f411bec1731e67040722d73e40555d78044ae174e16dfca33894d033581326aa

Sharing

Copy URL Twitter E-mail

General

Target

f411bec1731e67040722d73e40555d78044ae174e16dfca33894d033581326aa
Size

201KB
MD5

43c25e09ef6983452fc98971806395d2
SHA1

e2906f9a4c75fd8c4dcc1bfa6845866e5c74d6aa
SHA256

f411bec1731e67040722d73e40555d78044ae174e16dfca33894d033581326aa
SHA512

0a0d7e2b583c2c007a5fdbdd2cab0322cdb43403deb4a6b127aebe06b2582519b4f0785d3a6616e13fdd3ecfaa4383cad4d08a430f36742db0f1b62d01e0a81e
SSDEEP

3072:tkv+pIH2jPJcgOvEtwC68twjIqfu+WXhUZrazHecpuI6pVA1X+czkoa6wOhadSCK:4a+gO8tu8tw8bp6OvYujfh0SHlunIj

Score

N/A

Malware Config

Signatures

Files

f411bec1731e67040722d73e40555d78044ae174e16dfca33894d033581326aa
.exe windows x86

0dee6128400ce4967b64af3c8f2d5189

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeaps
GetCurrentDirectoryA
ExpandEnvironmentStringsA
GetSystemDirectoryA
CreateDirectoryW
GetModuleHandleA
GetCurrentProcessId
GlobalDeleteAtom
WriteFile
lstrcmpA
CopyFileA
LocalAlloc
SetComputerNameW
SetLastError
GetFullPathNameA
GetCPInfo
GetStartupInfoW
GetExitCodeProcess
GetExpandedNameW
CreateNamedPipeA
GetVersionExA
GetProcAddress
OpenMutexA
IsBadStringPtrW
lstrcpynW
EnumCalendarInfoW
SearchPathW
lstrcmpiW
GetUserDefaultLangID
Sleep
GetProcessHeap
lstrcatA
BeginUpdateResourceW
DeleteAtom
CreateFileA
GlobalFindAtomW
GetExitCodeThread

user32

GetCapture
SetWindowTextW
GetMenuItemRect
MessageBoxW
GetCursorPos
GetAsyncKeyState
MonitorFromRect
CallWindowProcA
ArrangeIconicWindows
CloseWindow
CharUpperA
BringWindowToTop
GetSysColor
RegisterClassExW
GetClassInfoExA
GetDC
DefWindowProcW
MessageBoxIndirectA
MoveWindow
GetForegroundWindow
PeekMessageA
LoadIconW
GetDlgItem
MonitorFromWindow
EnumDesktopsA
CharPrevW
ShowCaret
GetCaretPos

gdi32

GetGraphicsMode
SetRectRgn
GetEnhMetaFileA
CreateMetaFileA
CreateFontIndirectExW
GetEnhMetaFilePaletteEntries
GetOutlineTextMetricsW
ScaleViewportExtEx
BeginPath
GetCharWidthW
DeleteEnhMetaFile
SetStretchBltMode

advapi32

RegOpenKeyW
RegFlushKey
RegEnumValueA
RegCreateKeyExW
RegOpenKeyA
RegQueryValueA
RegRestoreKeyW

shell32

StrNCmpIW
ShellExecuteExA
StrNCmpA

oleaut32

VarDecSub
VarI1FromDec
VarUI1FromR4
VarI4FromR4
VarR8FromI4
VarI1FromStr
DllRegisterServer

version

GetFileVersionInfoW
VerInstallFileA
VerFindFileA

urlmon

CreateFormatEnumerator
CDLGetLongPathNameA
CoInternetQueryInfo
IsAsyncMoniker
URLDownloadToFileW
GetSoftwareUpdateInfo
URLDownloadA
Extract
IsLoggingEnabledA
CopyStgMedium

crypt32

CertSetCTLContextProperty
CryptMsgVerifyCountersignatureEncoded
CertUnregisterPhysicalStore
CryptExportPublicKeyInfo
CertSaveStore
CryptRegisterOIDInfo
I_CryptAllocTls
CryptSIPVerifyIndirectData
CryptMsgEncodeAndSignCTL

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.IcbOWV
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fwV
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CgwTKx
Size: 1024B - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zR
Size: 1024B - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ZKF
Size: 1024B - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Rkacex
Size: 2KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dee6128400ce4967b64af3c8f2d5189

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

version

urlmon

crypt32

Sections

.text Size: 12KB - Virtual size: 12KB

.IcbOWV Size: 2KB - Virtual size: 9KB

.fwV Size: 3KB - Virtual size: 14KB

.CgwTKx Size: 1024B - Virtual size: 23KB

.data Size: 5KB - Virtual size: 4KB

.zR Size: 1024B - Virtual size: 30KB

.ZKF Size: 1024B - Virtual size: 31KB

.Rkacex Size: 2KB - Virtual size: 269KB

.rsrc Size: 170KB - Virtual size: 170KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.IcbOWV
Size: 2KB - Virtual size: 9KB

.fwV
Size: 3KB - Virtual size: 14KB

.CgwTKx
Size: 1024B - Virtual size: 23KB

.data
Size: 5KB - Virtual size: 4KB

.zR
Size: 1024B - Virtual size: 30KB

.ZKF
Size: 1024B - Virtual size: 31KB

.Rkacex
Size: 2KB - Virtual size: 269KB

.rsrc
Size: 170KB - Virtual size: 170KB

.reloc
Size: 1KB - Virtual size: 1KB