c954dcc3d1b7fbdd6196e32d630ead3df599833d90cfcbf4180ee4785d88d235

Sharing

Copy URL Twitter E-mail

General

Target

c954dcc3d1b7fbdd6196e32d630ead3df599833d90cfcbf4180ee4785d88d235
Size

241KB
MD5

82fad3069cdeccc76ebf2cb303ef4e8d
SHA1

c6ec9f43549918c5b379cc8176879e4b31871b8f
SHA256

c954dcc3d1b7fbdd6196e32d630ead3df599833d90cfcbf4180ee4785d88d235
SHA512

ff05ee0caac0b583b8310fa3b5ce31c90a1cad32a431f7fcfe857702269f1f4da0d5f01a65a892223f1256e8ac4ef2f30d78e3fb33769670446e7885600fdcce
SSDEEP

6144:eV5G3Mn6xCUFLXTs5fj4Gp3K+Be/IUoh089SE:eV5GtxpLDCfjHKDwUo8

Score

N/A

Malware Config

Signatures

Files

c954dcc3d1b7fbdd6196e32d630ead3df599833d90cfcbf4180ee4785d88d235
.exe windows x86

492f66cdcbda50b375abc2a5ae479487

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA
DragQueryFileA
SHGetDesktopFolder

advapi32

RegOpenKeyExA
RegQueryValueA
RegEnumKeyExA
RegDeleteValueA

user32

DestroyWindow
GetIconInfo
EnumChildWindows
DrawIcon
ActivateKeyboardLayout
LoadStringA
SetMenu
PeekMessageA
CharUpperBuffA
CreateIcon
LoadIconA
SetWindowTextA
SendMessageA
GetWindowDC
GetWindowLongA
CreateWindowExA
BeginPaint
IsDialogMessageW
SetMenuItemInfoA
GetMenuItemID
CallWindowProcA
CallNextHookEx
IsRectEmpty
InflateRect
CreateMenu
PeekMessageW
DrawAnimatedRects
LoadKeyboardLayoutA
GetKeyboardLayout
GetKeyNameTextA
GetForegroundWindow
GetFocus
MoveWindow
UnhookWindowsHookEx
GetDlgItem
GetMenuItemInfoA
GetMenu
GetWindowThreadProcessId
InsertMenuA
RemoveMenu
IntersectRect
OemToCharA
DrawIconEx
ShowOwnedPopups
GetWindowLongW
GetMenuItemCount
GetClassNameA
EnumThreadWindows
CharToOemA
DestroyMenu
MapWindowPoints
GetKeyboardLayoutNameA
TranslateMDISysAccel
IsZoomed
SetForegroundWindow
TrackPopupMenu
GetSubMenu
DefWindowProcA
GetCursor
GetCapture
GetClassLongA
MapVirtualKeyA
SendMessageW
ReleaseDC
SetParent
ClientToScreen
RedrawWindow
DrawEdge
CharNextW
DrawFrameControl
LoadBitmapA
GetClassInfoA
FindWindowA
GetKeyState
IsWindow
DestroyIcon
PostQuitMessage
GetMenuStringA
MessageBoxA
InvalidateRect
ChildWindowFromPoint
SetScrollInfo
ScreenToClient
EnableWindow
MessageBeep
CharNextA
SetActiveWindow
InsertMenuItemA
GetScrollPos
IsWindowUnicode
DeleteMenu
TranslateMessage
GetActiveWindow
GetLastActivePopup
EndPaint
EqualRect
GetTopWindow
RemovePropA
SetScrollRange
GetPropA
DefMDIChildProcA
ShowScrollBar
IsWindowEnabled
GetSystemMenu
GetDC
EnableMenuItem
EmptyClipboard
GetMessagePos
PostMessageA
SetWindowPos
EnumWindows
GetScrollInfo
AdjustWindowRectEx
GetCursorPos
GetKeyboardState
RegisterClipboardFormatA
GetClipboardData
GetSysColorBrush
GetWindowPlacement
DispatchMessageA
SetFocus
GetParent
SystemParametersInfoA
FillRect
EnableScrollBar
GetWindow
SetPropA
SetScrollPos
RegisterWindowMessageA
WaitMessage
GetSysColor
SetClassLongA
WindowFromPoint
GetDesktopWindow
CharLowerA
ScrollWindow
SetWindowPlacement
DefFrameProcA
ShowWindow
CreatePopupMenu
GetWindowRect
SetRect
GetKeyboardLayoutList
IsIconic
IsChild
UnregisterClassA
MsgWaitForMultipleObjects
DrawMenuBar
SetWindowsHookExA
RegisterClassA
SetWindowLongW
GetClientRect
GetMenuState
GetSystemMetrics
PtInRect
ReleaseCapture
UpdateWindow
FrameRect
DispatchMessageW
DrawTextA
SetCapture
CharLowerBuffA
IsWindowVisible
CloseClipboard
IsDialogMessageA
wsprintfA
GetWindowTextA
LoadCursorA
GetDCEx
SetCursor
KillTimer
GetKeyboardType

kernel32

IsBadReadPtr
MoveFileA
GetThreadLocale
LockResource
Sleep
GetCurrentProcessId
GetCurrentThreadId
lstrlenA
GetACP
GetStartupInfoA
GetModuleFileNameA
GetCurrentThread
LoadLibraryA
DeleteFileA
GetCommandLineW
GetVersionExA
GetProcAddress
GetOEMCP
EnterCriticalSection
GlobalAlloc
FindFirstFileA
ExitProcess
lstrcmpA
GetLocaleInfoA
GetFileSize
GetCommandLineA
ExitThread
VirtualFree
GetEnvironmentStrings
GetModuleHandleA
CreateThread
VirtualAllocEx

gdi32

GetPaletteEntries
GetRgnBox
GetPixel

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc9
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc6
Size: 512B - Virtual size: 509B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc2
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc8
Size: 512B - Virtual size: 318B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc4
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

492f66cdcbda50b375abc2a5ae479487

Headers

File Characteristics

Imports

shell32

advapi32

user32

kernel32

gdi32

Sections

.text Size: 66KB - Virtual size: 66KB

.data Size: 160KB - Virtual size: 160KB

.rsrc9 Size: 1024B - Virtual size: 777B

.rsrc6 Size: 512B - Virtual size: 509B

.rsrc2 Size: 7KB - Virtual size: 7KB

.rsrc8 Size: 512B - Virtual size: 318B

.rsrc4 Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 984B

.text
Size: 66KB - Virtual size: 66KB

.data
Size: 160KB - Virtual size: 160KB

.rsrc9
Size: 1024B - Virtual size: 777B

.rsrc6
Size: 512B - Virtual size: 509B

.rsrc2
Size: 7KB - Virtual size: 7KB

.rsrc8
Size: 512B - Virtual size: 318B

.rsrc4
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 984B