95961a3e887f816339091fd9e0465ad143707f1ad78fc39aad84937be0f16858

Sharing

Copy URL Twitter E-mail

General

Target

95961a3e887f816339091fd9e0465ad143707f1ad78fc39aad84937be0f16858
Size

56KB
MD5

0cc5ca543e0e8662baa33f79a116ef9e
SHA1

689c2218479a0d436131642cd41deed99005e035
SHA256

95961a3e887f816339091fd9e0465ad143707f1ad78fc39aad84937be0f16858
SHA512

e36e4f596b01139f267f76d1b163911f540f1207a4b9e1bd00b09523ade5dac8eb3626b99a46d869b56521292c9ca4dc5bc4b25464d1d422cbc7dcdf49e3511d
SSDEEP

768:GV+ibz//D+8m4X2EUIb6rUBjTW1mNL7Y:GV+QdRBAAN

Score

N/A

Malware Config

Signatures

Files

95961a3e887f816339091fd9e0465ad143707f1ad78fc39aad84937be0f16858
.exe windows x86

75d43c8f251956fb4d01f063f516f851

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetModuleFileNameA
ExitProcess
CreateDirectoryA
CreateFileA
CopyFileA
DeleteFileA
TerminateThread
WriteFile
ExitThread
lstrlenA
GetDriveTypeA
FindFirstFileA
FindNextFileA
FindClose
Process32First
GetFileAttributesA
OpenProcess
CreateToolhelp32Snapshot
Process32Next
TerminateProcess
GetCurrentThread
GetLastError
CloseHandle
GetLocaleInfoA
lstrcatA
Sleep
GlobalMemoryStatus
GetVersionExA
GetModuleHandleA
GetSystemInfo
lstrcpyA
GetComputerNameA
LocalAlloc
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryA
MoveFileA
GetStartupInfoA

user32

wsprintfA
GetSystemMetrics
PostQuitMessage
GetWindowTextA
GetForegroundWindow
GetWindow
IsWindowVisible
ShowWindow
DispatchMessageA
MessageBoxA
GetMessageA
CreateDialogParamA
SendMessageA
ToAsciiEx
ToUnicodeEx
GetKeyState
GetKeyboardState
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
ExitWindowsEx
DialogBoxParamA
TranslateMessage

gdi32

CreateDCA
CreateCompatibleDC
DeleteObject
RestoreDC
BitBlt
SelectObject
SaveDC
DeleteDC
CreateDIBSection
GetDeviceCaps

advapi32

AllocateAndInitializeSid
InitiateSystemShutdownA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
RegCreateKeyA
RegSetValueExA
OpenThreadToken
GetTokenInformation
EqualSid
FreeSid
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
OpenProcessToken
QueryServiceConfigA
OpenServiceA
EnumServicesStatusA
OpenSCManagerA
GetUserNameA

shell32

ShellExecuteA

wsock32

WSAGetLastError
send
gethostname
WSACleanup
WSAStartup
closesocket
WSASetLastError
recv
WSAAsyncSelect
connect
gethostbyname
inet_addr
socket
htons
ioctlsocket

gdiplus

GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdipGetImageEncoders
GdipGetImageEncodersSize

urlmon

URLDownloadToFileA

msvcrt

__CxxFrameHandler
wcscmp
free
fgets
strstr
fclose
malloc
memcpy
strcpy
strcat
strlen
printf
fread
fopen
memset
realloc
strcmp
fseek
ftell
fwrite
atoi
sprintf
_snprintf
rand
srand
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
time
_EH_prolog

userenv

GetUserProfileDirectoryA

Exports

Exports

?KeyEvent@@YGJHIJ@Z

Sections

.data
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

75d43c8f251956fb4d01f063f516f851

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

wsock32

gdiplus

urlmon

msvcrt

userenv

Exports

Exports

Sections

.data Size: 54KB - Virtual size: 54KB

.rsrc Size: 512B - Virtual size: 68KB

.data
Size: 54KB - Virtual size: 54KB

.rsrc
Size: 512B - Virtual size: 68KB