be41eb91e5a94a5af57f2b2d5010eb9c86e65130720d94d7b66b941609c6b458

Sharing

Copy URL Twitter E-mail

General

Target

be41eb91e5a94a5af57f2b2d5010eb9c86e65130720d94d7b66b941609c6b458
Size

852KB
MD5

876b2219cf916050e29c1dbb3fc6f776
SHA1

f45e4598932c0ea83f799edf7fb2ea5a00ed6995
SHA256

be41eb91e5a94a5af57f2b2d5010eb9c86e65130720d94d7b66b941609c6b458
SHA512

02d1c81cbe82e5d57b230c69187c8cb5cc51992235d56e4bffa4efb746451e410a5ca00cf223326104ce877821005861d1b575326caa5201f6e84013e5f1b387
SSDEEP

24576:ytU0IoyIgaq2YrdvBZJ29QSzvqx3S6G9mJqX:myNjJl3C6Smi

Score

N/A

Malware Config

Signatures

Files

be41eb91e5a94a5af57f2b2d5010eb9c86e65130720d94d7b66b941609c6b458
.exe windows x86

f26d8d37a312104a9d8bd6749a9ed240

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
GetStringTypeExA
VirtualQuery
ExitProcess
OpenMutexA
CloseHandle
GetPrivateProfileSectionNamesA
TransmitCommChar
WriteConsoleInputW
GetNamedPipeInfo
VirtualFree
TlsAlloc
DuplicateHandle
GetStartupInfoA
HeapDestroy
OpenSemaphoreW
OpenWaitableTimerA
ReadFile
HeapReAlloc
InitializeCriticalSection
GetEnvironmentStringsW
GetConsoleCP
VirtualAlloc
IsValidCodePage
LCMapStringW
IsValidLocale
SetStdHandle
CreateRemoteThread
GetVolumeInformationW
GetCommandLineA
WaitForMultipleObjects
WritePrivateProfileStructW
FreeEnvironmentStringsA
CreateFileMappingA
MultiByteToWideChar
GetStdHandle
FindNextChangeNotification
SetEnvironmentVariableA
CompareStringA
TlsFree
CreateMutexW
GetModuleFileNameW
GetPrivateProfileStructW
GetLocaleInfoA
GetProcAddress
GetUserDefaultLCID
GetStartupInfoW
GetSystemInfo
GetSystemDefaultLangID
HeapValidate
GlobalGetAtomNameA
FlushFileBuffers
ReadConsoleInputW
IsBadReadPtr
GetStringTypeW
SetComputerNameW
GlobalUnlock
GetCurrentThreadId
LoadLibraryA
GetLastError
MoveFileA
SetCurrentDirectoryW
GlobalReAlloc
GetVersionExA
InterlockedDecrement
EnumTimeFormatsA
GetACP
CompareStringW
EnumCalendarInfoExW
HeapCreate
GlobalAlloc
GetTimeZoneInformation
InterlockedExchange
GetComputerNameW
SetLastError
GetModuleHandleA
EnumSystemLocalesA
CreateProcessA
CreateMailslotW
HeapAlloc
DeleteCriticalSection
GetThreadLocale
LeaveCriticalSection
RaiseException
SetHandleCount
FindResourceW
lstrcat
IsBadWritePtr
GetCurrentProcessId
GetTickCount
CreateWaitableTimerA
TlsGetValue
ReadConsoleOutputCharacterA
FreeEnvironmentStringsW
QueryPerformanceCounter
GlobalFix
InterlockedIncrement
VirtualProtect
TerminateProcess
UnhandledExceptionFilter
RtlUnwind
ReadConsoleOutputAttribute
WriteFile
HeapFree
FreeLibrary
GetEnvironmentStrings
GetCPInfo
GetStringTypeA
DebugBreak
CreateMutexA
SetConsoleCP
GetOEMCP
GetProfileIntA
GetDateFormatA
OutputDebugStringA
SetConsoleCtrlHandler
GetModuleFileNameA
GetCurrentThread
EnumResourceLanguagesA
SetFilePointer
GetCommandLineW
CreateSemaphoreA
GetFileType
GetCurrentProcess
GetTimeFormatA
SetLocaleInfoA
FlushViewOfFile
LCMapStringA
EnumSystemLocalesW
TlsSetValue
WideCharToMultiByte
GetLocaleInfoW
EnterCriticalSection
GetSystemTimeAsFileTime

user32

RegisterClassExA
DrawTextExW
UnhookWindowsHook
SystemParametersInfoA
SetMenuContextHelpId
GetWindowModuleFileNameA
GetMessageTime
SetWindowsHookExA
GetProcessDefaultLayout
PeekMessageW
IsCharLowerA
DefWindowProcA
LoadCursorW
CreateDialogParamA
EndDeferWindowPos
GetWindowModuleFileNameW
TranslateAcceleratorW
DdeReconnect
RegisterClassA
ArrangeIconicWindows

advapi32

RegEnumValueA
RegEnumKeyW
RegReplaceKeyW
LookupSecurityDescriptorPartsW

comctl32

ImageList_Create
ImageList_ReplaceIcon
ImageList_Remove
ImageList_AddMasked
ImageList_Destroy
DestroyPropertySheetPage
CreatePropertySheetPageA
InitCommonControlsEx

shell32

RealShellExecuteW

comdlg32

ChooseColorA
ChooseFontW
ReplaceTextW

Sections

.text
Size: 220KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 412KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f26d8d37a312104a9d8bd6749a9ed240

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

shell32

comdlg32

Sections

.text Size: 220KB - Virtual size: 218KB

.rdata Size: 412KB - Virtual size: 408KB

.data Size: 136KB - Virtual size: 162KB

.rsrc Size: 80KB - Virtual size: 78KB

.text
Size: 220KB - Virtual size: 218KB

.rdata
Size: 412KB - Virtual size: 408KB

.data
Size: 136KB - Virtual size: 162KB

.rsrc
Size: 80KB - Virtual size: 78KB