8030f616b0664a70f53a5ce6bc99c9c14f6455dac15b1b45ff07d35759790f94

Sharing

Copy URL

Twitter E-mail

General

Target

8030f616b0664a70f53a5ce6bc99c9c14f6455dac15b1b45ff07d35759790f94
Size

834KB
MD5

c3e3a937f9c6cd6662f716a26f99a7ac
SHA1

201ae9253423296735299cee2a34f30d25846837
SHA256

8030f616b0664a70f53a5ce6bc99c9c14f6455dac15b1b45ff07d35759790f94
SHA512

cfa6a2cef4cf47c4cadcbfc0c55d0ab6a7d6b4f431672c49e826a3c6f71fb20492b2164a5e07a93ea73f17ab0b3b6b5718a4ea0680dc17fcfb31079e0c328a90
SSDEEP

12288:3hsSa7HqNMGByJ7otS8WQ40g6Eswtv6stA5XwvFfwhHPztoGBdTbiZZ/nC+Kagkv:3hkjJoatzNptziombAfZ8LqyK

Score

N/A

Malware Config

Signatures

Files

8030f616b0664a70f53a5ce6bc99c9c14f6455dac15b1b45ff07d35759790f94
.exe windows x86

3923a6a89c65699addf91613b031f8f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
lstrcatA
GetTickCount
ExitProcess
GetProcAddress
GetStartupInfoA
GlobalFree
GetLastError
GetModuleFileNameA
SetLastError
TerminateProcess
GetFullPathNameA
lstrlenA
GlobalAlloc
lstrcpyA
lstrcpynA
CloseHandle
AreFileApisANSI
MultiByteToWideChar
GetFileAttributesA
GlobalLock
LocalFree
CreateMutexA
LoadLibraryA
CreateProcessA
OutputDebugStringA
FreeLibrary
InterlockedDecrement
GetModuleHandleA
GetVersion
WideCharToMultiByte
lstrlenW
GlobalUnlock

user32

ReleaseCapture
GetParent
DestroyIcon
LoadMenuA
GetDlgCtrlID
DrawIconEx
SetWindowRgn
SendMessageA
GetLastActivePopup
LoadBitmapA
GetMenuItemInfoA
FillRect
EnableWindow
IsWindowVisible
GetDC
LoadIconA
DrawTextA
LoadImageA
PtInRect
GetMenuItemCount
SetWindowTextA
GetClientRect
PostMessageA
GetWindowDC
GetWindowTextA
SystemParametersInfoA
CopyRect
OffsetRect
SetRect
SetMenuItemInfoA
GetWindowRect
GrayStringA
DefWindowProcA
SetForegroundWindow
SetCapture
InvalidateRect
FindWindowA
IsWindow
EnumChildWindows
ReleaseDC
IsIconic
DeleteMenu
IsZoomed
UpdateWindow
LoadCursorA
ClientToScreen
GetSysColor
TabbedTextOutA
GetSystemMenu
GetSystemMetrics
GetSubMenu
TrackPopupMenu

gdi32

GetPaletteEntries
CreateCompatibleDC
CombineRgn
SetPixel
CreateFontIndirectA
DPtoLP
PtVisible
GetObjectA
SetBkMode
DeleteObject
GetBkColor
Polyline
ExtTextOutA
GetTextColor
CreateHalftonePalette
CreatePen
CreatePalette
SetWindowOrgEx
SelectPalette
RectVisible
PatBlt
GetDeviceCaps
SetRectRgn
CreateCompatibleBitmap
SetTextColor
StretchBlt
BitBlt
Escape
PtInRegion
DeleteDC
CreatePolygonRgn
LPtoDP
TextOutA
RealizePalette
GetMapMode
GetStockObject
CreateRectRgn
CreateSolidBrush
GetCurrentObject
SelectObject

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHGetDesktopFolder

ole32

CoTaskMemFree
CLSIDFromProgID
StringFromCLSID
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocString
VariantClear
SysFreeString
SysAllocStringLen

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFindFileNameA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

wtsapi32

WTSVirtualChannelClose

msvcrt

fclose
_strdup
_initterm
_onexit
?terminate@@YAXXZ
__dllonexit
_CxxThrowException
_acmdln
_splitpath
__CxxFrameHandler
__p__fmode
__set_app_type
_controlfp
_mbsicmp
__p__commode
_exit
__setusermatherr
_XcptFilter
free
__getmainargs
_except_handler3
_setmbcp
??1type_info@@UAE@XZ
_vsnprintf
_mbscmp
_adjust_fdiv
exit
fopen
fread

Sections

.text
Size: 482KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hk
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zt
Size: - Virtual size: 165KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zx
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zz
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3923a6a89c65699addf91613b031f8f0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

version

wtsapi32

msvcrt

Sections

.text Size: 482KB - Virtual size: 481KB

.hk Size: 58KB - Virtual size: 57KB

.zt Size: - Virtual size: 165KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 828B

.zx Size: 228KB - Virtual size: 228KB

.zz Size: 53KB - Virtual size: 53KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 482KB - Virtual size: 481KB

.hk
Size: 58KB - Virtual size: 57KB

.zt
Size: - Virtual size: 165KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 828B

.zx
Size: 228KB - Virtual size: 228KB

.zz
Size: 53KB - Virtual size: 53KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB