76b6cba6bc0784ad836a95360ca6919d8bc539cfd4503a0059cd29d76e03b2c4

Sharing

Copy URL Twitter E-mail

General

Target

76b6cba6bc0784ad836a95360ca6919d8bc539cfd4503a0059cd29d76e03b2c4
Size

220KB
MD5

613108bdf5db38986ca0c718a2f4617c
SHA1

8a6eb2830ffe69d86e1fe723f356917ee9204460
SHA256

76b6cba6bc0784ad836a95360ca6919d8bc539cfd4503a0059cd29d76e03b2c4
SHA512

664458a3c9bad7b3e1978b60662a9e462bf5803d89c6e9e34cfcd57bbd387c05cdcb4fbc0501ef044e044503f718f6a00cbb27fc9ff1479617c0f8662ca75870
SSDEEP

6144:U67bHtPPsdifAiyvY4NB61y2Kk+jM43t:ZPssfcY4NBwKBjM4d

Score

N/A

Malware Config

Signatures

Files

76b6cba6bc0784ad836a95360ca6919d8bc539cfd4503a0059cd29d76e03b2c4
.exe windows x86

2ffd748a082556ee75d87469b8f331d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathW
SHFileOperationA
SHGetDesktopFolder
SHGetSettings
SHGetPathFromIDListA
DragQueryPoint
SHAddToRecentDocs

comdlg32

PageSetupDlgA
ChooseFontA

oleaut32

SysFreeString
SysStringLen
SafeArrayCreate
SafeArrayGetLBound
LoadTypeLi
VariantChangeType
SafeArrayUnaccessData
SetErrorInfo
QueryPathOfRegTypeLi

advapi32

DuplicateTokenEx
CryptGetProvParam
GetTokenInformation
BuildTrusteeWithNameW
OpenThreadToken
RegEnumKeyA
GetServiceDisplayNameA
AddAccessAllowedAce
CopySid
CryptSignHashW
BuildTrusteeWithSidW
GetServiceKeyNameW
StartServiceW
EnumDependentServicesW
AllocateLocallyUniqueId
RegEnumKeyW
CryptEncrypt
CryptGenRandom
LookupAccountSidA
QueryServiceObjectSecurity
LockServiceDatabase
GetNamedSecurityInfoW
GetSecurityDescriptorDacl
ImpersonateNamedPipeClient
EnumServicesStatusW
RegSetKeySecurity
RegOpenKeyW
SetFileSecurityW
RegDeleteKeyW
GetServiceDisplayNameW
AdjustTokenPrivileges
LookupPrivilegeNameA
AllocateAndInitializeSid
ReadEventLogW
BuildSecurityDescriptorW
RegUnLoadKeyA
LogonUserA
CryptDecrypt
ImpersonateSelf
CloseEventLog

gdi32

CreateICA
SetDIBColorTable
CreatePolyPolygonRgn
GetTextCharset
RemoveFontResourceA
EqualRgn
SetDIBitsToDevice
SetWinMetaFileBits
MaskBlt
RectInRegion
SetPaletteEntries
CreateRectRgnIndirect
EndPath

version

GetFileVersionInfoA

ole32

OleInitialize
ReadClassStm
CoMarshalInterface
GetRunningObjectTable
CoReleaseServerProcess
CoGetObject
CoSwitchCallContext

ws2_32

WSAGetServiceClassNameByClassIdW
WSAEnumNameSpaceProvidersA
WSAAddressToStringW
WSARecvFrom
WSAGetServiceClassInfoW
WSASetServiceW
WSAEnumProtocolsW
WSALookupServiceEnd
sendto
WSACleanup
WSALookupServiceBeginA
WSAHtons
htonl
WSANtohs
inet_addr
recv
WSAStringToAddressA

kernel32

VirtualProtect
WriteConsoleOutputCharacterA
RemoveDirectoryA
GetLogicalDriveStringsA
LoadLibraryExW
GlobalFindAtomA
CreateFileW
GetComputerNameW
GetEnvironmentStringsW
GetUserDefaultLangID
CopyFileExW
GetCompressedFileSizeW
OutputDebugStringW
FindCloseChangeNotification
GetUserDefaultLCID
SetFileTime
SetProcessWorkingSetSize
SizeofResource
GetCurrentProcess
IsValidLocale
CreatePipe
GetFileInformationByHandle
VirtualLock
VirtualQuery
FormatMessageA
CreateDirectoryExA
EnumCalendarInfoW
GlobalFree
CreateWaitableTimerA
CancelIo
OutputDebugStringA
GetModuleFileNameW
WritePrivateProfileSectionA
EnumSystemCodePagesW
GetTickCount
WritePrivateProfileSectionW
SetConsoleOutputCP
FreeEnvironmentStringsA
GetShortPathNameW
EnumResourceNamesW
SetVolumeLabelA
CreateMutexW
ReadFile
SetCommTimeouts
ExitThread
UnmapViewOfFile
GetFileAttributesA
SetEndOfFile
VirtualAlloc
lstrlenA
TlsGetValue
GetProfileStringA
lstrcpynA
GlobalDeleteAtom
ReadConsoleInputW
GetConsoleCursorInfo
QueryDosDeviceA
PeekNamedPipe
SetConsoleWindowInfo
GetHandleInformation
VirtualUnlock
ReadDirectoryChangesW
lstrcmpiA
GetCurrentDirectoryW
SetMailslotInfo
FindFirstFileExW
ConnectNamedPipe
GetFullPathNameA
SetSystemTime
WritePrivateProfileStringW
lstrcmpiW
FindResourceExW
ReleaseMutex
GetAtomNameA
GenerateConsoleCtrlEvent
FreeResource
CloseHandle
SetThreadAffinityMask
GetVolumeInformationW
CompareStringA
EnumCalendarInfoA
GetStartupInfoA
CreateDirectoryW
GetModuleHandleA
RaiseException
AllocConsole
GetNumberFormatW
CreateMutexA
EnumSystemCodePagesA
EndUpdateResourceA
GetBinaryTypeA
GlobalFindAtomW
ClearCommBreak
MoveFileW
SetProcessShutdownParameters
UnhandledExceptionFilter
SetNamedPipeHandleState
TryEnterCriticalSection
GetTapeStatus
GetPrivateProfileSectionW
FindNextChangeNotification
PeekConsoleInputW
GetCurrentProcessId
RemoveDirectoryW
GetSystemTime
FormatMessageW
SetConsoleMode
CompareStringW
GetBinaryTypeW
GetACP
GetDriveTypeW
WaitNamedPipeA
WriteConsoleOutputW

user32

InsertMenuItemA
AttachThreadInput
GetMonitorInfoA
OpenDesktopA
HideCaret
GetClassInfoA
SystemParametersInfoA
SetProcessDefaultLayout
CreateDesktopW
GetUpdateRgn

msvcrt

fgetwc
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
tmpnam
gmtime
ftell
_ultoa
strtol
_wchdir
strncpy
wctomb
_wstrdate
_mbsdec
ferror
ctime
getenv
mktime
__p__environ
frexp
fputws
strtod
_close
strrchr
puts
getchar
_wsopen
_c_exit
fgetc
_wsplitpath
_wfullpath
ungetc
_strncoll
_ismbcspace
memchr
wcstok
vprintf

Sections

.text
Size: 200KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2ffd748a082556ee75d87469b8f331d0

Headers

File Characteristics

Imports

shell32

comdlg32

oleaut32

advapi32

gdi32

version

ole32

ws2_32

kernel32

user32

msvcrt

Sections

.text Size: 200KB - Virtual size: 198KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 7KB

.text
Size: 200KB - Virtual size: 198KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 7KB