f934bd69f9183ad9e8739560fd15bbfc12aa247dc6322d15bfb2e55e560d62f4

Sharing

Copy URL Twitter E-mail

General

Target

f934bd69f9183ad9e8739560fd15bbfc12aa247dc6322d15bfb2e55e560d62f4
Size

2.8MB
MD5

e3760cf47d1ee02f3c1f559a9511a7cc
SHA1

ecef479a5e8284c07b6f8e569b17ab05e3ff9af4
SHA256

f934bd69f9183ad9e8739560fd15bbfc12aa247dc6322d15bfb2e55e560d62f4
SHA512

4cb07b0f179837bae645c59986747e43b5d488ce8031fbcf9a1da4fc7562ae7294290d12de12b361a2ae62ba3b6f64205bed6076148cf66b5155df61f2f31920
SSDEEP

49152:EOLlPCzJQCTHd0l/igVPf6PD3Nmn7GPzJEgLYXtaKUCCCNYzQEr0WO0Yk8ihEj9G:LgzJQCTHcagJf6PD3Nmn7AJEgLYXMKUK

Score

N/A

Malware Config

Signatures

Files

f934bd69f9183ad9e8739560fd15bbfc12aa247dc6322d15bfb2e55e560d62f4
.exe windows x86

671bf282a1220dd40b726d0900e97b4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
GetProcAddress
LoadLibraryA
lstrcatA
lstrlenA
Sleep
GetFileSize
lstrcmpA
ReadFile
SetFilePointer
GetFileAttributesA
GetModuleHandleA
FreeLibrary
MultiByteToWideChar
GetCurrentProcess
FindClose
FindNextFileA
FindFirstFileA
MoveFileA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GetSystemDefaultLangID
lstrcpyW
lstrlenW
CreateProcessA
ExpandEnvironmentStringsA
CopyFileA
GetWindowsDirectoryW
InitializeCriticalSection
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetSystemDirectoryA
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
InterlockedIncrement
InterlockedDecrement
SetUnhandledExceptionFilter
GetCurrentDirectoryA
LeaveCriticalSection
EnterCriticalSection
IsBadWritePtr
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapSize
HeapReAlloc
UnhandledExceptionFilter
SetLastError
SetFileAttributesA
GetModuleFileNameA
VirtualProtect
VirtualAlloc
WinExec
CreateToolhelp32Snapshot
Process32First
Process32Next
UnmapViewOfFile
Module32First
Module32Next
CloseHandle
TerminateProcess
DeleteFileA
lstrcpyA
VirtualFree
CreateFileMappingA
TlsAlloc
GetCurrentThreadId
HeapAlloc
RaiseException
HeapFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetLocalTime
GetSystemTime
GetTimeZoneInformation
ExitThread
TlsGetValue
TlsSetValue
CreateThread
ResumeThread
GetLastError
MapViewOfFile
GetCurrentProcessId
SetStdHandle

user32

IsRectEmpty
GetClassNameW
GetDlgItemTextA
SetDlgItemTextA
EnableWindow
CheckDlgButton
SystemParametersInfoA
EndDialog
MessageBoxA
GetWindowThreadProcessId
IsDlgButtonChecked
GetClassNameA
IsWindow
GetWindow
GetTopWindow
IsWindowVisible
FindWindowA
wsprintfA
UnloadKeyboardLayout
GetKeyboardLayoutList
ReleaseCapture
ClientToScreen
SetCursor
SetCapture
LoadIconA
LoadCursorA
WindowFromPoint
GetParent
PtInRect
GetWindowDC
GetWindowRect
OffsetRect
LoadBitmapA
ReleaseDC
DialogBoxParamA
GetClassInfoExA
RegisterClassExA
WaitForInputIdle
SendMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
PostMessageA
GetDlgItem

gdi32

PatBlt

advapi32

RegCloseKey
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyA
RegDeleteKeyA
RegOpenKeyA
RegOpenKeyExA
RegEnumValueA

shell32

ShellExecuteExA
ShellExecuteA

ws2_32

closesocket
connect
htons
inet_addr
socket
inet_ntoa
gethostbyname
WSAStartup
recv
__WSAFDIsSet
select
send

imm32

ImmIsIME
ImmGetDescriptionA

shlwapi

PathFileExistsA
StrCatW
PathFindFileNameA
PathFindExtensionA
PathRenameExtensionA
PathRemoveFileSpecA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text0
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

671bf282a1220dd40b726d0900e97b4a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ws2_32

imm32

shlwapi

version

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 2.3MB - Virtual size: 2.3MB

.data Size: 16KB - Virtual size: 36KB

.text0 Size: 68KB - Virtual size: 64KB

.text1 Size: 304KB - Virtual size: 303KB

.rsrc Size: 68KB - Virtual size: 64KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 2.3MB - Virtual size: 2.3MB

.data
Size: 16KB - Virtual size: 36KB

.text0
Size: 68KB - Virtual size: 64KB

.text1
Size: 304KB - Virtual size: 303KB

.rsrc
Size: 68KB - Virtual size: 64KB