b144c8f2582f84e49ee4541ce21d22d00604b245fb364374c075eebaa12cb6ce

Sharing

Copy URL Twitter E-mail

General

Target

b144c8f2582f84e49ee4541ce21d22d00604b245fb364374c075eebaa12cb6ce
Size

227KB
MD5

9570cd15b24c93b0452a5bcbd7e12f09
SHA1

950d5cebe47e58e8d0b819f6e63349632e44511d
SHA256

b144c8f2582f84e49ee4541ce21d22d00604b245fb364374c075eebaa12cb6ce
SHA512

23dfcdfd46a054a80ed7cd70854b03565c45fe67032472f789e7e454231e7f4fbcf7cabb672838e3d3cf7991af81cb4ba072f45d2ea59b67cafeb8b44b77595f
SSDEEP

3072:q/2e1jiykkaE5dKvKJZltWRkWTpJitu8xQAei7MxNEndGM/7f+c6fiD:ne9iykqZvlt4k8Jkn+Aei7MxvMQqD

Score

N/A

Malware Config

Signatures

Files

b144c8f2582f84e49ee4541ce21d22d00604b245fb364374c075eebaa12cb6ce
.exe windows x86

50463931d43267902fa0fe644510279d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wininet

InternetSetOptionW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetCloseHandle
InternetCrackUrlW
InternetOpenW
InternetReadFile

kernel32

IsValidLocale
EnumSystemLocalesA
GetVersion
GetProcAddress
GetModuleHandleW
InterlockedDecrement
lstrlenW
InterlockedIncrement
DebugBreak
OutputDebugStringW
lstrlenA
RaiseException
GetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
MultiByteToWideChar
GetFileAttributesW
LoadLibraryW
lstrcmpiW
FreeLibrary
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
FindClose
FindNextFileW
FindFirstFileW
GetTempPathW
CloseHandle
Sleep
CreateMutexW
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
HeapReAlloc
WriteConsoleW
SetStdHandle
CreateFileW
SetEndOfFile
FlushFileBuffers
ReadFile
SetFilePointer
WideCharToMultiByte
GetProcessHeap
FreeEnvironmentStringsW
GetStringTypeW
IsValidCodePage
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetOEMCP
GetEnvironmentStringsW
GetACP
HeapSize
ExitProcess
GetLocaleInfoW
GetStdHandle
InterlockedExchange
InitializeCriticalSection
EncodePointer
DecodePointer
HeapFree
RtlUnwind
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineW
HeapSetInformation
GetStartupInfoW
LCMapStringW
GetCPInfo
IsProcessorFeaturePresent
HeapCreate
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile

user32

wvsprintfW
DestroyWindow
CharNextW
LoadStringW
wsprintfW

advapi32

RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegQueryInfoKeyW

shell32

ShellExecuteExW
SHGetFolderPathW

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc
CoInitialize

oleaut32

VarUI4FromStr

shlwapi

UrlEscapeW

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50463931d43267902fa0fe644510279d

Headers

DLL Characteristics

File Characteristics

Imports

version

wininet

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB