b23a176cdd552a05c689af9f6c13999baf311bfd3da360ad8e3cc54dd5c2bad6

Sharing

Copy URL Twitter E-mail

General

Target

b23a176cdd552a05c689af9f6c13999baf311bfd3da360ad8e3cc54dd5c2bad6
Size

301KB
MD5

98d6c823bafe06b8adbaf45b480f1687
SHA1

0ef1b04412606dd6b9bdd616db57ab9c9336a959
SHA256

b23a176cdd552a05c689af9f6c13999baf311bfd3da360ad8e3cc54dd5c2bad6
SHA512

824b6e7a22312c5f5e0cbeb2d3610aa9eb5633a6e61062cb043613dfc0806614126329fa2d298cf6d6a5b219d485fdfcbf8c1e158b5573b9d470037755de3e6e
SSDEEP

6144:dJu+ZB+p+9qediTjMLRkDXUefoz2cwF1oJlx00zbNTs8dyt:drB+p+VinSHr/bJl3n9h

Score

N/A

Malware Config

Signatures

Files

b23a176cdd552a05c689af9f6c13999baf311bfd3da360ad8e3cc54dd5c2bad6
.exe windows x86

dcf6b563e00ecb3ca5d526c0f9388440

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
VirtualQuery
MapViewOfFileEx
CreateFileW
CreateSemaphoreA
CreateFileA
SystemTimeToFileTime
FindClose
GetPrivateProfileStringW
SwitchToThread
WriteProfileStringA
GetPrivateProfileSectionA
TerminateProcess
GetLocaleInfoW
GetFileSizeEx
TlsSetValue
GetCurrentThreadId
SetLastError
GlobalSize
GetDiskFreeSpaceExW
SearchPathW
GetCPInfo
GetStringTypeExW
TlsGetValue
FreeEnvironmentStringsA
GetFileAttributesA
DosDateTimeToFileTime
OpenMutexA
FindResourceA
GetFileInformationByHandle
GetSystemDefaultLCID
GetUserDefaultLCID
SizeofResource
TerminateThread
RemoveDirectoryA
QueryPerformanceFrequency
DuplicateHandle
FormatMessageA
LoadLibraryExA
FlushInstructionCache
GetTimeFormatW
SetFilePointer
IsDBCSLeadByte
IsBadCodePtr
CompareStringW
GlobalAddAtomW
lstrcmpA
WritePrivateProfileStringA
FindFirstFileW
CreateProcessW
HeapReAlloc
GetFileAttributesW
WideCharToMultiByte
SetStdHandle
GetEnvironmentVariableW
CreateFileMappingA
SearchPathA
InitializeCriticalSection
QueryPerformanceCounter
OpenProcess
FreeLibrary
HeapSize
GetDateFormatA
GetStringTypeW
SetFileTime
GetModuleFileNameW
WritePrivateProfileSectionA
QueryDosDeviceW
CreateDirectoryW
GetLongPathNameW
SetNamedPipeHandleState
MapViewOfFile
SetFilePointerEx
SetFileAttributesW
CreateFileMappingW
LCMapStringW
LCMapStringA
GetStringTypeA
MultiByteToWideChar
LoadLibraryA
HeapAlloc
GetOEMCP
GetACP
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
WriteFile
RtlUnwind
HeapFree
VirtualFree
GetExitCodeProcess
GetVolumeInformationA
GetLocalTime
CompareFileTime
GetPrivateProfileIntW
GetUserDefaultLangID
GetProcessTimes
ResumeThread
IsValidCodePage
IsBadReadPtr
SetEvent
lstrcpyA
GetShortPathNameA
FileTimeToLocalFileTime
Process32NextW
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetLastError
TlsAlloc
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
OpenEventA
VirtualAlloc
ExpandEnvironmentStringsA
lstrlenA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetProcAddress
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA

gdi32

CloseMetaFile
GetEnhMetaFileHeader

oleaut32

SafeArrayPutElement

user32

GetWindowRgn
GetSystemMenu
GetAsyncKeyState
EmptyClipboard
SetWindowTextW
DispatchMessageW
TrackMouseEvent
SetWindowPlacement
CreateIconIndirect
ReplyMessage
SendMessageTimeoutW
GrayStringA
WindowFromPoint
GetClipboardData
GetWindowLongA

comdlg32

CommDlgExtendedError
ChooseColorA
GetOpenFileNameA

shlwapi

PathIsUNCW
SHGetValueW
PathFindFileNameA

advapi32

GetAce
RegSetValueExW
RegSetValueExA
RegNotifyChangeKeyValue
ConvertSidToStringSidW
OpenServiceW
SetSecurityDescriptorDacl
GetSidLengthRequired
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenThreadToken
GetSecurityInfo
CryptAcquireContextA
AllocateAndInitializeSid
GetAclInformation

ole32

OleLoadFromStream
CoRegisterClassObject
OleSetMenuDescriptor
OleGetClipboard
CLSIDFromProgID
WriteClassStg

shell32

Shell_NotifyIconA
DragFinish
SHBrowseForFolderW

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoW

comctl32

ImageList_Create
ImageList_LoadImageW
ImageList_Remove

Sections

.text
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dcf6b563e00ecb3ca5d526c0f9388440

Headers

File Characteristics

Imports

kernel32

gdi32

oleaut32

user32

comdlg32

shlwapi

advapi32

ole32

shell32

version

comctl32

Sections

.text Size: 262KB - Virtual size: 261KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 17KB - Virtual size: 19KB

.rsrc Size: 1024B - Virtual size: 752B

.text
Size: 262KB - Virtual size: 261KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 17KB - Virtual size: 19KB

.rsrc
Size: 1024B - Virtual size: 752B