968ef8ca940cc652c163544d9a8c4c87529b50321bbcd9508c866ed8e1143c9f

Sharing

Copy URL Twitter E-mail

General

Target

968ef8ca940cc652c163544d9a8c4c87529b50321bbcd9508c866ed8e1143c9f
Size

292KB
MD5

e1e0369bb77d7d3756dca15673c7cdeb
SHA1

68639f654fbae2c3024d5e1960edfe7c62b45339
SHA256

968ef8ca940cc652c163544d9a8c4c87529b50321bbcd9508c866ed8e1143c9f
SHA512

1e97309c1a73140842c31e2339ddc3a844438807eda7abcc2fae40713134d714a85b2677a169cc5e06ebd527adc866f7d07e8213b77f7d5188a2e95a52ff5769
SSDEEP

6144:kuTJsZrfm7p6tD3y/y1vFhlQYoJK4cZG+d1gvyEaN:LeZrqI1ay1v1ZD

Score

N/A

Malware Config

Signatures

Files

968ef8ca940cc652c163544d9a8c4c87529b50321bbcd9508c866ed8e1143c9f
.exe windows x86

8c686cce9a7a2c7f3b2adffa1dc9fb53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegDeleteKeyW
GetUserNameW
CryptDestroyKey
FreeSid
RegOpenKeyA
CheckTokenMembership
SetEntriesInAclW

comctl32

ImageList_DragEnter
ImageList_GetBkColor
ImageList_BeginDrag
CreateToolbarEx
ImageList_Remove

ole32

OleDuplicateData
OleUninitialize
CoReleaseMarshalData
OleDestroyMenuDescriptor
CreateOleAdviseHolder
GetClassFile
CoMarshalInterThreadInterfaceInStream
OleSaveToStream

user32

InvertRect
GetMenuStringW
DestroyCaret
PeekMessageA
GetMonitorInfoW
CreateDialogIndirectParamA
GetCaretPos
CharLowerBuffW
LoadCursorA
CreateDialogIndirectParamW
ScrollWindowEx
GetFocus
GetMenuItemInfoA
GetSysColorBrush
HideCaret
CharUpperA
GetClipboardData
InsertMenuItemA
LoadBitmapW
RedrawWindow
SendMessageW
SetDlgItemTextA
GetScrollInfo
OffsetRect
GetInputState
SetTimer
DestroyAcceleratorTable
CopyIcon
RemovePropW
SetScrollRange
MessageBoxIndirectW
PostQuitMessage
DrawTextExA
ShowOwnedPopups
ScreenToClient
LockWindowUpdate
GetQueueStatus
EnumThreadWindows
DdeUnaccessData
GetWindowDC
PeekMessageW
ExitWindowsEx
SendMessageTimeoutA
InsertMenuA
GetMessagePos

oleaut32

SysStringLen

version

GetFileVersionInfoSizeW

kernel32

LCMapStringA
GetStringTypeW
GetStringTypeA
LoadLibraryA
HeapReAlloc
GetOEMCP
GetCPInfo
LeaveCriticalSection
HeapAlloc
InterlockedIncrement
InterlockedDecrement
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetCurrentProcess
TerminateProcess
GetLastError
TlsGetValue
VirtualAlloc
GetCommandLineA
GlobalGetAtomNameA
QueueUserWorkItem
LCMapStringW
Sleep
GlobalDeleteAtom
InitializeCriticalSection
GetSystemTimeAsFileTime
SetFilePointerEx
MultiByteToWideChar
SetWaitableTimer
LoadResource
GlobalAddAtomW
GetCurrentThread
WriteFile
CompareStringW
GetProfileStringW
GetStringTypeExW
HeapSize
WaitForSingleObject
GetOverlappedResult
SetEnvironmentVariableA
EnterCriticalSection
GetCurrentDirectoryW
IsBadCodePtr
GetTempFileNameW
GetCurrentDirectoryA
SetErrorMode
lstrcmpA
DosDateTimeToFileTime
GlobalHandle
WriteProfileStringA
SearchPathA
IsBadReadPtr
MoveFileExA
ReleaseMutex
ResetEvent
GetStdHandle
SystemTimeToTzSpecificLocalTime
LocalLock
lstrcpynA
FileTimeToSystemTime
GlobalFindAtomW
LocalFileTimeToFileTime
VerSetConditionMask
SetCurrentDirectoryW
FindNextChangeNotification
MoveFileW
GetTickCount
LocalFree
GetVolumeInformationA
GetConsoleOutputCP
GetSystemDefaultLangID
GetSystemDirectoryW
IsDBCSLeadByte
LoadLibraryExA
SizeofResource
GetVolumeInformationW
GetTimeZoneInformation
GetProcessHeap
EnumResourceLanguagesA
GetSystemInfo
CreateSemaphoreW
RemoveDirectoryA
GetStartupInfoW
GetPrivateProfileStringW
FindCloseChangeNotification
IsDebuggerPresent
GetConsoleMode
GlobalGetAtomNameW
GetACP
FlushInstructionCache
CreateDirectoryW
OutputDebugStringA
CreateProcessA
GlobalUnlock
ExitThread
CreateProcessW
GetLogicalDriveStringsA
GlobalMemoryStatus
ReadFile
ExpandEnvironmentStringsW
LoadLibraryExW
GetTimeFormatW
SuspendThread
IsValidCodePage
GetProcessAffinityMask
OpenProcess
FindFirstFileA
lstrcmpiA
MapViewOfFile
Process32FirstW
IsValidLocale
GetProfileStringA
SetNamedPipeHandleState
HeapFree
SetEnvironmentVariableW
GetNumberFormatW
SetEvent
IsDBCSLeadByteEx
GetEnvironmentStrings
UnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
GetProcAddress
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError

gdi32

GetTextAlign
CreateHalftonePalette
EnumFontFamiliesA
SetDIBColorTable
CreatePen
BitBlt
GetNearestColor
CreateDIBitmap
EnumFontFamiliesExA
CreateFontIndirectA
GetDeviceCaps
ExcludeClipRect
ScaleWindowExtEx
CreateRectRgn
Rectangle
DeleteMetaFile
CreateFontW
CreatePolygonRgn
GetDIBits
SetPixel

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
ExtractIconA

comdlg32

GetSaveFileNameA
ChooseColorA
GetFileTitleW

shlwapi

PathCanonicalizeW
UrlCreateFromPathW
SHDeleteKeyA

Sections

.text
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c686cce9a7a2c7f3b2adffa1dc9fb53

Headers

File Characteristics

Imports

advapi32

comctl32

ole32

user32

oleaut32

version

kernel32

gdi32

shell32

comdlg32

shlwapi

Sections

.text Size: 216KB - Virtual size: 213KB

.data Size: 64KB - Virtual size: 60KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 216KB - Virtual size: 213KB

.data
Size: 64KB - Virtual size: 60KB

.rsrc
Size: 8KB - Virtual size: 4KB