b41dadbc6538642a53e562e5ce3f343fb7f94c27694c0e97ce5cc9c410fa04d5

Sharing

Copy URL Twitter E-mail

General

Target

b41dadbc6538642a53e562e5ce3f343fb7f94c27694c0e97ce5cc9c410fa04d5
Size

568KB
MD5

3d563f91e5403fa90592113e0cf174d9
SHA1

0dba3fad8d00770884f353e29196120f77580237
SHA256

b41dadbc6538642a53e562e5ce3f343fb7f94c27694c0e97ce5cc9c410fa04d5
SHA512

f3168c6bfd2768fdac5cc2b4b960f4b8875f336074df001f886d633a2f206fd638379340c063d9d6f90862b8852d6426293895e9f47757dcb95e1b85e2ab0e33
SSDEEP

12288:HLkMGWpv2tp5FMO1dYkvyJs9rJIrpCMZ95kOg+g3zI+4ecHqNB:tGW1Yp5FMO1ewL9lIrpyOtAB4eZP

Score

N/A

Malware Config

Signatures

Files

b41dadbc6538642a53e562e5ce3f343fb7f94c27694c0e97ce5cc9c410fa04d5
.exe windows x86

1a48e849d31698902a5b073603679bde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegDeleteKeyW
RegDeleteKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegQueryValueExW
RegCreateKeyExA
RegQueryValueExA
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

gdi32

CreateSolidBrush
SelectObject
CreateCompatibleDC
GetStockObject
DeleteDC
GetDeviceCaps
DeleteObject
SetBkColor
BitBlt

kernel32

GetOEMCP
VirtualAlloc
FindResourceA
Sleep
VirtualFree
FindResourceW
HeapCreate
IsValidCodePage
lstrcmpiW
TlsGetValue
CreateProcessA
GetEnvironmentStrings
GetVersion
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
SetEndOfFile
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
SetFileTime
LockResource
GetCurrentProcessId
SizeofResource
FileTimeToLocalFileTime
CreateProcessW
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
GetLastError
InterlockedIncrement
HeapAlloc
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
RemoveDirectoryA
WaitForMultipleObjects
DuplicateHandle
FindFirstFileW
CreateFileMappingA
ResetEvent
CompareStringA
GetDiskFreeSpaceA
FindFirstFileA
CompareStringW
WriteFile
GetProcessHeap
GetProcAddress
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
IsBadWritePtr
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
LeaveCriticalSection
GetCurrentThreadId
GlobalAlloc
WriteConsoleA
SetUnhandledExceptionFilter
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
CreateFileA
SetFileAttributesA
CreateThread
GetModuleHandleA
CreateMutexA
GetLocalTime
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
LoadLibraryExA
RaiseException
GetModuleFileNameA
FlushFileBuffers
ExitProcess
IsDebuggerPresent
VirtualProtect
GetModuleFileNameW
GetEnvironmentVariableA
GetSystemTime
SetLastError
OutputDebugStringA
FormatMessageA
InterlockedDecrement
FindClose
GlobalLock
LoadResource
InitializeCriticalSection
GetExitCodeProcess
FormatMessageW
LocalFree
FreeLibrary
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
InterlockedExchange
GetStringTypeA
lstrcmpiA
GetCPInfo
SetStdHandle
GetLocaleInfoW
lstrcpyA
FreeEnvironmentStringsW
SetErrorMode
ExpandEnvironmentStringsA
lstrcatA
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentDirectoryA
GetStartupInfoW
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindNextFileA
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle

user32

ReleaseCapture
PostMessageA
GetWindowRect
GetSystemMetrics
DefWindowProcA
ClientToScreen
BeginPaint
GetMessageA
PeekMessageA
SetFocus
EndPaint
ReleaseDC
DispatchMessageA
FillRect
CreateWindowExA
GetWindowLongA
EnableMenuItem
SetWindowLongA
GetWindow
IsWindowEnabled
TranslateMessage
EnableWindow
ShowWindow
UpdateWindow
GetParent
DestroyWindow
GetKeyState
GetClientRect
GetCursorPos
GetDC
IsWindow
SetWindowPos
PostQuitMessage
DestroyMenu
MapWindowPoints
EndDialog
SetWindowTextA
SetTimer
GetSubMenu
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
GetDesktopWindow
SetForegroundWindow
MessageBeep
SetDlgItemTextA
MessageBoxA
DialogBoxParamA
GetSysColor
SystemParametersInfoA
PtInRect
InvalidateRect
SendMessageA
CallWindowProcA
LoadStringA
SetCursor

oleaut32

SysStringLen
VariantClear
SysAllocString

ole32

CoCreateInstance
CoTaskMemAlloc
CoInitialize
CoUninitialize

msvcrt

_strcmpi
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
exit
_cexit
_except_handler3
_controlfp
__set_app_type

Sections

.text
Size: 288KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a48e849d31698902a5b073603679bde

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

user32

oleaut32

ole32

msvcrt

Sections

.text Size: 288KB - Virtual size: 285KB

.rdata Size: 84KB - Virtual size: 83KB

.data Size: 188KB - Virtual size: 184KB

.rsrc Size: 4KB - Virtual size: 648B

.text
Size: 288KB - Virtual size: 285KB

.rdata
Size: 84KB - Virtual size: 83KB

.data
Size: 188KB - Virtual size: 184KB

.rsrc
Size: 4KB - Virtual size: 648B