437152768f9bd41c8884eafb0fec58942b18fed29b52a0f0395d8397bcdc6ef0

Sharing

Copy URL Twitter E-mail

General

Target

437152768f9bd41c8884eafb0fec58942b18fed29b52a0f0395d8397bcdc6ef0
Size

176KB
MD5

55dce7da848662fd013e058cc5a58a3e
SHA1

4c86d5a88824d9743e35a646a7104713faa28808
SHA256

437152768f9bd41c8884eafb0fec58942b18fed29b52a0f0395d8397bcdc6ef0
SHA512

dddb1872b85fee8b73132eb080da7ee7692225e52aea57cddecf558837f40d724a7cb76263464f771e6432795bf9c092116b8aa6e1019d5acd095f4ab9108f52
SSDEEP

3072:8CoKysjuE3ffyvz0zWLVefZLdvxcvQ0Js9/ai8Fr2A1AihXdt2q:lFjuE3yvzu+O5yI06/ZYr9htt2q

Score

N/A

Malware Config

Signatures

Files

437152768f9bd41c8884eafb0fec58942b18fed29b52a0f0395d8397bcdc6ef0
.exe windows x86

647174bc802e6a444c08a3146f023416

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
SetUnhandledExceptionFilter
CreateEventW
GetOEMCP
LoadLibraryW
GetCommandLineW
GetStartupInfoA
SetEvent
FreeEnvironmentStringsW
GetFileType
GetCurrentProcess
HeapReAlloc
HeapDestroy
LoadResource
GetTickCount
SetEndOfFile
TlsSetValue
GetFileSize
CreateThread
GetCurrentProcessId
GetProcessHeap
CreateFileW
Sleep
GetCurrentThreadId
GetCPInfo
HeapSize
FlushFileBuffers
FindFirstFileW
TlsGetValue
GetFileAttributesW
SetErrorMode
GetACP
TlsFree
GetSystemTimeAsFileTime
lstrlenW
GetConsoleMode
RegisterWaitForSingleObject
GetCommandLineA
HeapCreate
VirtualAllocEx
GetModuleHandleA

user32

ReleaseDC
GetSubMenu
SendMessageW
SetCapture
CreateWindowExW
DestroyIcon
AdjustWindowRectEx
GetMenuStringW
CreateWindowExA
SetWindowTextW
MessageBeep
ClientToScreen
PtInRect
OffsetRect
ReleaseCapture
DrawFocusRect
SetWindowLongW
SetWindowPos
GetMenuItemCount
UnregisterClassA
TrackPopupMenu
GetActiveWindow
CheckMenuItem
InflateRect
GetClientRect
SetActiveWindow
RegisterClassW
DestroyMenu
PostMessageW
DefWindowProcW
LoadIconA
LoadStringW
GetMenu
ShowWindowAsync
GetKeyState
DestroyWindow
GetCursorPos
MoveWindow
AllowSetForegroundWindow
SetMenuItemInfoA

shlwapi

PathIsDirectoryA

ole32

OleUninitialize
OleRegGetUserType
StringFromCLSID
CoFreeUnusedLibraries
CreateStreamOnHGlobal
RevokeDragDrop
CoUninitialize
CoInitialize
CLSIDFromProgID
CreateILockBytesOnHGlobal
CLSIDFromString
OleFlushClipboard
CoLockObjectExternal
CoQueryProxyBlanket
CoDisconnectObject
ReleaseStgMedium
StgCreateDocfileOnILockBytes
RegisterDragDrop
CoTaskMemAlloc
CoTaskMemFree
CoRegisterMessageFilter
CoRevokeClassObject
OleRun
GetRunningObjectTable
CoSetProxyBlanket
CoInitializeSecurity
OleIsRunning
CoCreateInstance
CreateBindCtx
CoCreateGuid
OleInitialize
CoGetClassObject

advapi32

CryptCreateHash
RegEnumValueA
RegOpenKeyExA
CryptAcquireContextA
CloseServiceHandle
CryptReleaseContext
RegDeleteValueA
InitializeAcl
InitializeSecurityDescriptor
DeregisterEventSource
GetLengthSid
AdjustTokenPrivileges
RegQueryValueExW
AllocateAndInitializeSid
CryptHashData
RegQueryValueExA
RegEnumKeyExW
LookupPrivilegeValueA
EqualSid
QueryServiceStatus
CryptDestroyHash
OpenThreadToken
GetTokenInformation
RegCloseKey
CryptGenRandom
AddAccessAllowedAceEx
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExA
RegDeleteKeyW
RegSetValueExW
OpenServiceW
FreeSid
RegDeleteValueW
RegEnumValueW
RevertToSelf
RegCreateKeyExA
RegOpenKeyExW
SetSecurityDescriptorDacl
RegDeleteKeyA
RegSetValueExA
OpenProcessToken
CryptAcquireContextW
AddAccessAllowedAce

msimg32

GradientFill

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__dllonexit
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
memcmp
_onexit
__setusermatherr

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

647174bc802e6a444c08a3146f023416

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

ole32

advapi32

msimg32

msvcrt

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 132KB - Virtual size: 237KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 132KB - Virtual size: 237KB

.rsrc
Size: 16KB - Virtual size: 14KB