c73fb91e7204c93f31de873529afaee15f91a50ae2ad4de841354128513d6a37

Sharing

Copy URL Twitter E-mail

General

Target

c73fb91e7204c93f31de873529afaee15f91a50ae2ad4de841354128513d6a37
Size

672KB
MD5

fa433fee06957d1893be97a08db74fdd
SHA1

6d8d206cbd2f559f591e0ee2915665aa4ebd9e47
SHA256

c73fb91e7204c93f31de873529afaee15f91a50ae2ad4de841354128513d6a37
SHA512

d9358773e8056ee7e79b39e9320729a1c82ccb37f251baa2951bcfec5b277bdd8727bbf997a68e30ef6e825c977f6effbd9461a3a55be69c3e3a5c594ac3d9ad
SSDEEP

12288:/12n3E6wo6z5FevWIHRe4WP6HrgzwTPd:/12nU6wtz5FeeIHRe48wrgzkd

Score

N/A

Malware Config

Signatures

Files

c73fb91e7204c93f31de873529afaee15f91a50ae2ad4de841354128513d6a37
.exe windows x86

4a51754e5a712b3517d8450de1d58d55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileSize
GetFileTime
ReadFile
WriteFile
LocalFileTimeToFileTime
DosDateTimeToFileTime
FreeLibrary
GetProcAddress
LoadLibraryExA
WaitForSingleObject
CreateProcessA
LoadLibraryA
GetTempPathA
GetWindowsDirectoryA
GetTickCount
SetEvent
OpenEventA
GetPrivateProfileStringA
GetCurrentProcess
GetVersionExA
GetShortPathNameA
GetSystemDirectoryA
WinExec
SetFileTime
SetFileAttributesA
GetPrivateProfileSectionA
MoveFileExA
IsBadWritePtr
IsBadReadPtr
GetPrivateProfileSectionNamesA
WritePrivateProfileSectionA
WritePrivateProfileStringA
RemoveDirectoryA
GlobalFree
GlobalUnlock
GlobalAlloc
SystemTimeToFileTime
GetModuleHandleA
GetVersion
CreateThread
lstrcpynA
Sleep
lstrcmpiA
GetCurrentThreadId
QueryPerformanceFrequency
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcatA
GetCurrentProcessId
CreateFileW
GetLocaleInfoA
LockResource
LoadResource
FindResourceA
CreateFileA
FindFirstFileA
FindClose
GetDiskFreeSpaceA
lstrlenW
EnterCriticalSection
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
SetFilePointer
lstrcmpA
FindNextFileA
CloseHandle
GlobalLock
CreateEventA
LeaveCriticalSection
InterlockedDecrement
LocalFree
InterlockedIncrement
FormatMessageA
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
SetLastError
GetLastError
GetFileAttributesA
MoveFileA
CopyFileA
DeleteFileA
CreateDirectoryA
lstrcpyA
IsBadCodePtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
UnhandledExceptionFilter
HeapSize
HeapReAlloc
TerminateProcess
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
SetUnhandledExceptionFilter
TlsGetValue
TlsAlloc
ExitProcess
GetStartupInfoA
InterlockedExchange
VirtualQuery
VirtualProtect
SearchPathA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
ResetEvent
QueryPerformanceCounter
GetCurrentThread
RtlUnwind
RaiseException
TlsSetValue
ExitThread
HeapAlloc
HeapFree
GetModuleFileNameA

user32

CreateDialogIndirectParamA
SendMessageA
DestroyWindow
GetDlgItem
PeekMessageA
IsDialogMessageA
SetDlgItemTextA
MsgWaitForMultipleObjects
MessageBoxA
WaitForInputIdle
CharNextA
LoadStringA
CharUpperA
ExitWindowsEx
CharLowerBuffA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
PostThreadMessageA
GetDesktopWindow

gdi32

TranslateCharsetInfo
CreateFontIndirectA
DeleteObject
GetObjectA

advapi32

RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegConnectRegistryA
RegDeleteValueA
RegQueryInfoKeyA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenThreadToken
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegQueryValueA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

ole32

StgCreateDocfile
StgOpenStorage
CoUninitialize
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoInitialize
CoGetInterfaceAndReleaseStream
CoTaskMemFree
ProgIDFromCLSID
WriteClassStm
OleSaveToStream
OleLoadFromStream
CreateStreamOnHGlobal
GetRunningObjectTable
CreateItemMoniker
StringFromCLSID
CoRegisterClassObject
CoCreateGuid
CLSIDFromString
CreateFileMoniker
CoReleaseMarshalData
CoMarshalInterface
CoUnmarshalInterface
CoRevokeClassObject

oleaut32

SysStringByteLen
SysAllocStringByteLen
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopyInd
SetErrorInfo
CreateErrorInfo
LoadTypeLi
RegisterTypeLi
SafeArrayCreate
SafeArrayGetElement
SafeArrayDestroy
SafeArrayPutElement
VariantCopy
VariantChangeType
VariantInit
LoadRegTypeLi
SysAllocStringLen
SysStringLen
SysReAllocStringLen
VariantClear
SysAllocString
SysFreeString
SafeArrayCopy

msi

ord31
ord159
ord8
ord160
ord117
ord93
ord112
ord49
ord103
ord124
ord17
ord120
ord73
ord79
ord116
ord75
ord95
ord91
ord87
ord189
ord18
ord46
ord33
ord136
ord144
ord141
ord168
ord7
ord67
ord146

rpcrt4

RpcServerListen
NdrPointerBufferSize
NdrPointerMarshall
NdrPointerFree
NdrServerInitializeNew
NdrConvert
NdrConformantStringUnmarshall
RpcRaiseException
I_RpcGetBuffer
RpcMgmtStopServerListening
RpcServerUnregisterIf
RpcServerUseProtseqEpA
RpcServerRegisterIf

comctl32

ord17

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 436KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4a51754e5a712b3517d8450de1d58d55

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msi

rpcrt4

comctl32

version

Sections

.text Size: 436KB - Virtual size: 432KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 36KB - Virtual size: 122KB

.rsrc Size: 76KB - Virtual size: 73KB

.2rdata Size: 20KB - Virtual size: 20KB

.text
Size: 436KB - Virtual size: 432KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 36KB - Virtual size: 122KB

.rsrc
Size: 76KB - Virtual size: 73KB

.2rdata
Size: 20KB - Virtual size: 20KB