f2bb77d7861e726ae46a8818ffaa9efed249f615ac81460c540283beae8e896d

Sharing

Copy URL

Twitter E-mail

General

Target

f2bb77d7861e726ae46a8818ffaa9efed249f615ac81460c540283beae8e896d
Size

5.1MB
MD5

61dba9923645628216307ab2a7e170aa
SHA1

aae02275623f78d39fb5797e8d3d4e321b773585
SHA256

f2bb77d7861e726ae46a8818ffaa9efed249f615ac81460c540283beae8e896d
SHA512

f51d8189e41db08ffa42f4fce9740d3a78cd98f97dc72fa02c25de1351069531d32a97408faca88488be81a137610955ee2f9f1fa211c94d81c09b394326c65a
SSDEEP

98304:iY+OU+wjgJf6PD3Nmn7AJEgLYXMKUCCCNYzQEr0WO0Yk84sWio:42JiPD3Nm7AJEgLYX8CNYzQEr0WO0YkL

Score

N/A

Malware Config

Signatures

Files

f2bb77d7861e726ae46a8818ffaa9efed249f615ac81460c540283beae8e896d
.exe windows x86

7144f69d627b239ff5e5c03de3df5f06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetFileSize
ReadFile
SetFilePointer
DuplicateHandle
GetModuleHandleA
MultiByteToWideChar
TerminateThread
Sleep
OpenProcess
IsBadReadPtr
SetLastError
GetVersionExA
FreeLibrary
WaitForSingleObject
ResumeThread
SetThreadContext
GetThreadContext
CreateEventA
SuspendThread
CopyFileA
GetSystemTime
FindNextFileA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GetSystemDefaultLangID
lstrcpyW
lstrlenW
CreateProcessA
CreateDirectoryA
RemoveDirectoryA
MoveFileA
ExpandEnvironmentStringsA
GetWindowsDirectoryW
InitializeCriticalSection
GetLastError
SetEnvironmentVariableA
CompareStringW
CompareStringA
lstrcatA
FlushFileBuffers
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
InterlockedIncrement
InterlockedDecrement
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentVariableA
HeapSize
HeapReAlloc
UnhandledExceptionFilter
HeapAlloc
TlsAlloc
GetCurrentThreadId
RaiseException
ExitProcess
GetVersion
UnmapViewOfFile
LoadLibraryA
GetProcAddress
CreateFileA
WriteFile
GetCurrentDirectoryA
FindFirstFileA
FindClose
LocalFree
GetCurrentProcessId
GetSystemDirectoryA
SetFileAttributesA
GetModuleFileNameA
VirtualProtect
VirtualAlloc
WinExec
CreateToolhelp32Snapshot
Process32First
Process32Next
Module32First
Module32Next
CloseHandle
GetCurrentProcess
TerminateProcess
DeleteFileA
GetCommandLineA
GetStartupInfoA
HeapFree
RtlUnwind
GetLocalTime
GetTimeZoneInformation
ExitThread
TlsGetValue
TlsSetValue
CreateThread
VirtualFree
lstrcpyA
CreateFileMappingA
MapViewOfFile

user32

MessageBoxA
GetWindowThreadProcessId
SystemParametersInfoA
IsDlgButtonChecked
GetWindow
GetClassNameA
IsWindow
GetTopWindow
IsWindowVisible
FindWindowA
GetWindowTextA
wsprintfA
CheckDlgButton
EnableWindow
SetDlgItemTextA
GetDlgItemTextA
GetClassNameW
EndDialog
GetKeyboardLayoutNameA
GetKeyboardLayoutList
UnloadKeyboardLayout
ReleaseCapture
ClientToScreen
SetCursor
SetCapture
LoadBitmapA
LoadCursorA
WindowFromPoint
GetParent
PtInRect
GetWindowDC
GetWindowRect
OffsetRect
IsRectEmpty
ReleaseDC
DialogBoxParamA
GetClassInfoExA
RegisterClassExA
WaitForInputIdle
PeekMessageA
TranslateMessage
DispatchMessageA
PostMessageA
GetDlgItem
LoadIconA
SendMessageA

gdi32

CreateFontA
PatBlt

advapi32

RegEnumValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
SetEntriesInAclA
BuildExplicitAccessWithNameA
SetNamedSecurityInfoA
RegDeleteKeyA
RegOpenKeyA
RegCloseKey

shell32

ShellExecuteExA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteA

ole32

CoCreateGuid

ws2_32

connect
closesocket
recv
socket
htons
inet_addr
WSAStartup
inet_ntoa
gethostbyname
send
select
__WSAFDIsSet

imm32

ImmGetDescriptionA
ImmIsIME

shlwapi

StrCatW
PathFindFileNameA
PathRemoveFileSpecA
PathFileExistsA
PathFindExtensionA
PathRenameExtensionA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text0
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 996KB - Virtual size: 994KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7144f69d627b239ff5e5c03de3df5f06

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

ws2_32

imm32

shlwapi

version

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 3.8MB - Virtual size: 3.8MB

.data Size: 16KB - Virtual size: 63KB

.text0 Size: 68KB - Virtual size: 64KB

.text1 Size: 996KB - Virtual size: 994KB

.rsrc Size: 68KB - Virtual size: 64KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 3.8MB - Virtual size: 3.8MB

.data
Size: 16KB - Virtual size: 63KB

.text0
Size: 68KB - Virtual size: 64KB

.text1
Size: 996KB - Virtual size: 994KB

.rsrc
Size: 68KB - Virtual size: 64KB