f212a29f2e6ecb96f783087aef5e77cfb81db5076402672ad2edfbdb44c08543

Sharing

Copy URL Twitter E-mail

General

Target

f212a29f2e6ecb96f783087aef5e77cfb81db5076402672ad2edfbdb44c08543
Size

406KB
MD5

b3d9da10c5cf5c551e2a9168dbba6456
SHA1

af016a2ecd131b49065452cae7f0ef2509b95de0
SHA256

f212a29f2e6ecb96f783087aef5e77cfb81db5076402672ad2edfbdb44c08543
SHA512

0049ff5dee4573ce01d449c6dc2b66d72ec88d9acef2d58bf23016fd0300269714d0887de9aa5afae8acafcb8c5df537d5fc3f5f449e1a9caf12d96f31d5eac2
SSDEEP

12288:6ge0qk7X6ijT5Ii9vZ11/st/3sjHEWEaifp/p:b3X6iXF/IO9EaM

Score

N/A

Malware Config

Signatures

Files

f212a29f2e6ecb96f783087aef5e77cfb81db5076402672ad2edfbdb44c08543
.exe windows x86

841ca820071290c28ad1ca119b70625d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumChildWindows
ScreenToClient
GetDC
GetDlgItem
wvsprintfA
DialogBoxParamA
KillTimer
GetWindowLongA
CharUpperA
GetClientRect
CharLowerA
SetTimer
InvalidateRect
EndPaint
CreateDialogParamA
SetFocus
GetSystemMetrics
RegisterClassA
LoadStringA
BeginPaint
GetCursorPos
GetWindowTextLengthA
MoveWindow
GetWindowTextA
GetParent
IsIconic
GetClassNameA
PtInRect
wsprintfA
GetMenuItemID
SetRect
MessageBoxA
EnableWindow
ReleaseDC
LoadBitmapA
UnhookWindowsHookEx
SetWindowPos
LoadCursorA
SetDlgItemInt
PostMessageA
SetWindowLongA
IsWindow
SendMessageA
GetWindowRect
CallWindowProcA
OffsetRect
ClipCursor
DestroyWindow
GetSysColor
GetDlgItemInt
SetCursor
DeleteMenu
InsertMenuA
SetWindowTextA
SendDlgItemMessageA
ReleaseCapture
CallNextHookEx
SetWindowsHookExA
FillRect
EndDialog
CharNextA
WinHelpA
SetCapture
CharPrevA
ClientToScreen
SystemParametersInfoA
ShowWindow
GetDesktopWindow
DefWindowProcA
GetWindowPlacement
CreateWindowExA

advpack

RegInstall
DelNode

kernel32

GetVersion
GetCPInfo
WriteFile
IsBadReadPtr
_lclose
ReleaseSemaphore
FreeEnvironmentStringsW
GetFileAttributesA
CreateDirectoryA
InterlockedIncrement
VirtualFree
GetStartupInfoA
RtlUnwind
WaitForSingleObject
HeapReAlloc
GlobalFree
WritePrivateProfileStringA
GetTempPathA
GlobalMemoryStatus
IsBadCodePtr
GetLocaleInfoA
CreateSemaphoreA
GetCurrentProcessId
SetLastError
GetTickCount
GetVersionExA
CompareStringA
GetVolumeInformationA
FlushFileBuffers
IsDBCSLeadByte
GetWindowsDirectoryA
CompareStringW
FindNextFileA
GetTimeZoneInformation
SetEndOfFile
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetUserDefaultLCID
HeapFree
GetEnvironmentStrings
LocalReAlloc
DebugBreak
GetFileSize
DisableThreadLibraryCalls
lstrcpyA
GetStdHandle
GetProcAddress
GetStringTypeA
FindClose
EnterCriticalSection
HeapCreate
GlobalHandle
FreeLibrary
GetModuleHandleA
LocalFree
SetFilePointer
CloseHandle
LeaveCriticalSection
FatalAppExitA
WideCharToMultiByte
lstrcpynA
GlobalLock
LocalAlloc
HeapSize
GetLastError
CreateFileA
CreateFileMappingA
lstrlenW
lstrcmpiA
GetSystemDirectoryA
GetOEMCP
SetHandleCount
SearchPathA
GetSystemTime
TlsFree
GetSystemDefaultLangID
GetLocalTime
InterlockedDecrement
LCMapStringW
HeapDestroy
GlobalAlloc
TerminateProcess
_lwrite
GetSystemTimeAsFileTime
GetFullPathNameA
LoadLibraryA
GetFileType
GetLocaleInfoW
_lopen
FreeEnvironmentStringsA
SetCurrentDirectoryA
FindFirstFileA
GetModuleFileNameA
FormatMessageA
ExitProcess
MapViewOfFile
OpenFile
lstrlenA
MultiByteToWideChar
SetEnvironmentVariableA
_lread
CreateThread
GetCurrentThreadId
IsBadWritePtr
LCMapStringA
TlsGetValue
ExitThread
lstrcatA
GetTempFileNameA
TlsSetValue
DeleteFileA
HeapAlloc
SetStdHandle
ReadFile
_llseek
RaiseException
TlsAlloc
GetCurrentProcess
GetPrivateProfileStringA
InitializeCriticalSection
GetCurrentDirectoryA
GetCommandLineA
VirtualAlloc
DeleteCriticalSection
MulDiv
GetACP
Sleep
GetStringTypeW

gdi32

StretchDIBits
SelectPalette
SetBkMode
CreateRectRgnIndirect
SetTextColor
CreatePalette
GetDIBits
CreateSolidBrush
CreateCompatibleDC
CreateBitmap
GetPaletteEntries
SelectObject
SelectClipRgn
CreateDIBSection
SetViewportExtEx
SetBkColor
DeleteMetaFile
SetViewportOrgEx
DeleteDC
BitBlt
CreateHalftonePalette
GetDeviceCaps
GetTextExtentPointA
RealizePalette
SetMetaFileBitsEx
PatBlt
CreateDCA
CreateCompatibleBitmap
CreatePatternBrush
PlayMetaFile
CreateICA
GetObjectA
SetMapMode
CreateFontA
GetTextMetricsA
CreateFontIndirectA
ExtTextOutA
SaveDC
RestoreDC
CreatePen
DeleteObject

version

GetFileVersionInfoA
VerQueryValueA

advapi32

RegCloseKey
RegSetValueExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyA
RegCreateKeyExA
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

841ca820071290c28ad1ca119b70625d

Headers

DLL Characteristics

File Characteristics

Imports

user32

advpack

kernel32

gdi32

version

advapi32

shell32

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 34KB - Virtual size: 2.4MB

.reloc Size: 512B - Virtual size: 28B

.rdata Size: 49KB - Virtual size: 49KB

.rsrc Size: 313KB - Virtual size: 312KB

.idata Size: 6KB - Virtual size: 6KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 34KB - Virtual size: 2.4MB

.reloc
Size: 512B - Virtual size: 28B

.rdata
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 313KB - Virtual size: 312KB

.idata
Size: 6KB - Virtual size: 6KB