de724aedfe0aef36c92ba6d9a211e03c868607475998f5cafea3a891b9c4dd87

Sharing

Copy URL Twitter E-mail

General

Target

de724aedfe0aef36c92ba6d9a211e03c868607475998f5cafea3a891b9c4dd87
Size

564KB
MD5

16e6cc35396ee8d8815485322f97fa50
SHA1

e2f53384a6a66b973c29d41dad9f6db82a37c8b0
SHA256

de724aedfe0aef36c92ba6d9a211e03c868607475998f5cafea3a891b9c4dd87
SHA512

7bb0bd2070593eedaa938734fb5e1bf2486169db98d84494e78a6b3a4a52df1ddbf8f959949d3a53a4c9fe5b93b0dbed44641a9562a584bf06fdc92c7f360ba9
SSDEEP

12288:wc8X5yX1hEe/iz93y7GAFgga6/VnHzmDYYqt1g:wnX5ylKeA9i7q6/RHSY9

Score

N/A

Malware Config

Signatures

Files

de724aedfe0aef36c92ba6d9a211e03c868607475998f5cafea3a891b9c4dd87
.exe windows x86

3fc5007b575086987473c95d97281dc3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetSetOptionA
HttpQueryInfoA
InternetWriteFile
InternetReadFileExW
InternetOpenUrlW
UpdateUrlCacheContentPath
InternetGetConnectedStateEx

advapi32

DuplicateToken
CryptEnumProvidersA
LookupPrivilegeNameA
CryptDestroyKey
RegSetKeySecurity
CryptGetDefaultProviderW
CryptGetUserKey
RegEnumKeyExW
RegOpenKeyW
RegCreateKeyExA
CryptReleaseContext

user32

GetWindowRect
DrawTextExW
DefWindowProcW
EnumWindows
CallWindowProcA
DestroyWindow
SetProcessDefaultLayout
GetWindowWord
GetDlgItemTextW
CreateWindowExA
PostMessageW
ReleaseDC
RegisterDeviceNotificationW
MessageBoxA
DrawStateW
ShowWindow
RegisterClassW
CreateMDIWindowW
LoadAcceleratorsA
RegisterClassExA
DrawMenuBar
ModifyMenuA
GetClientRect
GetMenuItemCount
RegisterClassA

kernel32

EnumSystemCodePagesA
GetSystemTime
HeapDestroy
GetEnvironmentStrings
FillConsoleOutputAttribute
GetCurrentThread
AllocConsole
GetCommandLineW
DeleteCriticalSection
lstrlen
OutputDebugStringA
GetConsoleTitleW
OpenMutexA
GetCurrentProcess
GetStartupInfoA
ExitProcess
SetThreadContext
GetConsoleCursorInfo
SetConsoleCursorPosition
GetLogicalDrives
FreeEnvironmentStringsW
FindClose
GetVersion
HeapReAlloc
GetCurrentDirectoryA
GetLocalTime
QueryPerformanceCounter
GetLocaleInfoA
LockFile
HeapAlloc
GetStringTypeA
HeapCreate
EnumResourceLanguagesW
lstrcpyW
GetEnvironmentStringsA
CloseHandle
SetConsoleCursorInfo
SetFilePointer
GetStringTypeW
GetCPInfo
GetTimeFormatW
GetStdHandle
GetCurrentProcessId
InterlockedDecrement
HeapFree
GetNamedPipeHandleStateW
EnumResourceNamesA
InitializeCriticalSection
GetOEMCP
EnumCalendarInfoExA
InterlockedExchange
GetDiskFreeSpaceExA
FindFirstFileExW
IsBadWritePtr
GetTickCount
FlushFileBuffers
GetCurrencyFormatW
GetCalendarInfoA
UnmapViewOfFile
GetProcAddress
GetStringTypeExW
GetLongPathNameW
SetConsoleCtrlHandler
LCMapStringA
CreateDirectoryExW
ReadFile
TlsSetValue
SetConsoleCP
lstrcpyn
ReadConsoleOutputCharacterA
GetFileType
EnterCriticalSection
VirtualFree
SetEnvironmentVariableA
LCMapStringW
GetCurrentThreadId
LoadLibraryExW
GetNamedPipeHandleStateA
GetTempFileNameA
TlsFree
OutputDebugStringW
GetPrivateProfileIntA
SetCriticalSectionSpinCount
CreateFileMappingA
CompareStringA
DeleteFileA
GetConsoleCP
GetLastError
RemoveDirectoryA
GetEnvironmentStringsW
TerminateProcess
LeaveCriticalSection
UnlockFileEx
FindResourceW
CommConfigDialogW
TlsGetValue
SetSystemTime
InterlockedIncrement
GetCommandLineA
RtlUnwind
SetHandleCount
RtlZeroMemory
GetPrivateProfileSectionNamesA
GlobalHandle
SetConsoleTitleW
GetCurrencyFormatA
lstrcat
GetSystemTimeAsFileTime
LoadLibraryA
GetModuleFileNameA
GetFullPathNameW
GetUserDefaultLangID
VirtualQuery
WideCharToMultiByte
WriteFile
GlobalFindAtomW
VirtualAlloc
EnumResourceTypesA
FindNextFileW
GetNamedPipeInfo
VirtualUnlock
CreateMutexA
CompareStringW
FreeEnvironmentStringsA
MultiByteToWideChar
GetACP
GetPrivateProfileIntW
RemoveDirectoryW
SetStdHandle
VirtualAllocEx
GetTimeZoneInformation
TlsAlloc
GetModuleHandleA
LocalLock
SetLastError
UnhandledExceptionFilter
FindResourceExA
GlobalFree

comdlg32

LoadAlterBitmap
ChooseFontA

comctl32

ImageList_DrawEx
ImageList_DragLeave
ImageList_LoadImageW
ImageList_SetDragCursorImage
ImageList_AddIcon
MakeDragList
CreateStatusWindowW
ImageList_Duplicate
InitCommonControlsEx
ImageList_Destroy

shell32

InternalExtractIconListA
FindExecutableA
SHGetPathFromIDList

Sections

.text
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fc5007b575086987473c95d97281dc3

Headers

File Characteristics

Imports

wininet

advapi32

user32

kernel32

comdlg32

comctl32

shell32

Sections

.text Size: 172KB - Virtual size: 169KB

.rdata Size: 240KB - Virtual size: 237KB

.data Size: 120KB - Virtual size: 142KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 172KB - Virtual size: 169KB

.rdata
Size: 240KB - Virtual size: 237KB

.data
Size: 120KB - Virtual size: 142KB

.rsrc
Size: 28KB - Virtual size: 27KB