fb515948217360d43632f59628b2f93b24744f9fa5d9fd61d892e00b1bc1656a

Sharing

Copy URL Twitter E-mail

General

Target

fb515948217360d43632f59628b2f93b24744f9fa5d9fd61d892e00b1bc1656a
Size

214KB
MD5

728717030347d9564ff88b93047fc556
SHA1

71f8828746caea1fe45609f508d9050a5c0f256d
SHA256

fb515948217360d43632f59628b2f93b24744f9fa5d9fd61d892e00b1bc1656a
SHA512

85fa4ae2bed6dd2dde6546e71f5a135831593cdaa38c1f8cfdf3513b3d8785cf21509be88f82a59adc26282cc132d8b99d72119f88e7bc7cdc6afa02c1a0d301
SSDEEP

6144:PPDgD61nXi+aaxeIf4L5iVEGj24MBK/OIqr:P7gD61nXi+aaxeIQMVEE2f1r

Score

N/A

Malware Config

Signatures

Files

fb515948217360d43632f59628b2f93b24744f9fa5d9fd61d892e00b1bc1656a
.exe windows x86

57fc054a2d76bc5d73b220c4ddae5afe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCreateFromHDC
GdipDrawImageI
GdipCloneImage
GdipCreateBitmapFromStream
GdipDisposeImage
GdipAlloc
GdipFree
GdipDeleteGraphics
GdiplusShutdown
GdiplusStartup

comctl32

InitCommonControlsEx

shlwapi

SHDeleteKeyW

kernel32

FindFirstFileW
FindNextFileW
GetLastError
FindClose
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
TerminateProcess
Process32NextW
OutputDebugStringW
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetProcessHeap
SetEndOfFile
LoadLibraryA
RemoveDirectoryW
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
HeapSize
HeapReAlloc
VirtualAlloc
GetStringTypeA
FlushFileBuffers
ReadFile
SetFilePointer
Sleep
CloseHandle
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
DeleteFileW
ExpandEnvironmentStringsW
SetFileAttributesW
CreateThread
CreateFileA
GetConsoleMode
GetConsoleCP
SetStdHandle
MultiByteToWideChar
CreateFileW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
WriteFile
ExitProcess
GetCurrentThreadId
GlobalUnlock
GlobalFree
FindResourceW
SizeofResource
LockResource
LoadResource
GlobalAlloc
GlobalLock
SetLastError
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MoveFileW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
GetCPInfo
HeapFree
RaiseException
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeW
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree

user32

TranslateMessage
DispatchMessageW
GetSystemMetrics
CreateWindowExW
ShowWindow
LoadAcceleratorsW
TranslateAcceleratorW
PostQuitMessage
LoadCursorW
SetFocus
DestroyWindow
DefWindowProcW
MessageBoxW
LoadStringW
SendMessageW
GetMessageW
UpdateWindow
PostMessageW
GetDlgItemTextW
RegisterClassExW
LoadIconW
InvalidateRect
SetWindowPos
SetCursor
EndPaint
ReleaseDC
DrawTextW
GetDC
LoadBitmapW
BeginPaint

gdi32

SetTextColor
SetBkColor
DeleteObject
DeleteDC
StretchBlt
SelectObject
CreateCompatibleDC
CreateFontW

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW

shell32

ShellExecuteW
SHGetFolderPathW
SHFileOperationW

ole32

CoInitialize
CoUninitialize
CreateStreamOnHGlobal

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlW
InternetOpenW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57fc054a2d76bc5d73b220c4ddae5afe

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

comctl32

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

wininet

version

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 134KB - Virtual size: 133KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 134KB - Virtual size: 133KB

.reloc
Size: 10KB - Virtual size: 10KB