ca97567b88f9148d863d0686ac244cc871331b93fa7e6d0a6fd956dd200793c2

Sharing

Copy URL Twitter E-mail

General

Target

ca97567b88f9148d863d0686ac244cc871331b93fa7e6d0a6fd956dd200793c2
Size

176KB
MD5

89700c1d83adf51cbe48e72eb6ba5cc8
SHA1

b79980ddfbac6e9d02c757bc397468ac93399775
SHA256

ca97567b88f9148d863d0686ac244cc871331b93fa7e6d0a6fd956dd200793c2
SHA512

e5076ce1ba8a6dc7eb5a00eb86e3f83df74759b99399a2a4882ed0946ce91345c06395151787083787f916e24c0e844293b15717f1f47f8fa32e792c4a094fde
SSDEEP

3072:8CoKysjuE3ffyvz0zWLVefZLdvxcvQ0Js9/ai8Fr2A1AihXPdt2q:lFjuE3yvzu+O5yI06/ZYr9hfdt2q

Score

N/A

Malware Config

Signatures

Files

ca97567b88f9148d863d0686ac244cc871331b93fa7e6d0a6fd956dd200793c2
.exe windows x86

647174bc802e6a444c08a3146f023416

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
SetUnhandledExceptionFilter
CreateEventW
GetOEMCP
LoadLibraryW
GetCommandLineW
GetStartupInfoA
SetEvent
FreeEnvironmentStringsW
GetFileType
GetCurrentProcess
HeapReAlloc
HeapDestroy
LoadResource
GetTickCount
SetEndOfFile
TlsSetValue
GetFileSize
CreateThread
GetCurrentProcessId
GetProcessHeap
CreateFileW
Sleep
GetCurrentThreadId
GetCPInfo
HeapSize
FlushFileBuffers
FindFirstFileW
TlsGetValue
GetFileAttributesW
SetErrorMode
GetACP
TlsFree
GetSystemTimeAsFileTime
lstrlenW
GetConsoleMode
RegisterWaitForSingleObject
GetCommandLineA
HeapCreate
VirtualAllocEx
GetModuleHandleA

user32

ReleaseDC
GetSubMenu
SendMessageW
SetCapture
CreateWindowExW
DestroyIcon
AdjustWindowRectEx
GetMenuStringW
CreateWindowExA
SetWindowTextW
MessageBeep
ClientToScreen
PtInRect
OffsetRect
ReleaseCapture
DrawFocusRect
SetWindowLongW
SetWindowPos
GetMenuItemCount
UnregisterClassA
TrackPopupMenu
GetActiveWindow
CheckMenuItem
InflateRect
GetClientRect
SetActiveWindow
RegisterClassW
DestroyMenu
PostMessageW
DefWindowProcW
LoadIconA
LoadStringW
GetMenu
ShowWindowAsync
GetKeyState
DestroyWindow
GetCursorPos
MoveWindow
AllowSetForegroundWindow
SetMenuItemInfoA

shlwapi

PathIsDirectoryA

ole32

OleUninitialize
OleRegGetUserType
StringFromCLSID
CoFreeUnusedLibraries
CreateStreamOnHGlobal
RevokeDragDrop
CoUninitialize
CoInitialize
CLSIDFromProgID
CreateILockBytesOnHGlobal
CLSIDFromString
OleFlushClipboard
CoLockObjectExternal
CoQueryProxyBlanket
CoDisconnectObject
ReleaseStgMedium
StgCreateDocfileOnILockBytes
RegisterDragDrop
CoTaskMemAlloc
CoTaskMemFree
CoRegisterMessageFilter
CoRevokeClassObject
OleRun
GetRunningObjectTable
CoSetProxyBlanket
CoInitializeSecurity
OleIsRunning
CoCreateInstance
CreateBindCtx
CoCreateGuid
OleInitialize
CoGetClassObject

advapi32

CryptCreateHash
RegEnumValueA
RegOpenKeyExA
CryptAcquireContextA
CloseServiceHandle
CryptReleaseContext
RegDeleteValueA
InitializeAcl
InitializeSecurityDescriptor
DeregisterEventSource
GetLengthSid
AdjustTokenPrivileges
RegQueryValueExW
AllocateAndInitializeSid
CryptHashData
RegQueryValueExA
RegEnumKeyExW
LookupPrivilegeValueA
EqualSid
QueryServiceStatus
CryptDestroyHash
OpenThreadToken
GetTokenInformation
RegCloseKey
CryptGenRandom
AddAccessAllowedAceEx
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExA
RegDeleteKeyW
RegSetValueExW
OpenServiceW
FreeSid
RegDeleteValueW
RegEnumValueW
RevertToSelf
RegCreateKeyExA
RegOpenKeyExW
SetSecurityDescriptorDacl
RegDeleteKeyA
RegSetValueExA
OpenProcessToken
CryptAcquireContextW
AddAccessAllowedAce

msimg32

GradientFill

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__dllonexit
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
memcmp
_onexit
__setusermatherr

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

647174bc802e6a444c08a3146f023416

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

ole32

advapi32

msimg32

msvcrt

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 132KB - Virtual size: 237KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 132KB - Virtual size: 237KB

.rsrc
Size: 16KB - Virtual size: 14KB