4181370fbae5e2195a2b110dd9d0c5b17ef3606423b14e79ff3fc3d8c1bcf352

Sharing

Copy URL

Twitter E-mail

General

Target

4181370fbae5e2195a2b110dd9d0c5b17ef3606423b14e79ff3fc3d8c1bcf352
Size

680KB
MD5

89c57c2d4a2116eb640419c0b429b649
SHA1

05154ff397242d871acc807c7339d285b24f175e
SHA256

4181370fbae5e2195a2b110dd9d0c5b17ef3606423b14e79ff3fc3d8c1bcf352
SHA512

4354694a8e16336f5aa39defdde574bc3c04123c3c9722d9e85a2ef8d0b91fa12e2657f5d601b08bae6360c9c4300cc5318c9556b325eb4f63f9241c2868f8da
SSDEEP

12288:QyU7tswtjvhSVefklXhTC6/z5f9FW1Su/sArd+C8XCS67cE5kaK:Qb73v1fENCMFW1SIVrdCXRsbk

Score

N/A

Malware Config

Signatures

Files

4181370fbae5e2195a2b110dd9d0c5b17ef3606423b14e79ff3fc3d8c1bcf352
.exe windows x86

85ee1acd101bed90cbe577e1b187882d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
ImageList_Read
ImageList_LoadImage
ImageList_Remove
ImageList_SetDragCursorImage
ImageList_GetDragImage
ImageList_Create
ImageList_ReplaceIcon
ImageList_Write
ImageList_GetIcon
ImageList_LoadImageW

advapi32

AbortSystemShutdownA
CryptHashSessionKey
RegEnumValueW
RegReplaceKeyW
CreateServiceA
ReportEventA
RegSetValueW
CryptSetProviderExA
CryptAcquireContextW
CryptEnumProviderTypesW
StartServiceA
CryptSetProviderA
GetUserNameA
CreateServiceW
CryptAcquireContextA
RegSaveKeyA
RevertToSelf
RegReplaceKeyA
InitializeSecurityDescriptor
LookupPrivilegeNameA
CryptSignHashA
CryptDuplicateHash
RegDeleteKeyA

user32

ImpersonateDdeClientWindow
LoadCursorFromFileW
DeferWindowPos
GetUserObjectInformationW
EnumDisplayDevicesA
MapVirtualKeyExA
DialogBoxIndirectParamA
DestroyWindow
OpenInputDesktop
SetMessageQueue
RegisterClassExA
CreateWindowExA
MonitorFromWindow
ShowWindow
ExitWindowsEx
MessageBoxA
DdeAbandonTransaction
CopyAcceleratorTableW
GetProcessDefaultLayout
RegisterClassA
IsCharUpperA
ShowWindowAsync
GetUpdateRgn
CallMsgFilterA
DefWindowProcA
PostQuitMessage
DestroyMenu
SendMessageTimeoutA

kernel32

FindClose
InterlockedDecrement
ReadFile
GetFileType
GetEnvironmentStrings
UnhandledExceptionFilter
VirtualQuery
GetTickCount
SetHandleCount
GetEnvironmentStringsW
WriteFile
InterlockedIncrement
WriteConsoleOutputCharacterA
TlsSetValue
GetOEMCP
GetLocalTime
GetStdHandle
SetFilePointer
GetCPInfo
FlushFileBuffers
SetLastError
CreateMutexA
VirtualAlloc
QueryPerformanceCounter
GetCurrentProcess
GetModuleFileNameA
LeaveCriticalSection
FreeEnvironmentStringsW
GetStringTypeW
HeapFree
TlsGetValue
DeleteCriticalSection
GetSystemTimeAsFileTime
LCMapStringW
GetProfileStringA
GetACP
GetCommandLineA
GetTimeZoneInformation
OpenMutexA
GetCurrentThreadId
InitializeCriticalSection
SetEnvironmentVariableA
CloseHandle
HeapAlloc
GetStartupInfoA
GetLastError
GetVersion
VirtualFree
MultiByteToWideChar
FreeEnvironmentStringsA
GetSystemTime
TlsFree
HeapReAlloc
TerminateProcess
WideCharToMultiByte
ExitProcess
GetModuleHandleA
CompareStringA
HeapCreate
GetCurrentProcessId
RtlUnwind
GetProcAddress
GetCurrentThread
InterlockedExchange
LocalFlags
GetStringTypeA
SetStdHandle
TransactNamedPipe
IsBadWritePtr
HeapDestroy
LCMapStringA
TlsAlloc
SetComputerNameW
EnterCriticalSection
CompareStringW
LoadLibraryA

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 380KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85ee1acd101bed90cbe577e1b187882d

Headers

File Characteristics

Imports

comctl32

advapi32

user32

kernel32

Sections

.text Size: 136KB - Virtual size: 134KB

.rdata Size: 380KB - Virtual size: 377KB

.data Size: 136KB - Virtual size: 145KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 136KB - Virtual size: 134KB

.rdata
Size: 380KB - Virtual size: 377KB

.data
Size: 136KB - Virtual size: 145KB

.rsrc
Size: 24KB - Virtual size: 23KB