7898f2d9fc3e669792e60d842d16c68429c718031d8da14563da73f2f7e2da8b

Sharing

Copy URL Twitter E-mail

General

Target

7898f2d9fc3e669792e60d842d16c68429c718031d8da14563da73f2f7e2da8b
Size

719KB
MD5

e66ed5023b51d540fb578ad34e46d96a
SHA1

c8b2f27324995b7c90dd5320d7d4a574b8d02f2f
SHA256

7898f2d9fc3e669792e60d842d16c68429c718031d8da14563da73f2f7e2da8b
SHA512

9da956adb3b9f631aa319c3d98ff19e5b2d54058f5062966834d8caf6fb56993a1f23715b013b54b17d682bf8552dfe6319d0ac310eccebf7f2adc61666b0ca1
SSDEEP

12288:3wXPzSEy7NB5eNkEVOjRRqPmb8M7QhCAypJngTq29hgMV+7tmKn67gdGjAj+DFhp:3wXPzSVQNkEVOjRRqPmb8M7QhCAypJn

Score

N/A

Malware Config

Signatures

Files

7898f2d9fc3e669792e60d842d16c68429c718031d8da14563da73f2f7e2da8b
.exe windows x86

f47ec87ddfdb162e7d6711cf3b16094c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

LocalFree
FindClose
FindFirstFileA
GetTickCount
GetDriveTypeA
_lwrite
GetWindowsDirectoryA
GetSystemDirectoryA
CreateDirectoryA
GetVersionExA
FreeLibrary
LoadLibraryA
SetFilePointer
SetEndOfFile
FindNextFileW
CreateFileW
FindFirstFileW
FlushFileBuffers
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetStartupInfoA
GetProcessWorkingSetSize
GetProcessTimes
GetThreadTimes
GlobalMemoryStatus
GetProcessHeap
GetCurrentThreadId
InitializeCriticalSection
SystemTimeToFileTime
GetLocalTime
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
ExitThread
ResumeThread
CreateThread
SetFileAttributesA
GetFileAttributesA
GetSystemTimeAsFileTime
GetFileType
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
FindResourceA
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
HeapSize
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
SetStdHandle
GetFullPathNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
RtlUnwind
InterlockedExchange
VirtualQuery
GetStringTypeA
GetStringTypeW
GetCPInfo
GetLocaleInfoA
GetACP
GetOEMCP
VirtualProtect
GetSystemInfo
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
LoadResource
SizeofResource
LockResource
GetCurrentDirectoryA
GetModuleHandleA
GetProcAddress
GetFileSize
GetModuleFileNameW
WriteFile
GetCurrentThread
GetCurrentProcess
GetLogicalDrives
QueryPerformanceFrequency
QueryPerformanceCounter
QueryDosDeviceA
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
FormatMessageW
GetCurrentProcessId
DefineDosDeviceA
VirtualUnlock
VirtualLock
DeleteFileA
GetLastError
SetLastError
Sleep
SetFilePointerEx
ReadFile
GetDiskFreeSpaceExA
DeviceIoControl
CreateFileA
GetFileTime
GetFileSizeEx
SetFileTime
CloseHandle
GetCommandLineA

user32

SendDlgItemMessageA
MessageBoxA
SetDlgItemTextA
AppendMenuW
AppendMenuA
GetSystemMenu
SystemParametersInfoW
GetClassInfoA
SendDlgItemMessageW
UnhookWindowsHookEx
CallNextHookEx
GetCursorPos
GetCaretPos
GetQueueStatus
GetProcessWindowStation
GetOpenClipboardWindow
GetMessageTime
GetMessagePos
GetInputState
GetFocus
GetDesktopWindow
GetClipboardViewer
GetClipboardOwner
GetCapture
GetActiveWindow
SetWindowsHookExA
DefDlgProcA
UnregisterClassA
LoadIconA
RegisterClassA
SendMessageTimeoutA
BeginPaint
DefWindowProcA
GetClientRect
GetDialogBaseUnits
EndPaint
GetDC
ReleaseDC
KillTimer
GetKeyState
EnumWindows
FindWindowExA
DestroyWindow
ShowWindow
GetWindowRect
CreateDialogParamW
MapDialogRect
MoveWindow
MessageBeep
PostMessageA
GetWindowTextLengthA
DialogBoxParamW
InvalidateRect
SetTimer
MessageBoxW
SetFocus
GetWindowTextA
GetParent
EnableWindow
SendMessageA
SetWindowTextA
wsprintfW
SetWindowTextW
IsWindow
EndDialog
GetDlgItem
SetWindowLongA
EnumChildWindows
GetDlgCtrlID
GetClassNameA
SendMessageW
LoadCursorA
GetUpdateRect
SetCursor

gdi32

GetDeviceCaps
GetStockObject
CreatePen
MoveToEx
LineTo
CreateFontIndirectW
DeleteObject
SelectObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

OpenProcessToken
RegCreateKeyExA
RegSetValueExA
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
OpenServiceA
QueryServiceStatus
ControlService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
StartServiceA
DeleteService
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

SHChangeNotify
SHGetFileInfoA
ShellExecuteA
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListA
DragFinish
DragQueryFileA
DragAcceptFiles
SHGetFolderPathA

Sections

.text
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 406KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f47ec87ddfdb162e7d6711cf3b16094c

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 221KB - Virtual size: 221KB

.rdata Size: 64KB - Virtual size: 64KB

.data Size: 26KB - Virtual size: 109KB

.rsrc Size: 406KB - Virtual size: 405KB

.text
Size: 221KB - Virtual size: 221KB

.rdata
Size: 64KB - Virtual size: 64KB

.data
Size: 26KB - Virtual size: 109KB

.rsrc
Size: 406KB - Virtual size: 405KB