be74c1a0f33b9577f71aa30df18cef7def3410a9ab915cc2973836825e6f913b

Sharing

Copy URL Twitter E-mail

General

Target

be74c1a0f33b9577f71aa30df18cef7def3410a9ab915cc2973836825e6f913b
Size

712KB
MD5

2270b146528e10b568146c4651939050
SHA1

1746f39cc20a82f9103e61a03bd684753865ee77
SHA256

be74c1a0f33b9577f71aa30df18cef7def3410a9ab915cc2973836825e6f913b
SHA512

2c8d75d805d54666f5072c6e93a006673287b0e5d520de013b313ab48ab5741624789abc8083bcd7f1a2a2006ada5f2f23922ffc2417be14d565ff680232bf76
SSDEEP

12288:5pETdmc22J9eWYo7R/LvqZynM8/kjAk2gQ1wwc3OqitK0bpxjmCAWv:5G5MA92o7RDqZEM8/kZQ1i3CkCpxjm

Score

N/A

Malware Config

Signatures

Files

be74c1a0f33b9577f71aa30df18cef7def3410a9ab915cc2973836825e6f913b
.exe windows x86

6f67bed680ab51cd3d7afc50354fd269

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
GlobalFree
GlobalHandle
LockResource
LoadResource
GetModuleFileNameW
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryA
InterlockedIncrement
lstrcmpA
FlushInstructionCache
GetCurrentProcess
GetModuleFileNameA
GetShortPathNameW
GetExitCodeProcess
WaitForSingleObject
OpenProcess
LocalFree
WriteFile
LocalAlloc
CreateFileA
SizeofResource
FindClose
FindFirstFileA
CreateDirectoryA
GetVersionExA
GetShortPathNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GlobalAlloc
GlobalLock
CreateProcessA
CloseHandle
lstrlenA
SetUnhandledExceptionFilter
RaiseException
SetFilePointer
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
TerminateProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
GetOEMCP
GetACP
GetCPInfo
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
HeapAlloc
HeapFree
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
DeleteCriticalSection
SetStdHandle
FlushFileBuffers
EnterCriticalSection
GlobalUnlock
LeaveCriticalSection
HeapDestroy
InitializeCriticalSection
DeleteFileA
InterlockedDecrement
GetCurrentThreadId
IsBadCodePtr

user32

ShowWindow
IsDialogMessageA
DispatchMessageA
PostQuitMessage
TranslateMessage
GetMessageA
PeekMessageA
DestroyWindow
MoveWindow
GetCursor
CreateWindowExA
wsprintfA
InvalidateRgn
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetDesktopWindow
GetParent
GetClassNameA
RedrawWindow
IsWindow
BeginPaint
GetClientRect
FillRect
EndPaint
CallWindowProcA
GetDC
ReleaseDC
GetFocus
IsChild
SetFocus
GetSysColor
CreateDialogIndirectParamA
GetWindowTextLengthA
GetWindowTextA
GetWindow
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
LoadImageA
SendMessageA
SetWindowTextA
GetDlgItem
SystemParametersInfoA
SetWindowPos
GetSystemMetrics
GetWindowRect
InvalidateRect
GetWindowLongA
SetWindowLongA

gdi32

SelectObject
GetObjectA
GetStockObject
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
PatBlt

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoTaskMemAlloc
StringFromCLSID
OleLockRunning
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
CoUninitialize

oleaut32

SysAllocStringLen
LoadRegTypeLi
VariantClear
OleCreateFontIndirect
SysFreeString
DispCallFunc
SysAllocString
SysStringLen

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetGetConnectedState

comctl32

ord17

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 608KB - Virtual size: 608KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6f67bed680ab51cd3d7afc50354fd269

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

wininet

comctl32

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 23KB

.rsrc Size: 608KB - Virtual size: 608KB

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 23KB

.rsrc
Size: 608KB - Virtual size: 608KB