a21ee9805b4ffa9f42b2b895ce5b2e7432b37ffda87ca1bda3995ecae0fdcb23

Sharing

Copy URL

Twitter E-mail

General

Target

a21ee9805b4ffa9f42b2b895ce5b2e7432b37ffda87ca1bda3995ecae0fdcb23
Size

269KB
MD5

481518e42dc8d2c28d72be2582ce5a86
SHA1

7dfc041e74b02e4941ce548199a497443a9aa1b7
SHA256

a21ee9805b4ffa9f42b2b895ce5b2e7432b37ffda87ca1bda3995ecae0fdcb23
SHA512

3d32cadf8e5289c132f8bd16a739fb4e09cde9d198fc2dd596a67dd17491624e812d2d1f417d00621c97e1da034196d355501d019190c5fd82d8f196b08795b1
SSDEEP

6144:8Bv99HElTc923+7UOJQmMaqy8iyCjOBRh:W9x0Tc9UUBM2DjK

Score

N/A

Malware Config

Signatures

Files

a21ee9805b4ffa9f42b2b895ce5b2e7432b37ffda87ca1bda3995ecae0fdcb23
.exe windows x86

f94f4faca26336936f28ea2e692fd96d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

mpr

WNetGetUserW

kernel32

LoadLibraryA
ExpandEnvironmentStringsA
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentThreadId
LocalFree
GetLogicalDriveStringsW
MoveFileW
GetTempFileNameW
SetErrorMode
GetCurrentProcessId
GetVersion
GetCurrentThread
lstrcpynA
lstrlenA
GetFullPathNameA
GetFileAttributesA
lstrcpynW
lstrlenW
GetFileAttributesW
LoadLibraryW
GetLocalTime
GetSystemInfo
GetModuleHandleW
GetVersionExW
LoadResource
FindResourceW
InitializeCriticalSection
MultiByteToWideChar
CreateEventW
FreeLibrary
GetTickCount
GlobalAlloc
GetWindowsDirectoryW
Sleep
GetTempPathW
GetModuleFileNameW
GetLastError
GetCurrentProcess
GetModuleHandleA
GetModuleFileNameA
GetProcAddress

user32

SetWindowRgn
IsWindow
wsprintfW
LoadImageW
PeekMessageW
GetIconInfo
LoadBitmapW
GetMenuItemID
GetMenuItemCount
SetForegroundWindow
GetSubMenu
LoadMenuW
GetDesktopWindow
SetWindowPos
GetCursorPos
GetActiveWindow
OffsetRect
AppendMenuW
CreatePopupMenu
GetSysColor
SetTimer
DestroyCursor
LoadCursorW
DestroyIcon
CheckMenuItem
LoadIconW
EmptyClipboard
InvalidateRect
SetCapture
OpenClipboard
DestroyMenu
SendMessageW
GetFocus
SetCursor
EnableMenuItem
GetSystemMetrics
RemoveMenu
GetAsyncKeyState
GetClassInfoW
PostMessageW
EnableWindow
RegisterWindowMessageW
RegisterClassW

gdi32

CreateRectRgn
CreateDIBSection
DeleteObject
CreateBitmap
CreateCompatibleDC
CreatePen
CreateSolidBrush
CreateFontIndirectW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
SetThreadToken
DuplicateToken
LookupAccountSidW
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
DuplicateTokenEx
GetSidSubAuthority
RegQueryInfoKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegEnumValueW
RevertToSelf
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken
RegDeleteKeyW
RegDeleteKeyA
RegOpenKeyW
RegCreateKeyW
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW
LookupPrivilegeValueW
ImpersonateSelf

shell32

SHGetDesktopFolder
ShellExecuteW
ShellExecuteExW

msasn1

ASN1BEREncCheck
ASN1_CloseDecoder
ASN1CEREncGeneralizedTime
ASN1BEREncEndOfContents
ASN1_FreeDecoded
ASN1CEREncFlushBlkElement
ASN1CEREncBitString
ASN1ztchar16string_free
ASN1BERDecGeneralizedTime
ASN1BERDecU32Val
ASN1objectidentifier2_cmp
ASN1intx2uint32
ASN1BERDecLength
ASN1BEREncUTCTime
ASN1intx2int32
ASN1BEREncGeneralizedTime

rastls

DllUnregisterServer

Sections

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oDMWy
Size: 2KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 78KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Hvpmv
Size: 5KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 139KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Vnr
Size: 4KB - Virtual size: 676KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f94f4faca26336936f28ea2e692fd96d

Headers

File Characteristics

Imports

comctl32

mpr

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msasn1

rastls

Sections

.idata Size: 9KB - Virtual size: 9KB

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 15KB

.oDMWy Size: 2KB - Virtual size: 275KB

.edata Size: 78KB - Virtual size: 174KB

.Hvpmv Size: 5KB - Virtual size: 1.1MB

.data Size: 6KB - Virtual size: 101KB

.edata Size: 139KB - Virtual size: 219KB

.Vnr Size: 4KB - Virtual size: 676KB

.rsrc Size: 2KB - Virtual size: 1KB

.idata
Size: 9KB - Virtual size: 9KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 15KB

.oDMWy
Size: 2KB - Virtual size: 275KB

.edata
Size: 78KB - Virtual size: 174KB

.Hvpmv
Size: 5KB - Virtual size: 1.1MB

.data
Size: 6KB - Virtual size: 101KB

.edata
Size: 139KB - Virtual size: 219KB

.Vnr
Size: 4KB - Virtual size: 676KB

.rsrc
Size: 2KB - Virtual size: 1KB