f11b629cd372dedb4bff10fa83bd2a0421a37e3cbaa273cb23cef69ed8a190ec

Sharing

Copy URL Twitter E-mail

General

Target

f11b629cd372dedb4bff10fa83bd2a0421a37e3cbaa273cb23cef69ed8a190ec
Size

235KB
MD5

b87d18339896bd3b2e76db4cf382144e
SHA1

fd35ddd42a9d31382667371f7897344cb75ae77d
SHA256

f11b629cd372dedb4bff10fa83bd2a0421a37e3cbaa273cb23cef69ed8a190ec
SHA512

1028ff921014ec9b760570e859d511cf532609074367f9310170c537e0dd2b2e27423595086dae2ef44356c9f92ac50498561cf7048b9d6239558d79bdcbd93e
SSDEEP

6144:taKqC3XRUVzXxgc06aEqrd403/shp41h0:BXRUZKn6zqrGGsY1h

Score

N/A

Malware Config

Signatures

Files

f11b629cd372dedb4bff10fa83bd2a0421a37e3cbaa273cb23cef69ed8a190ec
.exe windows x86

bcc9ace4bdfd71a0f0c3e8981707923e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryA
GetDateFormatA
MulDiv
lstrcmpiW
GetThreadLocale
GetACP
CreateDirectoryA
OpenWaitableTimerA
OpenWaitableTimerW
GetVolumeInformationA
CreateSemaphoreW
EnumDateFormatsW
lstrcmpW
RaiseException
ExpandEnvironmentStringsW
OpenMutexA
DosDateTimeToFileTime
SetEvent
CreateEventA
GlobalGetAtomNameA
GetSystemDirectoryW
lstrcpynW
CopyFileA
SearchPathA
BeginUpdateResourceA
SystemTimeToFileTime
GetTempPathA
ReplaceFileW
EnumDateFormatsA
GetWindowsDirectoryA
GetProcAddress
SleepEx
GlobalDeleteAtom
AddAtomA
GetModuleHandleA
GetShortPathNameA
CreateMailslotA
GetSystemDefaultLangID
ConnectNamedPipe
SetComputerNameA
CompareFileTime
GetComputerNameA
GetExpandedNameW
FatalAppExitA
TlsAlloc
MultiByteToWideChar
GetDiskFreeSpaceW
GetTimeFormatA
SetLocaleInfoW
GetSystemTime
GetNumberFormatA
FindAtomW
GetStartupInfoW
AddAtomW
GetUserDefaultLangID

user32

ShowCaret
CharPrevW
EnumWindowStationsW
PostMessageW
CreateDialogParamA
RegisterClassExA
CreateDesktopA
GetFocus
GetMessageW
LoadIconW
LoadIconA
GetMenuItemRect
wvsprintfA
GetMenuItemCount
FindWindowA
SetDlgItemInt
InvalidateRgn
CreateDesktopW
SetWindowRgn
MonitorFromPoint
wvsprintfW
SetFocus
GetKeyboardType
RegisterWindowMessageA
GetMenuStringW
WinHelpW
SetWindowTextA
IsWindow
GetCaretPos
RegisterClassA
DefWindowProcA
GetMenuItemID
CreatePopupMenu
CharNextW
PostMessageA
OffsetRect
CreateAcceleratorTableA
PostQuitMessage
LoadBitmapA
MessageBeep
GetMenuItemInfoW
RegisterWindowMessageW
WaitMessage
GetTopWindow
FindWindowW
wsprintfA
GetWindowDC
SetCursor
SetMenu
LoadCursorA

gdi32

CreateScalableFontResourceW
CreateBrushIndirect
SetEnhMetaFileBits
CreateFontIndirectExA
RemoveFontResourceExA
ExtCreateRegion
CreatePatternBrush
CreateDIBSection
CreateFontIndirectExW
SelectBrushLocal
GetEnhMetaFileW
CreatePolygonRgn
CreateColorSpaceA
RemoveFontResourceW
CreateSolidBrush
GetStockObject
CreateFontW
UpdateICMRegKeyA
StretchDIBits
CreateEllipticRgn
GetEnhMetaFilePixelFormat
GetEnhMetaFileA
CreateFontIndirectW

advapi32

LsaLookupNames

shell32

ShellExecuteEx
SHBrowseForFolderA
StrRStrIA
DuplicateIcon
ExtractIconA

comctl32

InitCommonControls
FlatSB_EnableScrollBar
InitializeFlatSB
ImageList_DragMove
ImageList_AddMasked

ole32

CoGetPSClsid
CoGetMalloc
GetClassFile
OleCreateEx
OleUninitialize

version

VerLanguageNameA
GetFileVersionInfoSizeA

wininet

InternetGetLastResponseInfoW
GopherCreateLocatorW
InternetSetDialStateA
GopherFindFirstFileW
InternetGoOnline
FindNextUrlCacheEntryExW
FtpDeleteFileW
SetUrlCacheConfigInfoA
InternetGetCookieExA
GopherGetLocatorTypeW
InternetGoOnlineW
InternetConfirmZoneCrossing
SetUrlCacheEntryGroupW
HttpCheckDavCompliance
FtpGetCurrentDirectoryW
DeleteUrlCacheContainerA
FindFirstUrlCacheGroup
InternetSecurityProtocolToStringW
GetUrlCacheHeaderData

inetcomm

HrGetLastOpenFileDirectory
MimeOleAlgNameFromSMimeCap
MimeGetAddressFormatW
MimeOleGetPropW
CreateNNTPTransport
MimeOleGetPropertySchema
MimeOleSMimeCapGetHashAlg
MimeOleInetDateToFileTime
EssSignCertificateDecodeEx
MimeOleCreateByteStream
MimeEditDocumentFromStream
HrGetDisplayNameWithSizeForFile
MimeOleGetDefaultCharset

oledlg

OleUIEditLinksA
OleUIPromptUserW
OleUIPromptUserA
OleUIUpdateLinksW
OleUIChangeSourceA
OleUICanConvertOrActivateAs
OleUIChangeSourceW
OleUIPasteSpecialW
OleUIBusyW
OleUIInsertObjectW

crypt32

CertGetEnhancedKeyUsage
CertFindSubjectInSortedCTL
CryptCloseAsyncHandle
I_CertProtectFunction
CryptSignHashU
CertVerifyRevocation
I_CryptGetTls
CertFindAttribute
CertCreateSelfSignCertificate
I_CryptCreateLruEntry
CryptMsgOpenToDecode
CertEnumPhysicalStore
CertUnregisterPhysicalStore
CryptFindOIDInfo

crtdll

tmpfile
_osminor_dll
strncpy
atol
strchr
_tempnam
_mbcjmstojis
_fdopen
_fpieee_flt
_onexit

mfcsubs

?Release@CString@@KGXPAUCStringData@@@Z
?ConcatInPlace@CString@@IAEXHPBG@Z
??YCString@@QAEABV0@ABV0@@Z
??_7CObject@@6B@
?SetAt@CMapStringToPtr@@QAEXPBGPAX@Z
??1CCriticalSection@@UAE@XZ
?SetAtGrow@CStringArray@@QAEXHPBG@Z
?FormatMessageW@CString@@QAAXPBGZZ
?ReleaseBuffer@CString@@QAEXH@Z
?AllocBeforeWrite@CString@@IAEXH@Z
?RemoveAll@CMapStringToPtr@@QAEXXZ
??_FCMapStringToPtr@@QAEXXZ
?GetUpperBound@CStringArray@@QBEHXZ

Sections

.r
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DMgs
Size: 2KB - Virtual size: 48KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.O
Size: 178KB - Virtual size: 324KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IYyReG
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Z
Size: 3KB - Virtual size: 44KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VOUP
Size: 1KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcc9ace4bdfd71a0f0c3e8981707923e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

version

wininet

inetcomm

oledlg

crypt32

crtdll

mfcsubs

Sections

.r Size: 17KB - Virtual size: 17KB

.DMgs Size: 2KB - Virtual size: 48KB

.rdata Size: 7KB - Virtual size: 6KB

.O Size: 178KB - Virtual size: 324KB

.IYyReG Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 13KB

.Z Size: 3KB - Virtual size: 44KB

.VOUP Size: 1KB - Virtual size: 20KB

.rsrc Size: 11KB - Virtual size: 11KB

.reloc Size: 1024B - Virtual size: 4KB

.r
Size: 17KB - Virtual size: 17KB

.DMgs
Size: 2KB - Virtual size: 48KB

.rdata
Size: 7KB - Virtual size: 6KB

.O
Size: 178KB - Virtual size: 324KB

.IYyReG
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 13KB

.Z
Size: 3KB - Virtual size: 44KB

.VOUP
Size: 1KB - Virtual size: 20KB

.rsrc
Size: 11KB - Virtual size: 11KB

.reloc
Size: 1024B - Virtual size: 4KB