a864672c37bff09c5c8fd21250dd0089c5d5086b1d6e74f60080faf667d786db

Sharing

Copy URL Twitter E-mail

General

Target

a864672c37bff09c5c8fd21250dd0089c5d5086b1d6e74f60080faf667d786db
Size

256KB
MD5

a50bfba753148744e4f2c111ca75ba4a
SHA1

d7dc98cb386f7f459cbd2b662f8e046389b6e9c4
SHA256

a864672c37bff09c5c8fd21250dd0089c5d5086b1d6e74f60080faf667d786db
SHA512

005a3334cce83ae5dc2ec9ad8a4c8bd3151cf1ac9b76b95d0d403d6e031ff78d83d50d25269a23024edc121e9bcd2f8d4ea03239fe8ed08daf5cd96d67c75441
SSDEEP

6144:XMyJTYlndEJS4s32BvfgKwIPB3IgNu3hoJV7yG4/l0GLUtsoS3:Nhwd8qKwIBI2zQ6eUg

Score

N/A

Malware Config

Signatures

Files

a864672c37bff09c5c8fd21250dd0089c5d5086b1d6e74f60080faf667d786db
.exe windows x86

024b1e6cb5ddf493ad5f8357631bc121

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetBinaryTypeA
VirtualAlloc
GetCommandLineA
GlobalReAlloc
SuspendThread
GetWindowsDirectoryA
GetComputerNameW
SizeofResource
GetSystemTimeAsFileTime
ReadConsoleInputW
FindFirstFileW
GetProcessHeap
CreateMutexA
lstrcmpiW
SetTimeZoneInformation
OutputDebugStringW
GetStartupInfoA
GetVersionExA
WriteFile
SetCommTimeouts
VirtualUnlock
GetPrivateProfileStringA
EraseTape
EnumCalendarInfoW
SetFileAttributesA
ExitProcess
GetLongPathNameA
CreateMutexW
DuplicateHandle
VirtualProtect
WritePrivateProfileStringW
ReadConsoleOutputA
ReadConsoleA

user32

UnhookWinEvent
SubtractRect
wsprintfW
GetTitleBarInfo
GetUserObjectInformationA
SetCursor
FindWindowExA
GrayStringA
CloseWindowStation
CharNextExA
UnhookWindowsHook
LoadBitmapW
GetDlgItemTextW
CharLowerBuffA
GetMenuStringA
GetClassNameA
ValidateRgn
GetClassLongA
GetMenuItemInfoA
SendDlgItemMessageW
BroadcastSystemMessageA
ReleaseDC
SendInput
GetWindowThreadProcessId
MonitorFromPoint
IsWindow
CreateAcceleratorTableW
SystemParametersInfoW
SetDlgItemTextW
RemoveMenu
CopyAcceleratorTableA
CloseWindow
keybd_event
IsWindowEnabled
SwapMouseButton
RegisterDeviceNotificationA
DrawCaption
TranslateAcceleratorW
ExcludeUpdateRgn
SetProcessDefaultLayout
LoadCursorA
DefDlgProcW
EndMenu
TabbedTextOutW
PostMessageW
WaitForInputIdle
CallWindowProcW
CopyAcceleratorTableW
GetSysColor
ScrollWindowEx
GetSystemMenu
ShowWindow
OemKeyScan
RegisterHotKey
GetDC
SetActiveWindow
SetRectEmpty
HiliteMenuItem
DefFrameProcW
IntersectRect
SetClipboardViewer
IsCharLowerW
CreateWindowExW
ChildWindowFromPointEx
GetMenuItemInfoW

gdi32

EqualRgn
SetWindowExtEx
RemoveFontResourceW
SetBkColor
SetMapMode
CreateDIBPatternBrush
CreateBrushIndirect
IntersectClipRect
SetDIBColorTable
PlayEnhMetaFile
SetStretchBltMode
GetTextFaceW
CopyMetaFileA
GetSystemPaletteUse
ChoosePixelFormat
EndPage

advapi32

AllocateLocallyUniqueId
StartServiceA
AbortSystemShutdownA
QueryServiceLockStatusW
RegRestoreKeyW
StartServiceW
RegisterServiceCtrlHandlerW
RegCreateKeyExA
RegGetKeySecurity
GetServiceKeyNameW
GetNamedSecurityInfoA
GetUserNameA
RegOpenKeyA
CryptVerifySignatureA
AdjustTokenPrivileges
GetFileSecurityW
QueryServiceObjectSecurity
LookupAccountNameA
OpenSCManagerW
InitializeAcl
ObjectCloseAuditAlarmW
CreateProcessAsUserA
RegSetValueExW
RegNotifyChangeKeyValue
OpenServiceW
GetServiceDisplayNameW
AccessCheckAndAuditAlarmA
DeregisterEventSource
RegSetValueA
EnumServicesStatusW
RegSaveKeyW
GetSecurityDescriptorDacl
CryptReleaseContext
GetSidSubAuthority
GetSecurityDescriptorControl

shell32

ExtractIconExW
SHGetPathFromIDListA
FindExecutableW

ole32

CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoCreateInstanceEx
CoTreatAsClass
PropVariantCopy
OleCreateFromData
OleGetIconOfClass
CoRegisterMallocSpy
CoLockObjectExternal
StgOpenStorage

oleaut32

LoadTypeLi
SafeArrayPutElement
SysFreeString
SysAllocStringLen
QueryPathOfRegTypeLi
SafeArrayGetElement
VariantChangeType

shlwapi

PathIsDirectoryW
StrChrIW
PathIsRelativeA
StrChrA
StrTrimW

Sections

isyeq
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

qewwc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

wwqwgy
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wooaoo
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

024b1e6cb5ddf493ad5f8357631bc121

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

isyeq Size: 8KB - Virtual size: 6KB

qewwc Size: 8KB - Virtual size: 4KB

wwqwgy Size: 232KB - Virtual size: 228KB

wooaoo Size: 4KB - Virtual size: 2KB

isyeq
Size: 8KB - Virtual size: 6KB

qewwc
Size: 8KB - Virtual size: 4KB

wwqwgy
Size: 232KB - Virtual size: 228KB

wooaoo
Size: 4KB - Virtual size: 2KB