985697448c11a9cbab26cc352dfe47fb68317efde45a6eac570007f5edf109eb

Sharing

Copy URL Twitter E-mail

General

Target

985697448c11a9cbab26cc352dfe47fb68317efde45a6eac570007f5edf109eb
Size

180KB
MD5

4978e21efaefcf92460b9bfe2406eecb
SHA1

8b3955f0b776c6d0eb855f47fdafcf081e54f3b9
SHA256

985697448c11a9cbab26cc352dfe47fb68317efde45a6eac570007f5edf109eb
SHA512

bc14b3b6fc1f8bf8cd3942bcb2437dedcf0fa6b5c1877ba4d4803ce262090b7e6ac371ace00ec4e6cac9b181529fd65c2ff7e41229ae0b572652d1a73afe147f
SSDEEP

3072:EVjah2fMA7ME7WBIkZJ5oTwBN0wCM+EpSjHXsje+RNPday31eLx:0Wh2fNoE7+II0yz8sjegl/FeLx

Score

N/A

Malware Config

Signatures

Files

985697448c11a9cbab26cc352dfe47fb68317efde45a6eac570007f5edf109eb
.exe windows x86

6438fe17b6558187f4c764149ee553c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
CopyFileA
DeleteFileA
GetFileAttributesA
GetWindowsDirectoryA
SetFileTime
SetEndOfFile
WriteFile
GetDiskFreeSpaceA
MoveFileA
GetTickCount
ReadFile
SetLastError
lstrlenA
lstrcpyA
lstrcatA
ExitProcess
SetFilePointer
Sleep
GetFileType
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetStdHandle
SetHandleCount
GetStdHandle
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
InterlockedDecrement
CreateEventA
GetEnvironmentStrings
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
CreateFileA
GetEnvironmentStringsW
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsGetValue
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
GetCPInfo
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
FormatMessageA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
VirtualAlloc
VirtualFree
FindFirstFileA
FindClose
GetLastError
InterlockedIncrement
UnhandledExceptionFilter
FlushFileBuffers
VirtualUnlock
VirtualLock
GetExitCodeProcess
GetProcessHeap
OutputDebugStringA
GetVolumeInformationA
WaitForSingleObject
GetDriveTypeA
SetThreadPriority
SetEvent
CreateThread
FreeLibrary
GetCurrentDirectoryA
GetFullPathNameA
GetSystemInfo

user32

wvsprintfA
GetDlgItem
SendMessageA
SendDlgItemMessageA
EndDialog
GetLastActivePopup
FindWindowA
wsprintfA
GetTopWindow
ReleaseDC
SetWindowTextA
SetForegroundWindow
DialogBoxParamA
MessageBoxA
IsDialogMessageA
GetMessageA
DispatchMessageA
RegisterClassA
TranslateMessage
LoadCursorA
PostQuitMessage
GetSystemMetrics
CreateWindowExA
DestroyWindow
SetTimer
KillTimer
DefWindowProcA
CreateDialogParamA
ShowWindow
MoveWindow
SetFocus
EnableWindow
LoadStringA
SetDlgItemTextA
SetWindowPos
GetWindowRect
IsWindowVisible
IsWindow
GetDC

gdi32

CreateSolidBrush
GetDeviceCaps

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyExA

comctl32

ord17

shell32

ShellExecuteA

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.erdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6438fe17b6558187f4c764149ee553c8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

shell32

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 286KB

.rsrc Size: 20KB - Virtual size: 16KB

.erdata Size: 68KB - Virtual size: 68KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 286KB

.rsrc
Size: 20KB - Virtual size: 16KB

.erdata
Size: 68KB - Virtual size: 68KB