df5ac0fb9ce1e516e58e5f9bd6732766a664b5a06953c0d19456fb66a72525ee

Sharing

Copy URL Twitter E-mail

General

Target

df5ac0fb9ce1e516e58e5f9bd6732766a664b5a06953c0d19456fb66a72525ee
Size

320KB
MD5

04c8b9796eccaeeafdfe3491eda57910
SHA1

3c608323e072955c90b5a28c0d91b82ea66a353f
SHA256

df5ac0fb9ce1e516e58e5f9bd6732766a664b5a06953c0d19456fb66a72525ee
SHA512

716be4b5091e2503277550195f8c44901fb3e508d729d0002109516e6488ff8795828b873fb92cadf26c28b07f325aa3fedec4b998a27c050c068b1761dcd10d
SSDEEP

6144:89pZIJryAmOALHaI2h+mZR/CJSUwu+Cie0Cb1d6C169X1EgSHSWQ:89peJOos6n7R/7SfpSC169qgSyW

Score

N/A

Malware Config

Signatures

Files

df5ac0fb9ce1e516e58e5f9bd6732766a664b5a06953c0d19456fb66a72525ee
.exe windows x86

14410fa6c1317259ee7b9c7157cbf585

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHUpdateRecycleBinIcon
ExtractIconExW
ShellHookProc
SHQueryRecycleBinW
SHGetDataFromIDListW

wininet

GopherOpenFileW
GetUrlCacheHeaderData
FtpRenameFileW
InternetCrackUrlW
InternetDialA
DeleteUrlCacheContainerW
InternetDial

advapi32

StartServiceA
RegSetKeySecurity
CryptSignHashW
CryptSetProviderA
CryptContextAddRef
CryptSetKeyParam
CryptDecrypt
LookupSecurityDescriptorPartsW
CryptDuplicateKey
LookupAccountNameW
LookupPrivilegeDisplayNameW
LookupAccountSidA
CryptSignHashA
RegSetValueW
CryptAcquireContextA
LookupPrivilegeNameW
CryptEnumProviderTypesA
RegQueryValueExA
RegReplaceKeyA

kernel32

GetFileTime
lstrcpyW
TlsGetValue
TlsSetValue
GetEnvironmentStringsW
GetOEMCP
FreeEnvironmentStringsA
WideCharToMultiByte
InitializeCriticalSection
InterlockedExchange
GetPrivateProfileSectionNamesW
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
GetTickCount
EnumCalendarInfoExA
GetModuleHandleA
CreateSemaphoreW
GetProcAddress
OpenMutexA
LoadLibraryA
GetFileType
CloseHandle
GetCurrentProcess
EnumSystemLocalesW
SetLastError
FindFirstFileA
CopyFileExA
GetTempFileNameA
ReadFileEx
VirtualAllocEx
ReleaseSemaphore
GetSystemTimeAdjustment
AddAtomA
GetModuleFileNameA
CreateDirectoryExW
SetEnvironmentVariableA
ExitProcess
GetModuleHandleW
GetProfileIntA
GetCurrentThread
GetEnvironmentStrings
GetThreadTimes
GetStartupInfoW
ExitThread
GetEnvironmentVariableA
TerminateThread
GetCommandLineA
GetLongPathNameA
GetExitCodeThread
FlushViewOfFile
VirtualAlloc
GetCPInfo
GetVersion
EnumDateFormatsA
GetLocalTime
DeleteFileW
DeleteAtom
SetConsoleMode
WriteProfileSectionW
HeapSize
GetTimeZoneInformation
GetCommandLineW
GetNamedPipeHandleStateW
SetHandleCount
HeapFree
VirtualUnlock
CompareStringA
GetPrivateProfileIntA
SetFilePointer
InterlockedDecrement
GetStringTypeA
GetLastError
GetPrivateProfileIntW
GetProfileIntW
GetSystemTime
HeapReAlloc
WriteConsoleOutputW
HeapCreate
LCMapStringW
RemoveDirectoryA
CreateDirectoryW
CreateFileMappingA
EnumSystemCodePagesW
SetSystemTime
GetNumberFormatW
WriteFile
GetCurrentDirectoryW
SetConsoleScreenBufferSize
SetConsoleCP
FreeEnvironmentStringsW
InterlockedCompareExchange
GetProcessHeaps
SetStdHandle
GetStdHandle
DebugBreak
ExpandEnvironmentStringsW
GetCurrentProcessId
FlushFileBuffers
HeapAlloc
lstrcpy
TlsAlloc
RtlUnwind
VirtualFree
MultiByteToWideChar
ReadFile
TerminateProcess
GetStartupInfoA
HeapDestroy
GetModuleFileNameW
GetStringTypeW
GetPriorityClass
CreateMutexA
CompareStringW
TlsFree
LCMapStringA
lstrcpyn
DeleteCriticalSection
InterlockedIncrement
GetLogicalDrives
VirtualQuery
FoldStringW
SetEvent
CreateNamedPipeW
GetSystemTimeAsFileTime
VirtualProtectEx
GlobalFindAtomW
QueryPerformanceCounter
GlobalUnlock
GetCurrentThreadId
LocalShrink
IsBadWritePtr
GetProcessHeap
DuplicateHandle
CreateRemoteThread

user32

RemovePropW
ShowCursor
RealChildWindowFromPoint
UpdateWindow
SetScrollPos
CreateIconFromResource
InternalGetWindowText
GetUpdateRgn
PaintDesktop
CharUpperBuffW
GetDlgItemInt
PostQuitMessage
CharUpperBuffA
CreateMDIWindowA
SetProcessWindowStation
SetThreadDesktop
SetActiveWindow
OpenDesktopW
KillTimer
ChangeDisplaySettingsW
GetWindowTextLengthW
CreateDesktopW
InsertMenuItemA
GetThreadDesktop
GetDlgItemTextA
GetClipboardSequenceNumber
InsertMenuItemW
DefWindowProcA
ModifyMenuA
GetSystemMenu
CreateCursor
BroadcastSystemMessage
CopyRect
MessageBoxIndirectW
IntersectRect
GetClassLongW
DlgDirSelectExA
DestroyWindow
SetWindowRgn
CascadeChildWindows
CallWindowProcW
SendDlgItemMessageW
wvsprintfW
MapVirtualKeyA
EnumDisplayDevicesA
ToUnicodeEx
WINNLSGetEnableStatus
GetInputState
GetMenu
LoadKeyboardLayoutA
GetClassLongA
OpenWindowStationW
DlgDirSelectComboBoxExA
EnumPropsExA
LoadBitmapW
RegisterClassExA
SetScrollInfo
DdeFreeDataHandle
SetFocus
CreateWindowExA
LoadAcceleratorsA
BlockInput
LoadMenuW
UnregisterClassA
IsCharAlphaNumericA
DestroyCaret
SetScrollRange
MessageBoxA
RegisterHotKey
ValidateRect
WINNLSEnableIME
GetCaretBlinkTime
OpenInputDesktop
InSendMessageEx
IsDialogMessage
DlgDirListA
DefWindowProcW
SetUserObjectSecurity
GetClassNameW
EnumDisplaySettingsW
WindowFromPoint
RegisterClassA
ShowWindow
GetDoubleClickTime
TabbedTextOutW
GetCapture
ChildWindowFromPointEx
ChangeMenuW
MenuItemFromPoint
ToAscii
CopyImage
DdeQueryNextServer
GetParent
DrawAnimatedRects
SwitchToThisWindow
ChangeDisplaySettingsA
InflateRect
SwitchDesktop
DdeGetData
DrawTextExA
GetClipboardOwner
DdeClientTransaction
CharToOemBuffA
GetMenuItemCount
GetKeyboardLayoutNameW

comctl32

ImageList_Create
GetEffectiveClientRect
CreateStatusWindow
InitCommonControlsEx
DrawInsert
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_GetImageRect
ImageList_SetOverlayImage
DrawStatusText

gdi32

GetWorldTransform
DrawEscape
CreateDIBPatternBrush
GetSystemPaletteUse
UpdateColors
GetColorAdjustment
SetPaletteEntries
SetColorAdjustment
CreatePolygonRgn
GetKerningPairs
StretchDIBits
IntersectClipRect
SetTextAlign
SetViewportOrgEx
GetCharWidthA
SetTextColor
GetTextMetricsW
GetAspectRatioFilterEx
GetCharacterPlacementW
GdiSetBatchLimit
GetLogColorSpaceA
EnumMetaFile
SetICMProfileW

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14410fa6c1317259ee7b9c7157cbf585

Headers

File Characteristics

Imports

shell32

wininet

advapi32

kernel32

user32

comctl32

gdi32

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 92KB - Virtual size: 112KB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 92KB - Virtual size: 112KB

.rsrc
Size: 32KB - Virtual size: 28KB