9487dfc85770fe3305f40e17744a01421a8950e09410650b139f3e8588c3dd4c

Sharing

Copy URL Twitter E-mail

General

Target

9487dfc85770fe3305f40e17744a01421a8950e09410650b139f3e8588c3dd4c
Size

360KB
MD5

53046d7d8c18fd60ec8fb441b73f50ab
SHA1

4e47e9c51897c78fc1683789f56f6068d65a75df
SHA256

9487dfc85770fe3305f40e17744a01421a8950e09410650b139f3e8588c3dd4c
SHA512

c4e9ac39bfd16bdd06cc765dff6020eb87059c8fc667abd2f1a673ba97c31e5c3fa00d9a1d854edbf0fe092a157c967c72b6274a22a0a6ca93f025b7036bbb80
SSDEEP

6144:wZqJj3e5o8BiheHCrI3Chz+OjpbtekjLfctRDUNBsW+QRzCGW:wZqJj3e5VAheircez+ONbtTjLfcz4NFu

Score

N/A

Malware Config

Signatures

Files

9487dfc85770fe3305f40e17744a01421a8950e09410650b139f3e8588c3dd4c
.exe windows x86

531f166360e72ce94ab503f538f2a67b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

ws2_32

inet_ntoa
WSACleanup
gethostbyname
gethostname
WSAStartup

kernel32

GetFileSize
SetFilePointer
ReadFile
DeleteFileA
GetShortPathNameA
GetEnvironmentVariableA
LocalFree
LocalAlloc
Sleep
GetLastError
MapViewOfFile
CreateFileMappingA
WriteFile
SetEndOfFile
GetFileAttributesExA
SetFileAttributesA
CopyFileA
FindNextFileA
FindClose
FindFirstFileA
RemoveDirectoryA
CreateDirectoryA
MoveFileA
GetTempPathA
GetWindowsDirectoryA
GetLogicalDrives
GetFileAttributesA
GetTickCount
SetThreadPriority
SetPriorityClass
GetCurrentThread
GetCurrentProcess
GetSystemTime
GetTempFileNameA
OutputDebugStringA
GetVersionExA
HeapFree
HeapAlloc
GetProcessHeap
CreateFileW
FindFirstFileW
MultiByteToWideChar
lstrlenA
GetDiskFreeSpaceA
GetUserDefaultLangID
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
LoadResource
FindResourceA
UnmapViewOfFile
DeleteCriticalSection
GetCurrentThreadId
RaiseException
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GlobalFree
GlobalHandle
lstrlenW
lstrcmpA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
MulDiv
SizeofResource
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
VirtualQueryEx
GetSystemInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
SetUnhandledExceptionFilter
FlushFileBuffers
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
SetStdHandle
GetStdHandle
SetHandleCount
GetCPInfo
GetOEMCP
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineA
GetStartupInfoA
HeapReAlloc
VirtualQuery
VirtualAlloc
VirtualProtect
GetFileType
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
ExitProcess
RtlUnwind
GetFileTime
SetFileTime
GetModuleHandleA
CreateThread
WaitForSingleObject
TerminateThread
VirtualProtectEx
WriteProcessMemory
TerminateProcess
DeviceIoControl
GetModuleFileNameA
SetCurrentDirectoryA
CreateFileA
FreeLibrary
GetVersion
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
CloseHandle
OpenProcess
ReadProcessMemory
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetLogicalDriveStringsA
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentDirectoryA
SetLastError

user32

GetDesktopWindow
CharNextA
GetClassNameA
RedrawWindow
IsWindow
BeginPaint
FillRect
EndPaint
ReleaseDC
GetFocus
DestroyAcceleratorTable
GetSysColor
DefWindowProcA
CreateAcceleratorTableA
SetWindowContextHelpId
SetWindowPos
CreateWindowExA
IsChild
GetDC
ReleaseCapture
SetCapture
InvalidateRgn
RegisterClassExA
SendMessageA
SetWindowTextA
GetParent
MessageBoxA
CharUpperA
GetActiveWindow
EndDialog
DialogBoxParamA
SendDlgItemMessageA
GetClassInfoExA
RegisterWindowMessageA
GetWindowTextA
GetWindowTextLengthA
wsprintfA
UnregisterClassA
ShowWindow
MapWindowPoints
SystemParametersInfoA
GetWindowRect
DialogBoxIndirectParamA
DestroyWindow
MapDialogRect
GetCursorPos
ScreenToClient
GetClientRect
PtInRect
SetTimer
InvalidateRect
WindowFromPoint
KillTimer
LoadCursorA
SetCursor
CallWindowProcA
GetDlgCtrlID
GetSysColorBrush
LoadIconA
SetWindowLongA
SetDlgItemTextA
GetWindowLongA
GetSystemMenu
EnableMenuItem
GetDlgItem
EnableWindow
SetFocus
GetWindow

gdi32

CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteDC
GetDeviceCaps
CreateFontIndirectA
SelectObject
SetTextColor
GetStockObject
DeleteObject
GetObjectA
SetBkMode

advapi32

DeleteService
RegQueryInfoKeyA
RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumValueA
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
CloseServiceHandle
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
ControlService
QueryServiceStatus
EnumServicesStatusA

shell32

ShellExecuteA

ole32

CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
OleLockRunning
OleUninitialize
OleInitialize
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
CoTaskMemRealloc

oleaut32

LoadTypeLi
VarUI4FromStr
OleCreateFontIndirect
SysStringByteLen
VariantClear
VariantInit
LoadRegTypeLi
SysAllocString
SysStringLen
SysAllocStringLen
SysFreeString
GetErrorInfo
VariantChangeType
SetErrorInfo
CreateErrorInfo

Sections

.text
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

531f166360e72ce94ab503f538f2a67b

Headers

File Characteristics

Imports

comctl32

version

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 216KB - Virtual size: 212KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 216KB - Virtual size: 212KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 104KB - Virtual size: 104KB