96a6efc0f60433f67a83475fb6ac7c75786d9d73cb31df2457bacb02ae6fb16f

Sharing

Copy URL Twitter E-mail

General

Target

96a6efc0f60433f67a83475fb6ac7c75786d9d73cb31df2457bacb02ae6fb16f
Size

1.1MB
MD5

7eccf77946b1deab99f481b988876920
SHA1

2d903d13c7d8209968c43895f2694cf00f66c5ac
SHA256

96a6efc0f60433f67a83475fb6ac7c75786d9d73cb31df2457bacb02ae6fb16f
SHA512

26f264ea168d265efdfc9ce815c2e5f8e013d3f2bd1de3d3f37032ff08166a8a2307ab52c114b035ecb3a6d3143121f83b1fe3c0468185ce18cfd7e240a32790
SSDEEP

24576:XOxnI7ySWPL9rgMyZG//+9jxjq7nP4bje7YE:XOm7ySq9rry1xW7QbiB

Score

N/A

Malware Config

Signatures

Files

96a6efc0f60433f67a83475fb6ac7c75786d9d73cb31df2457bacb02ae6fb16f
.exe windows x86

b7b66de828b447052ba7255c247354b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
CreateEventW
SuspendThread
WaitForSingleObject
SetEvent
GetVersionExW
OpenProcess
GetLocalTime
GetLongPathNameW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
Sleep
CreateProcessW
GetStartupInfoW
GetFileSizeEx
MoveFileExW
SetFileAttributesW
GlobalUnlock
GlobalLock
GlobalAlloc
GetExitCodeProcess
GetSystemInfo
GetModuleHandleA
CreateMutexW
GetPrivateProfileStringW
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
GetStartupInfoA
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStdHandle
HeapSize
HeapCreate
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GetFileType
SetFilePointer
SystemTimeToFileTime
LocalFileTimeToFileTime
SetEndOfFile
WriteFile
SetFilePointerEx
ReadFile
GetEnvironmentVariableW
SetEnvironmentVariableW
TlsFree
TlsAlloc
OpenThread
TlsSetValue
TlsGetValue
ReleaseMutex
CreateFileA
GetSystemTimeAsFileTime
FormatMessageW
GetSystemTime
LocalFree
WideCharToMultiByte
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
ExitProcess
FindFirstFileW
FindNextFileW
FindClose
GetTempPathW
GetTempFileNameW
DeleteFileW
LoadLibraryW
GetProcAddress
CreateFileW
DeviceIoControl
CloseHandle
GetCurrentProcessId
lstrlenA
OutputDebugStringW
DebugBreak
GetCommandLineW
lstrcmpiW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
TerminateProcess
MultiByteToWideChar
FreeLibrary
InitializeCriticalSection
GetLastError
lstrlenW
GetModuleFileNameW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
DeleteCriticalSection
RaiseException
GetCurrentThreadId
SetLastError
GetCurrentProcess
SetHandleCount

user32

WaitForInputIdle
IsRectEmpty
ClientToScreen
FillRect
SetFocus
EndDialog
OpenClipboard
EmptyClipboard
DefWindowProcW
UnregisterClassA
MonitorFromPoint
DestroyMenu
GetSubMenu
MessageBoxW
SetForegroundWindow
SetClipboardData
CloseClipboard
GetActiveWindow
FindWindowW
GetShellWindow
CreateDialogParamW
DispatchMessageW
TranslateMessage
GetMessageW
EnableMenuItem
TrackPopupMenu
LoadMenuW
DrawIconEx
FindWindowExW
TrackMouseEvent
DrawTextW
InflateRect
GetAsyncKeyState
CallWindowProcW
EndPaint
BeginPaint
OffsetRect
SetWindowRgn
SetDlgItemTextW
DestroyIcon
UpdateWindow
EnableWindow
PtInRect
GetCursorPos
SetCursor
RegisterClassExW
LoadCursorW
GetClassInfoExW
EnumWindows
GetWindowThreadProcessId
GetWindowTextW
CopyRect
ScreenToClient
CreateWindowExW
GetDC
ReleaseDC
GetParent
GetWindow
GetWindowRect
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
KillTimer
SetTimer
InvalidateRect
GetWindowPlacement
SetWindowTextW
SendMessageW
GetClientRect
PostQuitMessage
GetSystemMetrics
LoadImageW
RegisterWindowMessageW
BringWindowToTop
SetWindowPos
GetDlgItem
CharLowerW
MoveWindow
RedrawWindow
IsWindow
IsWindowVisible
LoadStringW
wvsprintfW
DialogBoxParamW
PostMessageW
IsIconic
SendMessageTimeoutW
GetClassInfoW
RegisterClassW
CharNextW
SetWindowLongW
ShowWindow
DestroyWindow
PeekMessageW

gdi32

CreatePolygonRgn
DeleteObject
SetBkColor
EnumFontFamiliesW
SelectObject
SetTextColor
MoveToEx
LineTo
CreateRoundRectRgn
SaveDC
RestoreDC
SetBkMode
BitBlt
CreateCompatibleDC
SetViewportOrgEx
CreateCompatibleBitmap
CreateSolidBrush
DeleteDC
CreatePen
ExtTextOutW
CombineRgn
CreateFontW

advapi32

RegDeleteKeyW
GetTokenInformation
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
DuplicateTokenEx
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegQueryValueExA

shell32

ShellExecuteW
SHGetFolderPathW
ShellExecuteExW
SHGetSpecialFolderPathW
ExtractIconExW
SHGetFileInfoW
ord680

ole32

CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

SysStringByteLen
SysAllocStringByteLen
VariantClear
VariantInit
SysStringLen
SysFreeString
SysAllocString
VarUI4FromStr

shlwapi

SHGetValueA
PathFindExtensionW
StrCmpIW
StrToIntW
SHSetValueW
StrCmpW
SHGetValueW
PathFileExistsW
PathIsRelativeW
PathAppendW
PathRemoveFileSpecW
PathCombineW

comctl32

InitCommonControlsEx
_TrackMouseEvent

setupapi

SetupIterateCabinetW

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameW
GetModuleFileNameExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

Sections

.text
Size: 552KB - Virtual size: 551KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7b66de828b447052ba7255c247354b1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

setupapi

psapi

version

Sections

.text Size: 552KB - Virtual size: 551KB

.rdata Size: 95KB - Virtual size: 94KB

.data Size: 23KB - Virtual size: 31KB

.rsrc Size: 181KB - Virtual size: 180KB

.reloc Size: 35KB - Virtual size: 34KB

.text
Size: 552KB - Virtual size: 551KB

.rdata
Size: 95KB - Virtual size: 94KB

.data
Size: 23KB - Virtual size: 31KB

.rsrc
Size: 181KB - Virtual size: 180KB

.reloc
Size: 35KB - Virtual size: 34KB