f3348c6d13b586156dd4a5a3a0ac87ddb0751d24e161681194e5f67534e1b1bf

Sharing

Copy URL Twitter E-mail

General

Target

f3348c6d13b586156dd4a5a3a0ac87ddb0751d24e161681194e5f67534e1b1bf
Size

294KB
MD5

3b1f159abdc35ebd90a61154bce66f8c
SHA1

1fd13af40b106e7e5169b14c339112eba25bd2b8
SHA256

f3348c6d13b586156dd4a5a3a0ac87ddb0751d24e161681194e5f67534e1b1bf
SHA512

72e7a17480170902d617d360df97751035f01b6928f15e4aec608b2bf6bd41a40d06297ddebe80cccf971769de1e870b2cf931438c63f2c78b6f7ae5cf036468
SSDEEP

6144:jix3sVPrsqnbDnS208Hc0x4jFKFCHB1l:L9wkF4i6

Score

N/A

Malware Config

Signatures

Files

f3348c6d13b586156dd4a5a3a0ac87ddb0751d24e161681194e5f67534e1b1bf
.exe windows x86

bff9fce22ffc4f0dbd090d1e060802a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

GetErrorInfo
SysFreeString
SysStringLen
UnRegisterTypeLi
SafeArrayGetUBound
VariantCopyInd
LoadRegTypeLi
SafeArrayDestroy
VarUI4FromStr
VariantInit
SafeArrayLock
SafeArrayGetLBound
SafeArrayUnlock
SafeArrayRedim
LoadTypeLi
SafeArrayCreate
DispCallFunc
RegisterTypeLi
VariantClear
SysAllocStringByteLen
SysAllocString
SafeArrayCopy
SafeArrayGetVartype

shlwapi

PathRemoveFileSpecW
PathStripPathW
PathAppendW

wininet

DeleteUrlCacheEntryW

user32

CharNextW
UnregisterClassA
GetWindowLongW

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegCreateKeyExW

kernel32

RaiseException
WriteConsoleA
SizeofResource
SetFilePointer
LCMapStringA
ResumeThread
SignalObjectAndWait
GetModuleHandleA
ResetEvent
TlsAlloc
GetConsoleMode
GetFileType
GetSystemTimeAsFileTime
TlsGetValue
FreeEnvironmentStringsW
GetLocalTime
GetConsoleOutputCP
SetStdHandle
GetProcessHeap
GetStdHandle
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
TlsFree
VirtualFree
HeapSize
GetModuleHandleW
CreateThread
CreateMutexW
GetACP
lstrcmpiW
EnterCriticalSection
UnhandledExceptionFilter
GetOEMCP
FlushFileBuffers
TlsSetValue
VirtualAlloc
lstrlenW
CreateEventW
FreeLibrary
IsDebuggerPresent
SetLastError
GetThreadLocale
WriteFile
ReleaseMutex
CreateFileW
WriteConsoleW
HeapAlloc
CloseHandle
SetHandleCount
LCMapStringW
RtlUnwind
CreateFileA
FindResourceExW
DeleteCriticalSection
IsValidCodePage
OpenEventW
OutputDebugStringW
WaitForSingleObject
LoadResource
WideCharToMultiByte
FormatMessageW
HeapFree
LocalFree
LeaveCriticalSection
GetCurrentThreadId
HeapDestroy
FindResourceW
GetTempPathW
LockResource
SetThreadLocale
WaitForMultipleObjects
HeapReAlloc
LoadLibraryExW
GetCommandLineA
GetConsoleCP
GetUserDefaultLangID
GetCurrentDirectoryA

urlmon

CoInternetGetSession
FindMimeFromData
CoInternetCreateSecurityManager

ole32

CoTaskMemRealloc
CoGetClassObject
CoUninitialize
CLSIDFromString
CoTaskMemAlloc
StringFromGUID2
CoInitializeEx
OleRun
CoCreateInstance
CoTaskMemFree

comctl32

CreateStatusWindow
ImageList_Read
ImageList_GetImageCount
ImageList_Write
ImageList_Destroy
DrawStatusTextW
LBItemFromPt
DrawStatusTextA

dbgeng

DebugConnect

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 242KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bff9fce22ffc4f0dbd090d1e060802a1

Headers

File Characteristics

Imports

oleaut32

shlwapi

wininet

user32

advapi32

kernel32

urlmon

ole32

comctl32

dbgeng

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 242KB - Virtual size: 372KB

.rsrc Size: 23KB - Virtual size: 108KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 242KB - Virtual size: 372KB

.rsrc
Size: 23KB - Virtual size: 108KB