972ed54f1da6db7bb55791aec510aed0855c541c4c0aece56e0f8d9ae6424dd1

Sharing

Copy URL Twitter E-mail

General

Target

972ed54f1da6db7bb55791aec510aed0855c541c4c0aece56e0f8d9ae6424dd1
Size

344KB
MD5

b493ddee91c6562f6c945e663ed88423
SHA1

64015d9b6e8de15ceb99386ad3650e4f547ce366
SHA256

972ed54f1da6db7bb55791aec510aed0855c541c4c0aece56e0f8d9ae6424dd1
SHA512

71ca870356a6bb8a7919ca3864ac55a9c9ab2e18ddb8a8264430e49083d261410f711747c5abc559600bbeb974b7bba19ca512ada108836eac4ddaa1dbe63924
SSDEEP

6144:iyo/iWyDkXRq0SLgshW5TYZ6P38a39MBKXmOpRsNfllDwKpBGbTN:mizkhqPLFWCI8Bkz6vD1pE

Score

N/A

Malware Config

Signatures

Files

972ed54f1da6db7bb55791aec510aed0855c541c4c0aece56e0f8d9ae6424dd1
.exe windows x86

2d6333f979e26f121b4525d26563d589

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalReAlloc
OutputDebugStringA
GetFileAttributesA
GetBinaryTypeA
FormatMessageW
Beep
lstrcmpA
GetOEMCP
GetSystemDirectoryW
SetNamedPipeHandleState
CreateWaitableTimerA
lstrcpyA
WritePrivateProfileStringA
TlsGetValue
FreeLibraryAndExitThread
GetNumberFormatW
WriteConsoleOutputW
MoveFileW
CreateMutexA
SetCommTimeouts
CopyFileExW
SetErrorMode
ReadDirectoryChangesW
GetStringTypeExW
SetLastError
GetDiskFreeSpaceW
FindFirstFileW
_llseek
GetUserDefaultLCID
LocalLock
CreateNamedPipeW
CreateIoCompletionPort
MoveFileExA
RemoveDirectoryA
GetDiskFreeSpaceExA
SetHandleCount
ExitThread
GetEnvironmentStringsW
UnmapViewOfFile
GetPrivateProfileStringW
GetDriveTypeA
SetFileTime
_lclose
VirtualProtect
GetVersionExA
WriteFile
VirtualQueryEx
SuspendThread
GetSystemTime
SetConsoleMode
EndUpdateResourceA
SetThreadAffinityMask
GetTapeStatus
GetCommandLineW
GetLargestConsoleWindowSize
CreateEventA
GetFullPathNameA
RaiseException
SetCurrentDirectoryA
ReadConsoleA
SetTimeZoneInformation
EraseTape
GetConsoleMode
lstrcmpiA
QueryDosDeviceA
LocalReAlloc
PrepareTape
CreateMutexW
GetDriveTypeW
GlobalFree
WriteConsoleOutputCharacterA
SetEndOfFile
GetFileAttributesExA
CreateDirectoryW
InitializeCriticalSection
GetTapeParameters
VirtualFree
GetVersion
GetModuleFileNameW
GetCurrentProcessId
GetLongPathNameA
GetModuleHandleA
_lopen
PurgeComm
FindFirstFileA
SetConsoleTitleA
SetConsoleCursorPosition
GetWindowsDirectoryA
LocalAlloc
FatalAppExitA
GetCompressedFileSizeW
GlobalFindAtomW
EnumResourceNamesW
LeaveCriticalSection
GetCommandLineA
lstrlenA
SetConsoleActiveScreenBuffer
ExitProcess

user32

IsDlgButtonChecked
GetWindowLongA
GetSystemMenu
GetUserObjectInformationW
GetMenuItemID
CharUpperBuffA
GetProcessWindowStation
GetClassLongW
ToUnicodeEx
CloseClipboard
DeferWindowPos
SetScrollInfo
CharToOemBuffA
SetTimer
PostThreadMessageW
SetProcessDefaultLayout
GetSystemMetrics

gdi32

GetLayout
GetEnhMetaFileDescriptionA
SetMetaFileBitsEx
GetTextFaceA
GetGlyphOutlineW
SetMapperFlags
CreateFontIndirectA
CreatePolygonRgn
DeleteEnhMetaFile
DeleteDC
IntersectClipRect
PolyDraw
CreateFontA
ExtSelectClipRgn
ModifyWorldTransform
CreatePen

comdlg32

ChooseColorW
PageSetupDlgW

advapi32

GetServiceDisplayNameA
DestroyPrivateObjectSecurity
IsTextUnicode
GetSidLengthRequired
OpenEventLogW
CopySid
SetEntriesInAclW
RegQueryValueA
CloseServiceHandle
ControlService
AccessCheckAndAuditAlarmW
RegisterEventSourceW
CryptDecrypt
RegNotifyChangeKeyValue
SetSecurityDescriptorGroup
IsValidAcl
QueryServiceConfigW
RegLoadKeyW
GetFileSecurityW
RegSetKeySecurity
RegUnLoadKeyW
CreatePrivateObjectSecurity
ImpersonateNamedPipeClient
CryptDeriveKey
LookupPrivilegeDisplayNameA
AbortSystemShutdownA
SetTokenInformation
RegUnLoadKeyA
CryptAcquireContextW
GetCurrentHwProfileW
RegRestoreKeyW

shell32

SHAddToRecentDocs
DragFinish
SHFileOperationW
SHGetPathFromIDListA
FindExecutableW

ole32

OleQueryLinkFromData
GetClassFile

oleaut32

SetErrorInfo
SafeArrayGetElement
VariantChangeType
LoadTypeLibEx
SysAllocStringLen
SafeArrayCreate
LoadTypeLi

comctl32

ImageList_DragLeave
ImageList_BeginDrag
ImageList_GetImageCount

shlwapi

PathCompactPathW
SHRegWriteUSValueW
PathRelativePathToA
SHSetThreadRef
PathIsRootW
PathCommonPrefixW
PathAddExtensionW
PathIsSameRootW
SHRegGetBoolUSValueA
SHOpenRegStream2W
PathAddBackslashW
SHEnumValueW
PathFileExistsA
StrRChrW
SHCreateStreamOnFileW
PathFileExistsW
PathParseIconLocationW
PathStripPathW

setupapi

SetupCloseFileQueue
SetupIterateCabinetW
SetupDiClassGuidsFromNameExA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInterfaces
SetupGetLineTextA
SetupDiGetClassDevsExA
SetupDiBuildClassInfoList
SetupLogErrorA
SetupDiSetDeviceInstallParamsW
SetupCloseInfFile

Sections

kekee
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ysiqqog
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

qugoso
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sewqe
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d6333f979e26f121b4525d26563d589

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

kekee Size: 284KB - Virtual size: 282KB

ysiqqog Size: 8KB - Virtual size: 5KB

qugoso Size: 36KB - Virtual size: 35KB

sewqe Size: 12KB - Virtual size: 10KB

kekee
Size: 284KB - Virtual size: 282KB

ysiqqog
Size: 8KB - Virtual size: 5KB

qugoso
Size: 36KB - Virtual size: 35KB

sewqe
Size: 12KB - Virtual size: 10KB