8745987b892357dc6fbe1d84904ec325ce9d3f98bd22f1d965fd0148fa9487e5

Sharing

Copy URL Twitter E-mail

General

Target

8745987b892357dc6fbe1d84904ec325ce9d3f98bd22f1d965fd0148fa9487e5
Size

396KB
MD5

56aa74bd7bd801667c926b44b039b81f
SHA1

610db49e08caea5e0f2bca79a7ccf6082c0aa619
SHA256

8745987b892357dc6fbe1d84904ec325ce9d3f98bd22f1d965fd0148fa9487e5
SHA512

450bea1c44e3c8e18dacc19bd3ae6856e73c4ebe51b861dbca446a6cb2c744dc2f7d44a423b82869fe6f02f865cf6da55a69e2fc07535c67a3160b2eca0e701c
SSDEEP

6144:6VwFXClG8k3Qd4oxr62qi2tJC7AHU2hfeg7TeyiYhAWY7tu2rPHfwgb0G1HnhO:jFckgNxWLt7pfUeQdfwm1B

Score

N/A

Malware Config

Signatures

Files

8745987b892357dc6fbe1d84904ec325ce9d3f98bd22f1d965fd0148fa9487e5
.exe windows x86

ab15db4e46a5a5d9a0831b84225fdbf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
GetTempFileNameA
FindNextChangeNotification
LocalFileTimeToFileTime
GetDateFormatA
GetConsoleCursorInfo
FindCloseChangeNotification
GlobalFindAtomA
GetThreadContext
QueryDosDeviceW
ReadConsoleA
OutputDebugStringA
GetTempPathW
RemoveDirectoryW
EnumResourceLanguagesW
OpenSemaphoreW
WritePrivateProfileSectionW
FindResourceExW
SetThreadAffinityMask
FreeLibrary
GetOverlappedResult
GetLocaleInfoW
WriteConsoleOutputW
GetCommandLineW
GetACP
_lclose
GetProcessTimes
SetProcessWorkingSetSize
GlobalFlags
GetCPInfo
SetMailslotInfo
PeekNamedPipe
WriteConsoleOutputCharacterA
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
OpenFile
CreateWaitableTimerA
CreateMutexW
SetConsoleCursorPosition
lstrcpynA
FormatMessageA
GetComputerNameW
CopyFileExW
VirtualUnlock
GetCurrentProcessId
CreateNamedPipeW
SetProcessShutdownParameters
lstrcpyA
GetCompressedFileSizeW
ReadConsoleInputW
EnumDateFormatsW
DosDateTimeToFileTime
CreateDirectoryExA
GetFileInformationByHandle
GetModuleHandleA
TlsGetValue
VirtualProtect
GetVersionExA
GetCommandLineA
EnumCalendarInfoA
GetSystemInfo
MultiByteToWideChar
GetUserDefaultLCID
WriteFile
EnumSystemCodePagesW
GetFileAttributesA
LoadLibraryExW
GlobalDeleteAtom
lstrcmpA
SetTimeZoneInformation
GetCommConfig
ReleaseSemaphore
GlobalReAlloc
SuspendThread
FindFirstFileA
RemoveDirectoryA
CreateFileW
GetCurrentDirectoryW
GlobalGetAtomNameW
SetProcessAffinityMask
CreateDirectoryW
ExitThread
RaiseException
SetConsoleTitleA
CloseHandle
lstrcmpiA
GetShortPathNameW
SizeofResource
ConnectNamedPipe
SetFileTime
GetVolumeInformationW
CreateEventA
lstrlenA
VirtualAlloc
GetConsoleMode
ExitProcess

user32

GetClipboardData
GetTitleBarInfo
CharUpperBuffA
ChangeDisplaySettingsExA
RegisterClassExA
SystemParametersInfoA
MessageBoxIndirectW
GetClipboardViewer
ToUnicode
ChangeMenuW
DragDetect
IsMenu
DefMDIChildProcA
LoadMenuIndirectA
GetSystemMetrics
CreateAcceleratorTableW
UnloadKeyboardLayout
MenuItemFromPoint
GetInputState
BringWindowToTop
GetDlgItemTextA
DefDlgProcW
GetSysColor
SetWindowRgn
CharPrevA
OpenDesktopW
FindWindowExA
SetMenuItemBitmaps
MessageBoxA
IsCharAlphaA
TrackPopupMenuEx
GetMessageA
GetWindowThreadProcessId
BroadcastSystemMessageA
CharToOemBuffA
EnableMenuItem
mouse_event
LoadCursorW
FillRect
SetSysColors
MonitorFromPoint
EmptyClipboard
MonitorFromRect
InflateRect
GetDoubleClickTime
MsgWaitForMultipleObjectsEx
GetDlgItem
GetProcessDefaultLayout
MapVirtualKeyA
MoveWindow
TabbedTextOutA
GetClassNameA
CharLowerBuffW
ShowScrollBar

gdi32

EndPage
FrameRgn
RealizePalette
GetTextExtentExPointW
SetViewportOrgEx
ExtSelectClipRgn
PtVisible
Escape
ExtTextOutA
SetPixel
BeginPath
ChoosePixelFormat
CreateCompatibleBitmap
FillPath
Polyline
Arc

comdlg32

ChooseColorA
GetSaveFileNameW

advapi32

LookupAccountSidA
AbortSystemShutdownA
CreateProcessAsUserA
GetSecurityDescriptorGroup
StartServiceCtrlDispatcherA
LookupAccountNameA
RegFlushKey
QueryServiceObjectSecurity
ImpersonateNamedPipeClient
RegSetKeySecurity
GetAce
CryptAcquireContextA
GetExplicitEntriesFromAclW
RegDeleteKeyA
DuplicateTokenEx
RegConnectRegistryW
ObjectCloseAuditAlarmW

shell32

SHLoadInProc
SHBrowseForFolderA
DragFinish
FindExecutableA

ole32

StgCreateStorageEx
CoReleaseMarshalData
WriteClassStg
CoImpersonateClient
OleConvertIStorageToOLESTREAM
CoDisconnectObject

oleaut32

VariantCopy

comctl32

ImageList_Destroy

shlwapi

PathRemoveFileSpecW
StrChrIA
PathQuoteSpacesA

Sections

.text
Size: 336KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ab15db4e46a5a5d9a0831b84225fdbf8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 336KB - Virtual size: 334KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 48KB - Virtual size: 46KB

.text
Size: 336KB - Virtual size: 334KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 48KB - Virtual size: 46KB