f43d229a1665bd80440af9dfb9c5b87b388244d9f838ed86cb79025ecdd9607c

Sharing

Copy URL Twitter E-mail

General

Target

f43d229a1665bd80440af9dfb9c5b87b388244d9f838ed86cb79025ecdd9607c
Size

268KB
MD5

2d744288acd51b8cae1d8e8042a9a640
SHA1

25b5e3fef47eb53c885a32550a01909a1d133739
SHA256

f43d229a1665bd80440af9dfb9c5b87b388244d9f838ed86cb79025ecdd9607c
SHA512

62a27737459db484c96b2c384837de925e416d7550472475849a7d14e07e12d70a7caa2f000f0534db7ad73c9ecd5daeae5f9a81a898fb85fd3b70916837c085
SSDEEP

6144:50nnGzsKba/ocsjHCul3n50P9wSS82Y57PZEDlcej:2nn6sKMVsJQPaW7PZEDrj

Score

N/A

Malware Config

Signatures

Files

f43d229a1665bd80440af9dfb9c5b87b388244d9f838ed86cb79025ecdd9607c
.exe windows x86

3cf75354411462cdc130fda55c3d1865

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalReAlloc
ReleaseMutex
GlobalAddAtomW
SetEndOfFile
CreatePipe
GetDriveTypeA
FindFirstFileExW
FreeEnvironmentStringsA
AllocConsole
SetSystemTime
CreateMutexW
GetPrivateProfileStringW
GetTapeParameters
EnumCalendarInfoW
EraseTape
GetModuleHandleA
PrepareTape
IsDBCSLeadByteEx
GetComputerNameW
lstrcpynA
ExitThread
GetCommState
RemoveDirectoryW
GetProfileIntA
FindResourceExA
SetThreadPriorityBoost
ReadConsoleInputW
WriteFile
WaitNamedPipeA
GetTempFileNameA
SetProcessAffinityMask
SetCommTimeouts
EnumCalendarInfoA
GetVersionExA
EnumTimeFormatsW
FindFirstFileW
SetConsoleMode
SetCommMask
FillConsoleOutputCharacterA
VirtualAlloc
OpenMutexA
LocalSize
PulseEvent
CloseHandle
FindFirstFileA
PurgeComm
WritePrivateProfileStructA
GetSystemDirectoryW
SetTimeZoneInformation
GetFileInformationByHandle
ReleaseSemaphore
IsBadStringPtrA
GetOverlappedResult
GetCPInfo
GetTempPathW
ReadConsoleOutputA
VirtualLock
ConnectNamedPipe
_lopen
GetConsoleMode
GetCompressedFileSizeW
CreateEventA
LCMapStringA
CompareStringW
SetEnvironmentVariableW
CreateFileW
GetFileType
LeaveCriticalSection
DuplicateHandle
WritePrivateProfileStringA
GetModuleFileNameW
LocalFileTimeToFileTime
GetVolumeInformationW
ClearCommBreak
WritePrivateProfileSectionA
GetHandleInformation
FindCloseChangeNotification
GetStartupInfoA
lstrcpyA
CancelIo
CreateNamedPipeW
FreeLibrary
GetFileAttributesExA
WriteProcessMemory
SystemTimeToFileTime
GetEnvironmentStringsW
lstrlenA

user32

DrawFrameControl
LoadIconW
EnumWindowStationsA
EnumDisplayMonitors
DefWindowProcW
SetDlgItemInt
GetQueueStatus
GetWindowRect
FindWindowExA
CharLowerBuffW
InvalidateRect
DrawIconEx
GetMenuStringA
CopyAcceleratorTableW
EnumDisplaySettingsExA
EnumDesktopsW
CharPrevA
DrawStateW
GetMenuInfo
IsCharUpperW
GetMenuCheckMarkDimensions
ScrollWindow
GetClassNameA
GrayStringW
ValidateRgn
SetWindowsHookExW
GetCapture
UnionRect
SetFocus
SetWindowsHookW
GetClassLongW
TileWindows

gdi32

FillRgn
PaintRgn
GetMetaFileBitsEx
GetCharWidthA
UpdateColors
SelectClipPath
Ellipse
GetRgnBox
GetTextExtentExPointA
SetRectRgn
PlayMetaFileRecord
GetEnhMetaFileDescriptionA
FillPath
GetEnhMetaFileHeader
RectVisible
CreateMetaFileW
SetAbortProc
RectInRegion
SetEnhMetaFileBits
GetStretchBltMode
GetViewportExtEx

comdlg32

PageSetupDlgA
ChooseFontA
CommDlgExtendedError
GetFileTitleW

advapi32

RegQueryInfoKeyW
RegCreateKeyExW
RegisterServiceCtrlHandlerW
RegQueryValueExA
CryptGetKeyParam
CryptEncrypt
CryptGenKey
LookupPrivilegeValueW
GetPrivateObjectSecurity
AccessCheckAndAuditAlarmW
EnumServicesStatusW
RegQueryInfoKeyA
GetSecurityDescriptorControl
SetServiceStatus
RegRestoreKeyA
CreateServiceA
LookupAccountNameW
RegDeleteKeyW
IsValidAcl
GetServiceDisplayNameA
GetSidLengthRequired
EnumServicesStatusA
CryptGetHashParam
RegLoadKeyW
AddAce
CloseEventLog
RegLoadKeyA

shell32

SHChangeNotify

ole32

MkParseDisplayName
CoTaskMemRealloc
CoMarshalInterface
CoRegisterClassObject
OleCreateFromData
CoImpersonateClient
OleSetContainedObject
OleCreateMenuDescriptor
ReadFmtUserTypeStg

comctl32

ImageList_DragLeave
ImageList_SetDragCursorImage

shlwapi

PathIsDirectoryW
PathRemoveBlanksW
ChrCmpIW
PathGetArgsW
PathIsRootA
SHRegGetBoolUSValueA
PathIsDirectoryEmptyW
SHDeleteValueW
StrChrIW
PathUnquoteSpacesW
PathRemoveFileSpecA
PathIsNetworkPathW
PathCombineA
UrlCanonicalizeW
SHRegWriteUSValueW
PathIsDirectoryA
SHCreateStreamOnFileW

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3cf75354411462cdc130fda55c3d1865

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

shlwapi

msvcrt

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 16KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 16KB