b98cacb405b451edec73e02af61cc277141c8f43a1ecea27368f998369d9507e

Sharing

Copy URL Twitter E-mail

General

Target

b98cacb405b451edec73e02af61cc277141c8f43a1ecea27368f998369d9507e
Size

210KB
MD5

e29e6192ca8bb5cb880af8e7b312c237
SHA1

d38e9cad9121996fae423357538792c501bb2de3
SHA256

b98cacb405b451edec73e02af61cc277141c8f43a1ecea27368f998369d9507e
SHA512

5240570a57a4b99ce23631c8f769768e23df7492ec43023fedf7c1f196ba90f89aa0cdda2622450304e26b3384c6da0a449883e10ad9b7dbb71fc3c623b8c192
SSDEEP

6144:5ivl3lYJd8WydY7Dl+dKm6+shVtRycEW4n:cvl3lYJd8WHlrm1YVnPo

Score

N/A

Malware Config

Signatures

Files

b98cacb405b451edec73e02af61cc277141c8f43a1ecea27368f998369d9507e
.exe windows x86

715dac875d27f88b20b6e7fb45bc08ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameW
OpenSemaphoreW
RaiseException
GetLocaleInfoW
CopyFileA
GetFileAttributesA
SetEvent
GetExitCodeProcess
CreateNamedPipeW
lstrcpynA
FreeLibrary
GetCommandLineA
CompareFileTime
CreateEventW
GetLogicalDriveStringsW
lstrcmpiA
GetUserDefaultLCID
GetLastError
GetSystemDefaultLangID
HeapCreate
CreateSemaphoreW
GetFileAttributesW
GetStartupInfoA
GetTimeFormatW
lstrcmpA
QueryPerformanceFrequency
FindResourceA
GetModuleHandleW
CreateFileMappingW
MultiByteToWideChar
lstrcpyn
GetModuleHandleA
lstrcpy
AddAtomW
GetExpandedNameA
OpenEventA
GetShortPathNameW
BeginUpdateResourceA
GetModuleFileNameW
GetProcAddress
CreatePipe
EnumTimeFormatsW
GlobalFindAtomW
SearchPathW
GetCalendarInfoW
GetACP
MoveFileW
LocalFree
QueryPerformanceCounter

user32

RegisterWindowMessageA
GetKeyboardType
GetWindowLongA
CreateDesktopW
DrawTextW
FrameRect
GetClientRect
CharLowerA
GetMessageW
IsDlgButtonChecked
GetClassNameW
mouse_event
SendMessageW
CheckDlgButton
DefFrameProcW
GetClassInfoW
ShowWindow
GetWindowTextLengthA
CharUpperA
SetWindowTextA
GetWindowRect
GetClassNameA
GetSysColor
LoadIconW
PostQuitMessage
GetMenuItemInfoW
GetDCEx
RegisterClassExW
CharLowerW
MoveWindow
WinHelpW
DefWindowProcA
CreateWindowExW
ActivateKeyboardLayout
CreateDialogParamA
GetDesktopWindow
GetClassLongA
CreateWindowExA
GetMenu

gdi32

SetTextColor
Ellipse
PolyPolyline
ResizePalette
GetEnhMetaFileDescriptionA
GetCharWidth32A
CreateHatchBrush
CreatePolygonRgn
GetKerningPairsW

advapi32

RegDeleteValueW
RegFlushKey
RegEnumValueW
RegDeleteKeyW
RegSaveKeyA
RegRestoreKeyA
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumValueA
RegOpenKeyA
RegReplaceKeyA
RegOpenKeyW

shell32

ExtractAssociatedIconW
StrStrIA
ExtractAssociatedIconExW

shlwapi

StrCmpLogicalW
PathStripPathA
UrlCombineW
SHQueryInfoKeyA
SHRegGetBoolUSValueA
AssocQueryStringByKeyW
UrlEscapeA
UrlIsOpaqueW
SHSetValueW
StrToInt64ExA

urlmon

CDLGetLongPathNameW
RegisterMediaTypeClass
DllGetClassObject
CDLGetLongPathNameA
AsyncGetClassBits
SetSoftwareUpdateAdvertisementState
HlinkSimpleNavigateToString
CoInternetQueryInfo
CoInternetGetSecurityUrl
URLDownloadA
DllCanUnloadNow
HlinkGoBack
GetMarkOfTheWeb

wsock32

EnumProtocolsW
WSACancelBlockingCall
gethostname

Sections

.Ldng
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.D
Size: 4KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.quI
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rUgv
Size: 4KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vzj
Size: 1024B - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

715dac875d27f88b20b6e7fb45bc08ab

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

urlmon

wsock32

Sections

.Ldng Size: 12KB - Virtual size: 12KB

.D Size: 4KB - Virtual size: 302KB

.quI Size: 4KB - Virtual size: 36KB

.rUgv Size: 4KB - Virtual size: 70KB

.vzj Size: 1024B - Virtual size: 131KB

.data Size: 113KB - Virtual size: 215KB

.rsrc Size: 69KB - Virtual size: 68KB

.reloc Size: 1024B - Virtual size: 816B

.Ldng
Size: 12KB - Virtual size: 12KB

.D
Size: 4KB - Virtual size: 302KB

.quI
Size: 4KB - Virtual size: 36KB

.rUgv
Size: 4KB - Virtual size: 70KB

.vzj
Size: 1024B - Virtual size: 131KB

.data
Size: 113KB - Virtual size: 215KB

.rsrc
Size: 69KB - Virtual size: 68KB

.reloc
Size: 1024B - Virtual size: 816B