a74f58875b3cb39b89fae4316dbbf77f8adf16082f3df6729faa69ac693ba9a9

Sharing

Copy URL

Twitter E-mail

General

Target

a74f58875b3cb39b89fae4316dbbf77f8adf16082f3df6729faa69ac693ba9a9
Size

958KB
MD5

6581422083df682c99f0a1834de6f435
SHA1

52b113815ee1aa7a0b9f1dd0d62a23c3c156f661
SHA256

a74f58875b3cb39b89fae4316dbbf77f8adf16082f3df6729faa69ac693ba9a9
SHA512

097a31dcfbf6054e30026825fceae6cb07ea846a7ee125e9b43b81d61cfd35f8b770924d26758c9e7f0671bb0b066d08456864f8aed94f32b0c286c54d2101c3
SSDEEP

24576:P18GnZhStV+lPKdClJSNGji6t64KkzGkhpZ5XJyXWHHUhS2:WGnSPa8JN2Z71rXIGHH4S2

Score

N/A

Malware Config

Signatures

Files

a74f58875b3cb39b89fae4316dbbf77f8adf16082f3df6729faa69ac693ba9a9
.exe windows x86

ab9c546df862202962fc29df79683b7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICDraw
ICRemove

userenv

UnloadUserProfile

wintrust

WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain
WinVerifyTrustEx

wininet

InternetCreateUrlW
InternetCrackUrlW
InternetCombineUrlW

uxtheme

SetWindowTheme

secur32

GetUserNameExW

user32

DefDlgProcW
RegisterWindowMessageW
EnumChildWindows
CreateDialogIndirectParamW
GetClassLongW
TrackMouseEvent
GetFocus
RegisterClassExW
GetScrollInfo
SetScrollInfo
IntersectRect
InvalidateRect
PtInRect
UpdateWindow
IsWindowEnabled
KillTimer
GetKeyState
GetNextDlgTabItem
CreateAcceleratorTableW
GetMessageW
TranslateAcceleratorW
IsDialogMessageW
DestroyAcceleratorTable
EnableWindow
LoadCursorW
SetCursor
PostMessageW
DefWindowProcW
IsWindowVisible
ShowWindow
GetWindowTextLengthW
GetWindowTextW
GetClassNameW
GetDesktopWindow
IsWindow
DrawIconEx
CopyRect
GetSysColor
MessageBoxIndirectW
BeginPaint
EndPaint
MapWindowPoints
ScreenToClient
WindowFromPoint
GetDCEx
SetWindowRgn
GetWindowThreadProcessId
GetShellWindow
PostThreadMessageW
MsgWaitForMultipleObjects
GetSystemMenu
EnableMenuItem
CreateWindowExW
GetWindowLongW
SetRect
DestroyWindow
LoadStringW
SetFocus
SendMessageW
ReleaseDC
GetDC
PostQuitMessage
SetProcessDefaultLayout
EndDialog
GetWindowRect
SystemParametersInfoW
DialogBoxIndirectParamW
CharNextW
NotifyWinEvent
GetClientRect
GetParent
MsgWaitForMultipleObjectsEx
TranslateMessage
DispatchMessageW
PeekMessageW
UnregisterClassA

kernel32

OpenProcess
GetTempPathA
GetFullPathNameA
DeleteFileA
SetFilePointer
CreateFileA
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime
GetFileAttributesA
GetTempPathW
GetLocalTime
GetFullPathNameW
ReadFile
QueueUserWorkItem
MulDiv
GetUserDefaultLangID
GetTempFileNameW
FindNextFileW
FindFirstFileW
FindClose
GetLongPathNameW
FileTimeToSystemTime
SetThreadPriority
EnumResourceNamesW
GetSystemInfo
VerifyVersionInfoW
ExpandEnvironmentStringsW
FindResourceExW
CompareStringA
GetStringTypeW
GetStringTypeA
LoadLibraryA
HeapSize
Sleep
VirtualAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LCMapStringW
WideCharToMultiByte
LCMapStringA
GetOEMCP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
WriteConsoleW
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
GetThreadPriority
ExitThread
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateThread
GetStartupInfoA
LockResource
CompareStringW
GetModuleHandleW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
HeapSetInformation
GetModuleFileNameW
LoadLibraryExW
lstrcmpiW
InterlockedIncrement
GetProcessHeap
GetStartupInfoW
HeapReAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile

sensapi

IsNetworkAlive

ntdll

RtlUnwind
VerSetConditionMask

Sections

.text
Size: 578KB - Virtual size: 577KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 351KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mercury
Size: 22KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab9c546df862202962fc29df79683b7f

Headers

File Characteristics

Imports

msvfw32

userenv

wintrust

wininet

uxtheme

secur32

user32

kernel32

sensapi

ntdll

Sections

.text Size: 578KB - Virtual size: 577KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 351KB - Virtual size: 350KB

.mercury Size: 22KB - Virtual size: 3.3MB

.text
Size: 578KB - Virtual size: 577KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 351KB - Virtual size: 350KB

.mercury
Size: 22KB - Virtual size: 3.3MB