KB - Virtual size: 53KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 194KB - Virtual size: 193KB

.textbss
Size: - Virtual size: 3KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 176B

.idata
Size: 512B - Virtual size: 270B

.rsrc
Size: 2KB - Virtual size: 2KB

.debug
Size: 512B - Virtual size: 363B