d66c9555b31083e70cd3f9d9ad33bcca623df5d35cf7f07105c62bb8f091736a

Sharing

Copy URL Twitter E-mail

General

Target

d66c9555b31083e70cd3f9d9ad33bcca623df5d35cf7f07105c62bb8f091736a
Size

672KB
MD5

049a13b14e2672eb06b1eb95e2d0417c
SHA1

71d03c866f3fd8075fe958d37bdb61d2ed7a5420
SHA256

d66c9555b31083e70cd3f9d9ad33bcca623df5d35cf7f07105c62bb8f091736a
SHA512

64f357bfecff7c0cb1a97e9ec063c99d4b923cf75220b9b6b2cc4289e1001af3bc5e3095d38018b10be452d7b93c06389716e79bc664b095dcc77662dbba1902
SSDEEP

6144:1Xph12mLZE3E6bUo6z5Ff2av6Z8JIHRecH63RP6XUpsayikfgeveHiJXzn:l12n3E6wo6z5FelWIHRe4YP6Hrgzw

Score

N/A

Malware Config

Signatures

Files

d66c9555b31083e70cd3f9d9ad33bcca623df5d35cf7f07105c62bb8f091736a
.exe windows x86

4a51754e5a712b3517d8450de1d58d55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileSize
GetFileTime
ReadFile
WriteFile
LocalFileTimeToFileTime
DosDateTimeToFileTime
FreeLibrary
GetProcAddress
LoadLibraryExA
WaitForSingleObject
CreateProcessA
LoadLibraryA
GetTempPathA
GetWindowsDirectoryA
GetTickCount
SetEvent
OpenEventA
GetPrivateProfileStringA
GetCurrentProcess
GetVersionExA
GetShortPathNameA
GetSystemDirectoryA
WinExec
SetFileTime
SetFileAttributesA
GetPrivateProfileSectionA
MoveFileExA
IsBadWritePtr
IsBadReadPtr
GetPrivateProfileSectionNamesA
WritePrivateProfileSectionA
WritePrivateProfileStringA
RemoveDirectoryA
GlobalFree
GlobalUnlock
GlobalAlloc
SystemTimeToFileTime
GetModuleHandleA
GetVersion
CreateThread
lstrcpynA
Sleep
lstrcmpiA
GetCurrentThreadId
QueryPerformanceFrequency
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcatA
GetCurrentProcessId
CreateFileW
GetLocaleInfoA
LockResource
LoadResource
FindResourceA
CreateFileA
FindFirstFileA
FindClose
GetDiskFreeSpaceA
lstrlenW
EnterCriticalSection
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
SetFilePointer
lstrcmpA
FindNextFileA
CloseHandle
GlobalLock
CreateEventA
LeaveCriticalSection
InterlockedDecrement
LocalFree
InterlockedIncrement
FormatMessageA
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
SetLastError
GetLastError
GetFileAttributesA
MoveFileA
CopyFileA
DeleteFileA
CreateDirectoryA
lstrcpyA
IsBadCodePtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
UnhandledExceptionFilter
HeapSize
HeapReAlloc
TerminateProcess
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
SetUnhandledExceptionFilter
TlsGetValue
TlsAlloc
ExitProcess
GetStartupInfoA
InterlockedExchange
VirtualQuery
VirtualProtect
SearchPathA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
ResetEvent
QueryPerformanceCounter
GetCurrentThread
RtlUnwind
RaiseException
TlsSetValue
ExitThread
HeapAlloc
HeapFree
GetModuleFileNameA

user32

CreateDialogIndirectParamA
SendMessageA
DestroyWindow
GetDlgItem
PeekMessageA
IsDialogMessageA
SetDlgItemTextA
MsgWaitForMultipleObjects
MessageBoxA
WaitForInputIdle
CharNextA
LoadStringA
CharUpperA
ExitWindowsEx
CharLowerBuffA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
PostThreadMessageA
GetDesktopWindow

gdi32

TranslateCharsetInfo
CreateFontIndirectA
DeleteObject
GetObjectA

advapi32

RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegConnectRegistryA
RegDeleteValueA
RegQueryInfoKeyA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenThreadToken
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegQueryValueA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

ole32

StgCreateDocfile
StgOpenStorage
CoUninitialize
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoInitialize
CoGetInterfaceAndReleaseStream
CoTaskMemFree
ProgIDFromCLSID
WriteClassStm
OleSaveToStream
OleLoadFromStream
CreateStreamOnHGlobal
GetRunningObjectTable
CreateItemMoniker
StringFromCLSID
CoRegisterClassObject
CoCreateGuid
CLSIDFromString
CreateFileMoniker
CoReleaseMarshalData
CoMarshalInterface
CoUnmarshalInterface
CoRevokeClassObject

oleaut32

SysStringByteLen
SysAllocStringByteLen
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopyInd
SetErrorInfo
CreateErrorInfo
LoadTypeLi
RegisterTypeLi
SafeArrayCreate
SafeArrayGetElement
SafeArrayDestroy
SafeArrayPutElement
VariantCopy
VariantChangeType
VariantInit
LoadRegTypeLi
SysAllocStringLen
SysStringLen
SysReAllocStringLen
VariantClear
SysAllocString
SysFreeString
SafeArrayCopy

msi

ord31
ord159
ord8
ord160
ord117
ord93
ord112
ord49
ord103
ord124
ord17
ord120
ord73
ord79
ord116
ord75
ord95
ord91
ord87
ord189
ord18
ord46
ord33
ord136
ord144
ord141
ord168
ord7
ord67
ord146

rpcrt4

RpcServerListen
NdrPointerBufferSize
NdrPointerMarshall
NdrPointerFree
NdrServerInitializeNew
NdrConvert
NdrConformantStringUnmarshall
RpcRaiseException
I_RpcGetBuffer
RpcMgmtStopServerListening
RpcServerUnregisterIf
RpcServerUseProtseqEpA
RpcServerRegisterIf

comctl32

ord17

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 436KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4a51754e5a712b3517d8450de1d58d55

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msi

rpcrt4

comctl32

version

Sections

.text Size: 436KB - Virtual size: 432KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 36KB - Virtual size: 122KB

.rsrc Size: 76KB - Virtual size: 73KB

.2rdata Size: 20KB - Virtual size: 20KB

.text
Size: 436KB - Virtual size: 432KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 36KB - Virtual size: 122KB

.rsrc
Size: 76KB - Virtual size: 73KB

.2rdata
Size: 20KB - Virtual size: 20KB