f3674c981299ec8c3e2620e5166f7ba9e5073b70407dcf43c2d4022c86b0e325

Sharing

Copy URL Twitter E-mail

General

Target

f3674c981299ec8c3e2620e5166f7ba9e5073b70407dcf43c2d4022c86b0e325
Size

178KB
MD5

a8504de3ac63288c391193bd3842d375
SHA1

bf302d81d4bac2d641420a7f4b682c5b937faadb
SHA256

f3674c981299ec8c3e2620e5166f7ba9e5073b70407dcf43c2d4022c86b0e325
SHA512

38e97181077f8a2e39441e9877d55ffd06a3896abc23f7d15b5a5cf32cd713176218121bd7d8fbb301693463f40a4f68371cfae775bffea935429f3aed2c58fe
SSDEEP

3072:IqfcdJeZFH+P2j2loFkPvjWXoQ78EGDRFYaGGmem4mkS8ZBRKO/KMg0v6eZu:7ZBfjNFkPvjCoQ78FRFYanmao8ZzKOXO

Score

N/A

Malware Config

Signatures

Files

f3674c981299ec8c3e2620e5166f7ba9e5073b70407dcf43c2d4022c86b0e325
.exe windows x86

cf11cb82bff033439a320e42f7499344

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_unlock
__dllonexit
_lock
_onexit
bsearch
_vsnwprintf
_amsg_exit
_initterm
free
malloc
_vsnprintf
wcsncmp
_XcptFilter
_wcsicmp
_wcsnicmp
wcschr
memcpy
memset

ntdll

RtlUnwind

gdi32

GetDeviceCaps

kernel32

ExpandEnvironmentStringsA
LoadResource
FindResourceExW
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
FindResourceW
SearchPathW
GetModuleHandleW
CreateActCtxW
ReleaseActCtx
LoadLibraryExW
Sleep
SystemTimeToFileTime
GetSystemTime
lstrlenW
MultiByteToWideChar
FormatMessageW
LocalFree
LocalAlloc
lstrlenA
InterlockedIncrement
InterlockedDecrement
GetLocalTime
GetProcAddress
LoadLibraryW
FreeLibrary
LocalReAlloc
GetUserDefaultLCID
CopyFileW
GlobalUnlock
GlobalLock
FileTimeToSystemTime
GetLocaleInfoW
GetTickCount
FormatMessageA
GetACP
LocalFileTimeToFileTime
CompareStringA
SetLastError
GetLastError
CloseHandle
CreateFileW
lstrcmpiA
HeapAlloc
GetProcessHeap
HeapFree
WideCharToMultiByte
GetSystemTimeAsFileTime
LoadLibraryA
ActivateActCtx
GetDateFormatW
GetWindowsDirectoryW
GetModuleFileNameW
GetVersionExW
DisableThreadLibraryCalls
lstrcmpA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ReadFile
InterlockedExchange
GetTimeFormatW
InterlockedCompareExchange
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DeactivateActCtx
RaiseException
GetPrivateProfileStringW
GetPrivateProfileStringA
lstrcmpW
VirtualAllocEx
SetFilePointer

user32

IsWindow
LoadStringW
LoadStringA
SendMessageW
PostMessageW
FindWindowW
GetWindowTextW
MessageBoxW
GetClientRect
GetSysColor
GetMenuItemCount
GetMenuItemInfoW
CreatePopupMenu
GetSubMenu
RemoveMenu
DispatchMessageW
GetPropW
SetPropW
RemovePropW
GetForegroundWindow
CheckDlgButton
GetParent
CheckRadioButton
EnableMenuItem
SetMenuDefaultItem
LoadIconW
GetDlgItemTextW
GetDlgItemInt
SendDlgItemMessageW
SetDlgItemInt
GetSystemMetrics
DestroyIcon
LoadImageW
LoadCursorW
SetCursor
LoadMenuW
DestroyMenu
RegisterClipboardFormatW
RegisterClassW
DefWindowProcW
EndDialog
SetWindowLongW
SetDlgItemTextW
ShowWindow
MessageBeep
GetDesktopWindow
SetDlgItemTextA
DialogBoxParamW
GetWindowRect
GetDC
ReleaseDC
SetWindowPos
EnableWindow
CreateWindowExW
MessageBoxIndirectW
GetWindowLongW
IsDlgButtonChecked
KillTimer
SetTimer
RegisterWindowMessageW
DestroyWindow

advapi32

RegEnumValueW
RegEnumKeyW
RegQueryInfoKeyW
RegDeleteValueW
RegQueryValueExA
RegOpenKeyExA
RegQueryValueW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

shlwapi

StrSpnA
SHGetValueW
StrChrW
SHDeleteKeyW
StrCmpIW
StrCmpW
StrDupW
StrRChrW
PathFindFileNameW
PathCombineW
PathIsDirectoryW
StrCmpNIW
PathFindExtensionW
PathIsURLW
SHStrDupW
StrFormatByteSizeW
PathRemoveBlanksW
StrTrimW
UrlCompareW
SHEnumValueW
PathAppendW
PathStripPathW
UrlCombineW
StrCSpnA

olesvr32

OleRevokeObject
OleQueryServerVersion
OleRegisterServerDoc

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf11cb82bff033439a320e42f7499344

Headers

File Characteristics

Imports

msvcrt

ntdll

gdi32

kernel32

user32

advapi32

shlwapi

olesvr32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 146KB - Virtual size: 251KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 3KB - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 146KB - Virtual size: 251KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 3KB - Virtual size: 4KB