aff586b80a498b23a4fbcb2a5a4b5964c3b7a38c65afa56b193b5773d0fda213

Sharing

Copy URL Twitter E-mail

General

Target

aff586b80a498b23a4fbcb2a5a4b5964c3b7a38c65afa56b193b5773d0fda213
Size

92KB
MD5

a217eeb8a2788dedf81e466f840674de
SHA1

5ad46d82b2c3cde740a002637f978d3be8416086
SHA256

aff586b80a498b23a4fbcb2a5a4b5964c3b7a38c65afa56b193b5773d0fda213
SHA512

8bbf577de88cd1eff75a327900945ac30e03bb81c4987930d4bca33291e0a0d62f561e5b69a84c8bf622c16b4f41d4ea9b7bb11881e202fbdd7b213a92777cec
SSDEEP

1536:kda4C9UaAKW4iaQIZBj4bvI3kTmiHWqqK24eWwpt:23CqWKaybvlWxK/ebpt

Score

N/A

Malware Config

Signatures

Files

aff586b80a498b23a4fbcb2a5a4b5964c3b7a38c65afa56b193b5773d0fda213
.exe windows x86

7b9e35098ba32a42939bd78cd994d94c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
CreateFileA
InitializeCriticalSection
Sleep
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetModuleHandleA
GetCurrentThreadId
ExitProcess
GetProcAddress
ReadFile
GetModuleHandleW
SystemTimeToFileTime
GetModuleFileNameW
GetSystemTime
CloseHandle
WriteFile
LoadLibraryA
CreateFileW
GetShortPathNameW
GetSystemDirectoryW
SearchPathA
WinExec
GetShortPathNameA
DeleteFileA
GetModuleFileNameA
LoadLibraryExW
GetTickCount
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
SetLastError
GetLastError
HeapFree
HeapAlloc
GetVersionExA
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
RtlUnwind
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree

user32

SwitchDesktop
FillRect
SetThreadDesktop
RegisterHotKey
GetMessageW
CloseDesktop
MessageBoxW
CreateWindowExW
ShowWindow
RegisterClassExW
GetThreadDesktop
UnregisterClassW
LoadCursorW
KillTimer
SetTimer
PostQuitMessage
EndPaint
CreateDesktopW
BeginPaint
DefWindowProcW
GetWindowTextW
ReleaseDC
GetWindowLongW
RedrawWindow
GetClientRect
DrawTextW
GetWindowDC
GetWindowRect
GetDesktopWindow
UpdateWindow
DispatchMessageW
TranslateMessage

gdi32

GetDIBits
BitBlt
SetDIBitsToDevice
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
TextOutW
SetTextColor
SetBkMode
CreateFontW
LineTo
MoveToEx
DeleteObject
Rectangle
CreateSolidBrush
CreatePen
DeleteDC

advapi32

RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

wininet

InternetCrackUrlW
InternetOpenW
HttpOpenRequestW
HttpSendRequestW
InternetReadFile
InternetCloseHandle
InternetConnectW

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b9e35098ba32a42939bd78cd994d94c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

rpcrt4

wininet

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 16B

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 16B