b11833169301a4c638eace2ed796b2b4b400d1a12b595f9b46c8074844a58b2f

Sharing

Copy URL Twitter E-mail

General

Target

b11833169301a4c638eace2ed796b2b4b400d1a12b595f9b46c8074844a58b2f
Size

304KB
MD5

885aaa8a5913fed73addf310c3a6dbec
SHA1

dc265e204eba5ac4e8ed4e169773d7ccdfdaf567
SHA256

b11833169301a4c638eace2ed796b2b4b400d1a12b595f9b46c8074844a58b2f
SHA512

131d2c99a534f656f643983199e42b85c92bbb1f57560a587c4d6a7b19ac6899a6e066e4ac1b6ebf8f1358a274465856554edb7adfe61dfb1e1de467f0b43418
SSDEEP

6144:FcXlK4wFuk6c9oBJbszio36UPJnbgH0eJu8o2q5aLEMdM/w:2XlK3x96Z613JtgPJo2q8AM2/w

Score

N/A

Malware Config

Signatures

Files

b11833169301a4c638eace2ed796b2b4b400d1a12b595f9b46c8074844a58b2f
.exe windows x86

b8079d9a5768f13f2bbc17daec817437

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathA

ole32

CoCreateInstance

user32

PeekMessageA
CharPrevA
DispatchMessageA
GetWindowRect
MsgWaitForMultipleObjects
GetDesktopWindow
AppendMenuA
wsprintfA
SendMessageA
TranslateMessage
CharUpperA

shlwapi

PathRemoveFileSpecA

shell32

SHCreateDirectoryExA

advapi32

SetSecurityDescriptorDacl
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegCloseKey
CloseServiceHandle
InitializeSecurityDescriptor
RegConnectRegistryA
RegOpenKeyExA
OpenServiceA
QueryServiceStatus
OpenSCManagerA
RegSetValueExA
GetUserNameA
RegEnumKeyExA

mapi32

ord183
ord75
ord129
ord13
ord17
ord137
ord135
ord174
ord140
ord60
ord139
ord185
ord15

kernel32

LoadLibraryExA
FindClose
GetLocalTime
WaitForSingleObject
CreateEventA
GetFileSize
LeaveCriticalSection
lstrcpyA
CreateMutexA
lstrcmpA
ReleaseMutex
WaitForMultipleObjects
FreeLibrary
WideCharToMultiByte
FileTimeToSystemTime
OutputDebugStringA
SetFilePointer
WriteFile
SetLastError
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
lstrlenW
ResetEvent
lstrcpynA
GetShortPathNameA
GetACP
CreateSemaphoreA
SetThreadPriority
CreateFileA
GetSystemTime
lstrlenA
SystemTimeToFileTime
CloseHandle
ReadFile
CreateThread
GetModuleHandleA
GetTempFileNameA
FormatMessageA
FindFirstFileA
OpenFile
OpenEventA
GlobalAlloc
ReleaseSemaphore
lstrcpyW
DeleteFileW
FindNextFileA
GlobalFree
CreateFileW
lstrcmpW
VirtualAllocEx

msvcrt

_mbscmp
wcscpy
isdigit
strncpy
_snprintf
_strlwr
fread
sscanf
_CxxThrowException
wcslen
_mbsdec
strlen
strcpy
strcspn
free
_wcsicmp
fclose
sprintf
_stricmp
fgets
_itoa
_makepath
wcscspn
_strcmpi
wcsncpy
_mbsicmp
memcmp
_mbsrchr
_mbsnbicmp
_splitpath
_access
strncmp
wcscat
atoi
memcpy
fwrite
strchr
wcscmp
_strnicmp
__CxxFrameHandler
abs
__dllonexit
_mbschr
_mbsnbcpy
_mbsnbcat
_wcsnicmp
_mbsinc
malloc
memmove
strcat
_mbsnbcmp
_snwprintf
calloc
_onexit
strstr
fopen
_initterm
localtime
memset

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

comctl32

ImageList_LoadImageA
ImageList_SetBkColor
ImageList_DragMove
ImageList_GetIcon
ImageList_DragEnter
InitMUILanguage
FlatSB_GetScrollProp
ImageList_Replace

rasser

PortGetStatistics

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 575KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8079d9a5768f13f2bbc17daec817437

Headers

File Characteristics

Imports

shfolder

ole32

user32

shlwapi

shell32

advapi32

mapi32

kernel32

msvcrt

version

comctl32

rasser

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 273KB - Virtual size: 575KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 273KB - Virtual size: 575KB

.rsrc
Size: 4KB - Virtual size: 4KB