b7acb2c18e7e6e184d7faa82d2724381f9c23ff3646eeb7177f174cfddc6f6ba

Sharing

Copy URL Twitter E-mail

General

Target

b7acb2c18e7e6e184d7faa82d2724381f9c23ff3646eeb7177f174cfddc6f6ba
Size

764KB
MD5

60dc38de03db2dcd6a5c7e8a0b976e61
SHA1

c4232bf04820b1922d3d7683946367f2d922f890
SHA256

b7acb2c18e7e6e184d7faa82d2724381f9c23ff3646eeb7177f174cfddc6f6ba
SHA512

cc25d9069e477557a19a900a2d48e994bfc41ca2905be864f71f609d816c7b99a109ccefec7c4e10b9234ed55d63fbc2742e8a42d7f42a16eec70dff6cc9e890
SSDEEP

12288:q7vgcFGQojSNcZUoLm9sQKDv8voCQAto3otoo8o4mGqZEBobEToXo4o+oqo6mGAQ:wvgKGQojSeZUoaGuto3otoo8o4mGqZIq

Score

N/A

Malware Config

Signatures

Files

b7acb2c18e7e6e184d7faa82d2724381f9c23ff3646eeb7177f174cfddc6f6ba
.exe windows x86

29aaf24d90be5769825789411b0312bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgA
GetOpenFileNameA

advapi32

LookupPrivilegeValueA
RegConnectRegistryA
GetSidSubAuthorityCount
RegSetValueExW
SetSecurityDescriptorGroup
UnlockServiceDatabase
RegDeleteKeyA
RegOpenKeyExA
RegNotifyChangeKeyValue
CryptGetKeyParam
FreeSid
CryptExportKey
OpenProcessToken
CryptImportKey
EqualSid
IsValidSid
CryptGetUserKey

kernel32

GetModuleHandleA
GetVersion
lstrlenW
GetVolumeInformationW
InterlockedDecrement
CreateProcessW
MulDiv
GetLastError
WaitForSingleObject
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalReAlloc
InterlockedExchange
GetFullPathNameW
SizeofResource
TlsFree
TlsGetValue
InitializeCriticalSection
GlobalLock
FormatMessageW
GlobalDeleteAtom
GetFileAttributesA
GetFileSize
DeleteFileW
DeleteCriticalSection
SystemTimeToFileTime
VirtualAlloc
GetAtomNameW
FindNextFileW
FindResourceW
GetProcessHeap
HeapReAlloc
CloseHandle
GlobalFindAtomW
FindClose
GetVersionExA
GlobalGetAtomNameW
LoadLibraryA
UnlockFile
LockFile
LocalReAlloc
GetFileTime
LocalFileTimeToFileTime
GlobalAddAtomW
DuplicateHandle
InterlockedIncrement
CompareStringW
GetFileAttributesW
SetFileAttributesW
Sleep
WideCharToMultiByte
GetUserDefaultLCID
GetVersionExW
ResumeThread
SetFilePointer
EnumResourceLanguagesW
EnterCriticalSection
GetThreadLocale
CreateFileW
GetShortPathNameW
GlobalHandle
FreeResource
GetCurrentThreadId
GetSystemInfo
SetThreadPriority
ReadFile
GetLocaleInfoW
ResetEvent
FileTimeToLocalFileTime
FlushFileBuffers
FindFirstFileW
SetFileTime
GetCurrentThread
lstrcmpiW
LoadResource
HeapAlloc
TlsAlloc
CreateEventW
CopyFileW
lstrcpyA
ConvertDefaultLocale
GetStringTypeExW
lstrcmpA
HeapFree
lstrlenA
MoveFileW
LeaveCriticalSection
LocalAlloc
TlsSetValue
SetEvent
CompareStringA
WriteFile
SetLastError
LockResource
GlobalFlags
GetCurrentProcessId
SetErrorMode
lstrcmpW
FileTimeToSystemTime

shell32

ExtractIconW
ShellExecuteW

ws2_32

WSAGetLastError

user32

RegisterClassW
ScrollWindow
RemovePropW
ScreenToClient
GetLastActivePopup
GetScrollPos
GetWindow
GetWindowRect
DefWindowProcW
CreateDialogParamW
LoadStringW
TrackPopupMenuEx
GetDC
GetScrollRange
CheckDlgButton

rpcrt4

RpcBindingFromStringBindingA
UuidCreate
NdrClientCall2
RpcStringFreeW

wininet

FtpDeleteFileA

Sections

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 657KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

29aaf24d90be5769825789411b0312bf

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

advapi32

kernel32

shell32

ws2_32

user32

rpcrt4

wininet

Sections

.rsrc Size: 53KB - Virtual size: 52KB

.data Size: 22KB - Virtual size: 2.0MB

.text Size: 657KB - Virtual size: 656KB

.rdata Size: 30KB - Virtual size: 29KB

.reloc Size: 512B - Virtual size: 20B

.rsrc
Size: 53KB - Virtual size: 52KB

.data
Size: 22KB - Virtual size: 2.0MB

.text
Size: 657KB - Virtual size: 656KB

.rdata
Size: 30KB - Virtual size: 29KB

.reloc
Size: 512B - Virtual size: 20B