37ef7511d005cef0cb96961626fe321ea62701366a7235e5c1fe03768ec92ccc

Sharing

Copy URL Twitter E-mail

General

Target

37ef7511d005cef0cb96961626fe321ea62701366a7235e5c1fe03768ec92ccc
Size

137KB
MD5

eeb237ff138aa9803969dd720884c94e
SHA1

7fcbfb5d5c6e2a572d69a54be6229edbb09d6d00
SHA256

37ef7511d005cef0cb96961626fe321ea62701366a7235e5c1fe03768ec92ccc
SHA512

85faefa6e0c7e6fa2bb957d65029a6840a8dff9bfb32985487dcd47a4474fe2ff2616ae2adce279dc36e81f6d2c48cdf94fc068b647f0c25ead45eee62752474
SSDEEP

3072:EOSDqFGFdmtQATQmUL/UvAKPJBdD8UXSnMIOXXFIeLVNbffNUIM+bSuAm9k:EUICQATQtL/UvAKPJBdD8UAgpLV5ffNL

Score

N/A

Malware Config

Signatures

Files

37ef7511d005cef0cb96961626fe321ea62701366a7235e5c1fe03768ec92ccc
.exe windows x86

32289ecef06f744ed5e0785fe039c39e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtectEx
VirtualAllocEx
VirtualAlloc
ExpandEnvironmentStringsW
FindClose
FindNextFileW
FindFirstFileW
GlobalUnlock
GlobalLock
GlobalAlloc
SetEvent
ResetEvent
CreateEventW
RaiseException
GlobalMemoryStatusEx
GetTickCount
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleHandleW
GlobalFree
GetSystemDefaultLangID
Module32FirstW
CreateToolhelp32Snapshot
OpenProcess
GetCurrentProcessId
Process32NextW
Process32FirstW
SetFileAttributesW
GetFileAttributesW
SetEnvironmentVariableW
GetVersionExW
SetProcessWorkingSetSize
QueryDosDeviceW
RemoveDirectoryW
CopyFileW
SearchPathW
SetSystemPowerState
LocalFree
CreateHardLinkW
SetCurrentDirectoryW
GetLocalTime
GetCommandLineW
GetStartupInfoW
GetCurrentProcess
ExitProcess
WriteProcessMemory
SetThreadContext
ResumeThread
WaitForSingleObject
TerminateProcess
GetEnvironmentVariableW
GetModuleFileNameW
CreateProcessW
GetThreadContext
ReadProcessMemory
VirtualQueryEx
LoadLibraryW
GetProcAddress
FreeLibrary
GetLogicalDriveStringsW
GetLogicalDrives
Sleep
SetLastError
GetDriveTypeW
GetLastError
DeviceIoControl
GetDiskFreeSpaceExW
GetVolumeNameForVolumeMountPointW
DefineDosDeviceW
CreateThread
GetCurrentDirectoryW
CreateDirectoryW
GetFileAttributesExW
DeleteFileW
GetFileSize
SetFilePointer
WriteFile
ReadFile
CloseHandle
CreateFileW
lstrcmpiW
lstrcmpW
lstrcatW
lstrcpyW
lstrlenW
lstrlenA
WideCharToMultiByte
MultiByteToWideChar

user32

InvalidateRect
SendMessageTimeoutW
OpenClipboard
EmptyClipboard
SetClipboardData
SetTimer
GetDC
GetSysColorBrush
FillRect
ReleaseDC
wsprintfW
MessageBoxW
PtInRect
ShowWindow
EnableMenuItem
EnableWindow
CharUpperW
FrameRect
SetLayeredWindowAttributes
EnumDisplaySettingsW
ChangeDisplaySettingsW
LoadStringW
GetSystemMetrics
keybd_event
FindWindowW
ExitWindowsEx
PostMessageW
TrackPopupMenu
SetForegroundWindow
GetCursorPos
RegisterClassExW
SetRectEmpty
EqualRect
GetMessageW
TranslateMessage
CopyRect
EndPaint
DrawIconEx
BeginPaint
CallWindowProcW
SetCursor
SendMessageW
CreateWindowExW
SetWindowPos
GetClientRect
SetWindowTextW
EndDialog
DialogBoxIndirectParamW
DrawTextW
KillTimer
DispatchMessageW
PostQuitMessage
DefWindowProcW
RegisterHotKey
UnregisterHotKey
DestroyWindow
GetParent
SetActiveWindow
GetAsyncKeyState
GetKeyboardState
SystemParametersInfoW
GetWindowLongW
SetWindowLongW
SetFocus
CreateMenu
CreatePopupMenu
AppendMenuW
DestroyMenu
GetWindowThreadProcessId
FindWindowExW
GetSysColor
LoadIconW
DestroyIcon
LoadCursorW
GetKeyState
GetWindowRect
CloseClipboard
GetWindowTextW

gdi32

AddFontResourceW
SetTextColor
SetBkMode
CreateSolidBrush
GetStockObject
CreateFontW
CreateCompatibleDC
GetDeviceCaps
CreateDIBSection
SelectObject
BitBlt
DeleteObject
DeleteDC

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegLoadKeyW
RegUnLoadKeyW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
RegQueryValueExW
RegCloseKey
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
StartServiceW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
BuildExplicitAccessWithNameW
SetEntriesInAclW
ControlService

shell32

DragFinish
ShellExecuteW
DragAcceptFiles
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW
ExtractIconW
DragQueryFileW
SHGetFileInfoW
SHFileOperationW
SHGetSpecialFolderPathW
SHChangeNotify

ole32

CLSIDFromString
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
StringFromCLSID
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
VariantClear

shlwapi

SHGetValueW
SHSetValueW
SHDeleteKeyW
SHDeleteValueW
StrToIntExW
StrStrIW
StrStrW
StrRChrW
StrChrW
StrCmpNIW
StrCmpNW
StrCpyNW
StrCmpNA
StrToIntW

msvcrt

free
??3@YAXPAX@Z
malloc
realloc
memset
memcpy
memmove
??2@YAPAXI@Z
atof
??1type_info@@UAE@XZ
_gcvt

version

GetFileVersionInfoSizeW
GetFileVersionInfoW

setupapi

SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiGetINFClassW
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status
SetupDiChangeState
SetupDiSetClassInstallParamsW
SetupDiOpenClassRegKey
SetupDiClassNameFromGuidW
CM_Request_Device_EjectW
SetupIterateCabinetW

comctl32

ord17

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32289ecef06f744ed5e0785fe039c39e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcrt

version

setupapi

comctl32

Sections

.text Size: 98KB - Virtual size: 98KB

.data Size: 2KB - Virtual size: 14KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 98KB - Virtual size: 98KB

.data
Size: 2KB - Virtual size: 14KB

.rsrc
Size: 36KB - Virtual size: 35KB