a3739a510477ec2aa3fc85a724c7c4f0be08c4600b97fc20e65270b653573d48

Sharing

Copy URL Twitter E-mail

General

Target

a3739a510477ec2aa3fc85a724c7c4f0be08c4600b97fc20e65270b653573d48
Size

576KB
MD5

deba076065cf931bdc270b079ddd1a01
SHA1

69bcfa35deda8c542e0fe67a8cb91f046da023bd
SHA256

a3739a510477ec2aa3fc85a724c7c4f0be08c4600b97fc20e65270b653573d48
SHA512

fdd36bde6c72523d6d347cd83a29343e09a0afb69780c4a6db637779b17ac89d9d0bed32c3047bab25d5c565160c28657bf28d251ef227c0c7e472533e60ff9e
SSDEEP

12288:uu8Sc2BdQ/MKaagEuenWkXf/V2TXVv52v3tym4AMfs0Nh/Y0ij/:SGsMK43enWo3kDVa9YNfs0NW0ij/

Score

N/A

Malware Config

Signatures

Files

a3739a510477ec2aa3fc85a724c7c4f0be08c4600b97fc20e65270b653573d48
.exe windows x86

bd4c2056c04de01a54270dbb6fc3e5ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
DragFinish
SHQueryRecycleBinA
SHGetPathFromIDList

wininet

InternetReadFileExW
FtpGetCurrentDirectoryA
SetUrlCacheHeaderData
FtpSetCurrentDirectoryA
FtpGetFileA
HttpSendRequestW
CreateUrlCacheEntryW
GopherOpenFileW

user32

GetMessageTime
MessageBoxIndirectW
SetClipboardViewer
ShowCursor
UnhookWindowsHookEx
GetClassLongW
RegisterClassA
SetMessageQueue
InvalidateRect
CreateIconFromResourceEx
GetMenuItemInfoW
GetProcessDefaultLayout
WinHelpW
EnumDisplayMonitors
MessageBeep
GetKeyboardLayoutNameW
SetUserObjectSecurity
SetCaretPos
GetMenuStringW
CreateWindowExA
GetMenuContextHelpId
GetAsyncKeyState
GetScrollPos
LoadBitmapA
EnumPropsExA
CharNextW
EnumDisplaySettingsExA
LoadStringA
GetClipboardViewer
SetClassLongA
DefDlgProcW
DdeCmpStringHandles
DefFrameProcA
DefWindowProcA
DrawFocusRect
GrayStringW
GetWindowTextA
IsIconic
wsprintfW
GetInputState
GetMenuItemRect
EnumDesktopsA
RegisterClassExA
MonitorFromRect
DlgDirSelectExA
GetDC
CharPrevExA
LoadBitmapW
MessageBoxIndirectA
EndTask
SetWindowsHookW
CharPrevA
GetMessageA
DialogBoxParamW
CreateMenu
SetParent
DragObject
DrawIcon
MenuItemFromPoint
CopyAcceleratorTableA
IsWindowEnabled
ShowWindow
MessageBoxA
DlgDirSelectExW
DdeSetUserHandle
GetLastActivePopup
RegisterWindowMessageW
EndDialog
GetGUIThreadInfo
BeginPaint
WaitForInputIdle
SetProcessWindowStation
CreateWindowStationW
EnumDesktopsW
ShowWindowAsync
CreateMDIWindowA
SetMenuDefaultItem
ScrollWindowEx
SetDlgItemTextW
LoadCursorFromFileA
MoveWindow
SetMenuItemInfoA
SetSysColors
DestroyWindow
LoadImageA
DrawEdge
GetForegroundWindow
DdeCreateDataHandle
DdeQueryNextServer
CallMsgFilterW
OpenIcon
LoadMenuIndirectW
GetCursorPos
ReplyMessage
GetTabbedTextExtentA
TranslateMDISysAccel
GetWindowThreadProcessId
IsDialogMessage
RegisterClassW
EnableScrollBar
GetParent
BroadcastSystemMessageW
TrackPopupMenuEx

comctl32

ImageList_SetFlags
CreateMappedBitmap
ImageList_SetImageCount
DrawStatusTextA
ImageList_DrawIndirect
_TrackMouseEvent
ImageList_GetImageCount
InitCommonControlsEx
ImageList_Copy
ImageList_DrawEx
ImageList_Draw
ImageList_ReplaceIcon
ImageList_AddIcon
ImageList_SetOverlayImage
MakeDragList
CreatePropertySheetPage

kernel32

WriteConsoleOutputCharacterA
MultiByteToWideChar
TerminateThread
EnumDateFormatsA
InterlockedExchange
GetUserDefaultLCID
GetModuleFileNameA
GetCurrentThread
OpenMutexA
SetStdHandle
LocalHandle
WriteConsoleW
GetFileType
OpenFileMappingA
MoveFileExA
ExpandEnvironmentStringsW
GetOEMCP
CreateFileA
CompareStringW
GetEnvironmentStrings
EnumResourceNamesA
LoadLibraryA
GetCurrentDirectoryW
IsDebuggerPresent
GetStringTypeA
VirtualQuery
ExitThread
GlobalReAlloc
GetConsoleCP
GetExitCodeThread
GetPrivateProfileSectionNamesW
GetProcessHeap
QueryPerformanceCounter
GetTempFileNameA
CreateMutexA
FormatMessageW
IsValidLocale
WriteConsoleOutputW
EnterCriticalSection
SetFilePointer
UnlockFileEx
WriteFileEx
GetCommandLineW
SetLastError
GetSystemTimeAdjustment
AllocConsole
GetTickCount
InterlockedIncrement
HeapReAlloc
ExpandEnvironmentStringsA
VirtualProtect
GetStdHandle
CompareStringA
lstrcat
UnhandledExceptionFilter
GetLastError
HeapFree
GetStringTypeW
GetConsoleOutputCP
FlushFileBuffers
InterlockedDecrement
SetEnvironmentVariableA
IsValidCodePage
GetVersionExA
TlsSetValue
GetCurrentProcess
LeaveCriticalSection
GetCPInfo
WriteFile
HeapSize
LocalFree
HeapDestroy
EnumSystemLocalesA
GetStartupInfoW
Sleep
DosDateTimeToFileTime
VirtualFree
SetHandleCount
HeapCreate
VirtualFreeEx
CreateRemoteThread
GetTimeZoneInformation
GetDiskFreeSpaceW
LCMapStringW
TlsFree
HeapAlloc
GlobalGetAtomNameW
FlushViewOfFile
GetModuleHandleA
GetModuleFileNameW
GlobalFindAtomW
GetEnvironmentVariableW
FreeLibrary
SetConsoleCtrlHandler
GetCommandLineA
TerminateProcess
DeleteFiber
FindResourceExA
VirtualAlloc
SetLocaleInfoW
WideCharToMultiByte
SetEnvironmentVariableW
GetCurrentProcessId
LCMapStringA
GetLocaleInfoA
SetCurrentDirectoryA
InitializeCriticalSection
WriteConsoleA
GetConsoleMode
FindAtomA
TlsAlloc
GetEnvironmentStringsW
GetComputerNameA
GetSystemTimeAsFileTime
CloseHandle
DeleteCriticalSection
GetTimeFormatA
TlsGetValue
ReadFile
SetConsoleTitleW
GetShortPathNameA
GlobalUnfix
VirtualProtectEx
GetAtomNameW
GetStartupInfoA
RtlFillMemory
ReadConsoleOutputW
FreeEnvironmentStringsA
GetACP
GetDateFormatA
WritePrivateProfileSectionA
FileTimeToSystemTime
SetUnhandledExceptionFilter
GetLocaleInfoW
RtlUnwind
GetCurrentThreadId
ReadConsoleA
GetThreadTimes
GetProcAddress
GetLogicalDriveStringsA
GetCalendarInfoA
ExitProcess
FreeEnvironmentStringsW

advapi32

CryptSetProvParam
CryptAcquireContextA
RegNotifyChangeKeyValue
CryptSetHashParam
RegOpenKeyW
RevertToSelf
RegCreateKeyW
ReportEventW
CryptGetDefaultProviderA
RegQueryValueA
RegSaveKeyA
RegOpenKeyA
LookupAccountNameW
CryptExportKey
RegSetValueA
RegEnumValueW
CryptGetKeyParam
CreateServiceA
CryptGetProvParam
CryptGetUserKey

gdi32

StartPage
CreateDCW
GetObjectW
GetDeviceCaps
DeleteDC
RectVisible

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd4c2056c04de01a54270dbb6fc3e5ea

Headers

File Characteristics

Imports

shell32

wininet

user32

comctl32

kernel32

advapi32

gdi32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 268KB - Virtual size: 266KB

.data Size: 100KB - Virtual size: 117KB

.rsrc Size: 108KB - Virtual size: 107KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 268KB - Virtual size: 266KB

.data
Size: 100KB - Virtual size: 117KB

.rsrc
Size: 108KB - Virtual size: 107KB