ac5c3e129c721e1fd9b7f6d4e372d8c75ba1196805f115f7ea62c27d941e7dd6

Sharing

Copy URL Twitter E-mail

General

Target

ac5c3e129c721e1fd9b7f6d4e372d8c75ba1196805f115f7ea62c27d941e7dd6
Size

716KB
MD5

c4e2be98d2babb5fb15b48d2e9433903
SHA1

d31efcc227c35126857e7242a7a5dd0d99b1bf5c
SHA256

ac5c3e129c721e1fd9b7f6d4e372d8c75ba1196805f115f7ea62c27d941e7dd6
SHA512

b6db9467dca17306b9792bac8194fbd3642224fd4d3fca4e927bbf05f93042ed2a66cd73e140367e4ffd3e8a67f8e3c9ec47858a315029a671e655ba4160b97f
SSDEEP

12288:07vUqQRcWmObDtilmWUlSF60w6mMERiYx9gcxFeaZ4lefkQ8XO33B:07vURRDbkg8FCKsi4gPW4lYkQ0g

Score

N/A

Malware Config

Signatures

Files

ac5c3e129c721e1fd9b7f6d4e372d8c75ba1196805f115f7ea62c27d941e7dd6
.exe windows x86

b2d6eab17ded57bc1b62d235ca845876

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallNextHookEx
GetWindowPlacement
CopyIcon
LoadBitmapA
IsWindow
SetScrollPos
TranslateAcceleratorA
MessageBeep
GetMenuItemCount
LoadCursorA
RegisterClassExA
CharNextA
DefWindowProcA
HideCaret
IntersectRect
DestroyWindow
MessageBoxA
GetCapture
SetRectEmpty
ShowWindow
DrawTextA
CallWindowProcA
OffsetRect
LoadStringA
RegisterClassA
CreateWindowExA

winspool.drv

EndDocPrinter
EndPagePrinter
OpenPrinterA
StartPagePrinter
WritePrinter

comctl32

ImageList_Add
_TrackMouseEvent
ImageList_GetImageInfo
InitCommonControlsEx

gdi32

SetStretchBltMode
SetViewportExtEx
Polyline
MoveToEx
CreateFontA
SetTextCharacterExtra
GetWindowExtEx
CreateSolidBrush
CreateBitmap
PtInRegion
SetAbortProc
GetRegionData
PolyBezierTo
CreateHalftonePalette
CreateEllipticRgnIndirect
MaskBlt
CopyMetaFileA
GetTextColor
GetDeviceCaps
PaintRgn
GetStockObject
IntersectClipRect
StrokeAndFillPath
DeleteMetaFile
GetPaletteEntries
FloodFill
DPtoLP
GetClipBox
GetPixel
GetObjectA
SetBkColor
StretchBlt
SetRectRgn
SetViewportOrgEx
ExtFloodFill
PathToRegion
SetPixelV
LineTo
CreateDCA
SelectClipPath
Arc
SetBkMode
CreateRoundRectRgn
GetROP2
CreateRectRgn
ResetDCA
CreatePalette

winmm

sndPlaySoundA

advapi32

GetUserNameA
RegCreateKeyExA
RegQueryValueExA
RegDeleteValueA
OpenProcessToken
RegOpenKeyExA
RegCloseKey
GetSidSubAuthority
AllocateAndInitializeSid
RegOpenKeyA
RegQueryInfoKeyA
RegSetKeySecurity
GetSidSubAuthorityCount
GetTokenInformation
RegCreateKeyA
RegSetValueExA
GetSidIdentifierAuthority
RegEnumValueA
SetSecurityDescriptorDacl
RegGetKeySecurity
RegDeleteKeyA
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
RegEnumKeyA
FreeSid

kernel32

WaitForSingleObject
SetHandleCount
HeapSize
LCMapStringA
LoadLibraryA
GetStartupInfoA
ExitThread
GetFileAttributesA
GetCurrentProcess
GetLocaleInfoA
Sleep
HeapReAlloc
GetFileType
lstrcatA
GlobalGetAtomNameA
GetVersion
InterlockedDecrement
GetACP
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateMutexA
SuspendThread
GetProcAddress
SetEndOfFile
IsValidLocale
ResumeThread
HeapDestroy
SetLastError
RtlUnwind
SetFilePointer
ExpandEnvironmentStringsA
WritePrivateProfileStringA
VirtualQuery
GetUserDefaultLCID
GetModuleHandleA
InitializeCriticalSection
WideCharToMultiByte
TlsGetValue
FileTimeToLocalFileTime
DeleteFileA
WriteFile
IsDebuggerPresent
GetProfileIntA
GetEnvironmentStringsW
GetCPInfo
CloseHandle
FlushFileBuffers
GetTickCount
ConvertDefaultLocale
GetEnvironmentStrings
HeapFree
GetStringTypeA
GetStringTypeW
SetStdHandle
EnterCriticalSection
FindNextFileA
GlobalHandle
GetTimeFormatA
CopyFileA
lstrcpynA
GetFileTime
LockResource
GetCurrentThreadId
HeapAlloc
ReadFile
SetEnvironmentVariableA
GetSystemInfo
WriteConsoleA
GlobalSize
LocalFree
MultiByteToWideChar
GlobalFree
TlsAlloc
MulDiv
CompareStringA
TlsFree
FindResourceA
GetLogicalDriveStringsA
RaiseException
GetCommandLineA
GetSystemTimeAsFileTime
IsBadWritePtr
SetCurrentDirectoryA
GetModuleFileNameA
HeapCreate
CompareStringW
IsBadCodePtr
FreeEnvironmentStringsA
LeaveCriticalSection
QueryPerformanceCounter
GlobalAlloc
GetVolumeInformationA
GetCurrentProcessId
GetCurrentDirectoryA
FindClose
GetVersionExA
GetStdHandle
GlobalReAlloc
GetTimeZoneInformation
TerminateProcess
VirtualProtect
GetLastError
lstrcmpA
LCMapStringW
lstrlenW
FreeEnvironmentStringsW
VirtualAlloc
GetDateFormatA
CreateFileA
GetDriveTypeA
ExitProcess
TlsSetValue
DeleteCriticalSection
DuplicateHandle
VirtualFree
GetOEMCP
GetTempPathA
FindFirstFileA
InterlockedIncrement
InterlockedExchange
LocalAlloc

ole32

OleRun
CoRevokeClassObject
GetRunningObjectTable
RegisterDragDrop
CreateBindCtx
StringFromCLSID
CreateDataAdviseHolder

shell32

ShellExecuteA
Shell_NotifyIconA
ExtractIconA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
DragQueryFileA
SHGetFileInfoA

comdlg32

GetOpenFileNameA
GetOpenFileNameW

wininet

FtpOpenFileA
InternetCloseHandle
InternetReadFile
InternetSetFilePointer
HttpQueryInfoA
InternetConnectA
InternetSetStatusCallback
FtpSetCurrentDirectoryA

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 473KB - Virtual size: 473KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2d6eab17ded57bc1b62d235ca845876

Headers

File Characteristics

Imports

user32

winspool.drv

comctl32

gdi32

winmm

advapi32

kernel32

ole32

shell32

comdlg32

wininet

Sections

.text Size: 84KB - Virtual size: 84KB

.rdata Size: 473KB - Virtual size: 473KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 53KB - Virtual size: 52KB

.text
Size: 84KB - Virtual size: 84KB

.rdata
Size: 473KB - Virtual size: 473KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 53KB - Virtual size: 52KB