a26091023ecaf6c2da0b4ae8c4c9a3c0083adc59c3e618ce1d94e817d895817f

Sharing

Copy URL Twitter E-mail

General

Target

a26091023ecaf6c2da0b4ae8c4c9a3c0083adc59c3e618ce1d94e817d895817f
Size

805KB
MD5

50457793aebfb3515bbcbd587bc48c2e
SHA1

24bf9b6ad184ce70b739bc653c1ce6fab3591b07
SHA256

a26091023ecaf6c2da0b4ae8c4c9a3c0083adc59c3e618ce1d94e817d895817f
SHA512

1cce5986472b5b58429261b00e0b8127f6f83792620383ac14caf2e828281bb4c25268e4299430a15e1071e8ac7c6c7130b3360fb2d95694379427489cbeeeb6
SSDEEP

24576:V31pO8YcCHXDQZ+4nNIyB9eHavJFrnG4jV:V360CHXDoJnNI2fvX7G

Score

N/A

Malware Config

Signatures

Files

a26091023ecaf6c2da0b4ae8c4c9a3c0083adc59c3e618ce1d94e817d895817f
.exe windows x86

0d35e0b7c1c61643b8d3877db46dd772

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
CreateFileA
VirtualAlloc
GetCurrentProcessId
GetLocaleInfoA
GetTickCount
GlobalUnlock
LockResource
LeaveCriticalSection
GetTimeZoneInformation
GetUserDefaultLangID
InterlockedDecrement
TlsGetValue
DeleteCriticalSection
GetDateFormatA
HeapReAlloc
GetSystemInfo
CreateFileMappingW
CompareStringA
TlsAlloc
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
GetFileSize
EnumSystemLocalesA
IsDebuggerPresent
InterlockedExchange
GetEnvironmentVariableW
CloseHandle
GlobalLock
SetFilePointer
GetStringTypeW
MoveFileExW
GetTimeFormatA
GetConsoleOutputCP
GetModuleFileNameW
GetCurrentThread
UnhandledExceptionFilter
HeapDestroy
HeapAlloc
GetLastError
TlsFree
GetSystemDirectoryW
WriteConsoleW
FreeLibrary
SystemTimeToFileTime
GetModuleHandleW
GetStringTypeA
TerminateProcess
VirtualFree
GetConsoleCP
FindResourceW
MapViewOfFile
RtlUnwind
TlsSetValue
SetLastError
SetUnhandledExceptionFilter
SetStdHandle
FreeEnvironmentStringsA
SetHandleCount
InterlockedIncrement
FlushFileBuffers
LoadResource
GetFileType
GetConsoleMode
LoadLibraryA
GetSystemDirectoryA
WriteConsoleA
GetProcAddress
EnumResourceLanguagesW
GetACP
HeapFree
GetStdHandle
LCMapStringW
GetLocaleInfoW
UnmapViewOfFile
GetEnvironmentStringsW
RaiseException
GetCurrentThreadId
SetEnvironmentVariableA
GetModuleFileNameA
IsValidCodePage
CreateFileW
GetStartupInfoA
GetEnvironmentStrings
WriteFile
GetCurrentProcess
SetConsoleCtrlHandler
HeapCreate
FreeEnvironmentStringsW
EnterCriticalSection
CompareStringW
EnumResourceNamesW
GlobalAlloc
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetCPInfo
GetOEMCP
GetCommandLineA
SizeofResource
lstrlenW
HeapSize
WideCharToMultiByte
LCMapStringA
FatalAppExitA
ExitProcess
ReadFile
Sleep
IsValidLocale
QueryPerformanceCounter
SetFileAttributesW

user32

LoadCursorW
GetWindowRect
DefWindowProcW
InvalidateRect
GetDlgItem
GetMessageW
UpdateWindow
SetCapture
MessageBoxW
GetScrollInfo
DialogBoxParamW
BeginPaint
FillRect
DestroyWindow
SetWindowPos
GetClientRect
PostQuitMessage
SetCursor
DrawTextW
TranslateMessage
SendMessageW
LoadBitmapW
GetClipboardData
CreateWindowExW
OpenClipboard
TrackMouseEvent
ReleaseCapture
ShowWindow
CloseClipboard
ExitWindowsEx
SetScrollInfo
EndDialog
LoadIconW
RegisterClassExW
DispatchMessageW
ShowScrollBar
SetWindowTextW
MoveWindow
EndPaint
RegisterClassW

gdi32

ChoosePixelFormat
LineTo
BitBlt
SetBkMode
SelectObject
CreateFontW
CreateCompatibleDC
CreatePen
DeleteObject
MoveToEx
SetTextColor
CreateSolidBrush

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegQueryValueExW
AdjustTokenPrivileges
CreateServiceW
LookupPrivilegeValueW
GetNamedSecurityInfoW
SetEntriesInAclW
OpenSCManagerW
OpenProcessToken
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey
SetNamedSecurityInfoW
RegEnumValueW
CloseServiceHandle

shell32

SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

comctl32

ImageList_Add
ImageList_Destroy
ImageList_Create
InitCommonControlsEx

shlwapi

PathFileExistsW
PathIsDirectoryW

msimg32

GradientFill

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

netapi32

NetApiBufferFree

wtsapi32

WTSVirtualChannelClose

dnsapi

DnsReplaceRecordSetA

Exports

Exports

_nax

Sections

.text
Size: 541KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.abc
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.234
Size: - Virtual size: 5.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.joke
Size: 512B - Virtual size: 153B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.poke
Size: 512B - Virtual size: 139B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d35e0b7c1c61643b8d3877db46dd772

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msimg32

version

netapi32

wtsapi32

dnsapi

Exports

Exports

Sections

.text Size: 541KB - Virtual size: 540KB

.abc Size: 235KB - Virtual size: 234KB

.234 Size: - Virtual size: 5.2MB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 828B

.joke Size: 512B - Virtual size: 153B

.poke Size: 512B - Virtual size: 139B

.tls Size: 512B - Virtual size: 57B

.rsrc Size: 14KB - Virtual size: 14KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 541KB - Virtual size: 540KB

.abc
Size: 235KB - Virtual size: 234KB

.234
Size: - Virtual size: 5.2MB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 828B

.joke
Size: 512B - Virtual size: 153B

.poke
Size: 512B - Virtual size: 139B

.tls
Size: 512B - Virtual size: 57B

.rsrc
Size: 14KB - Virtual size: 14KB

.reloc
Size: 6KB - Virtual size: 5KB