f4959a5a8fa557cd6ea9c9ef21a173ce045665d32e977c19c8c0234df48a3c73

Sharing

Copy URL Twitter E-mail

General

Target

f4959a5a8fa557cd6ea9c9ef21a173ce045665d32e977c19c8c0234df48a3c73
Size

217KB
MD5

fdb2c28d989fb6bd861424fb63a6c447
SHA1

57aeada16026924406a7e400ebf29b3c8011ec24
SHA256

f4959a5a8fa557cd6ea9c9ef21a173ce045665d32e977c19c8c0234df48a3c73
SHA512

15d010c5505584bbd476d2cdddecc25fe9e8457712c3daab99920a48444e7a0b942eb31c481c8dc6ae134668e3646686bf68aa5df996f878afb64ebfe5b18bce
SSDEEP

6144:R1MsmcQYOBoOeub9IdBzNIFWgA/pjT1HuGYNXrDhzF2:XrmcxCoNub2dtzPCXR4

Score

N/A

Malware Config

Signatures

Files

f4959a5a8fa557cd6ea9c9ef21a173ce045665d32e977c19c8c0234df48a3c73
.exe windows x86

1030056c876dd5eaa51c42a75aa21f32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlen
GetLocaleInfoW
IsBadStringPtrW
GetProcAddress
SetComputerNameA
lstrcmpW
LoadResource
GetLogicalDrives
FindAtomW
CreateDirectoryA
WaitForMultipleObjects
GetVersionExA
FatalAppExitW
GetTimeFormatA
lstrcpyn
GetVolumeInformationW
ConnectNamedPipe
GetThreadPriority
OpenSemaphoreA
GetLongPathNameW
GetUserDefaultLCID
GetProcessHeap
SetCalendarInfoW
OpenMutexW
LoadLibraryA
FreeLibrary

user32

GetClassLongA
GetFocus
WinHelpW
UpdateLayeredWindow
EndDialog
CallWindowProcA
GetForegroundWindow
wsprintfW
CheckMenuRadioItem
GetSubMenu
FillRect
GetMenu
ShowCursor
SetWindowRgn
SetWindowPos
CreateMenu
GetKeyState
MonitorFromWindow
GetClassInfoW
SetMenu
GetSysColorBrush
EndMenu
RegisterWindowMessageW
CopyRect
CharUpperW
ChildWindowFromPoint
GetCapture
GetCaretPos
GetClassInfoExA
InsertMenuItemW
GetMenuItemID
RegisterWindowMessageA
wvsprintfW
CascadeWindows
FindWindowA
AdjustWindowRect
GetWindowRect
wsprintfA
GetMessageW
SetWindowTextA
DestroyIcon
GetWindowTextLengthA
UpdateWindow
GetWindowRect
BringWindowToTop
CreateDesktopA
CloseWindow
GetClassLongW
PeekMessageA
MessageBeep

gdi32

CreatePolyPolygonRgn
GetICMProfileW
CreateICA
GetGlyphIndicesW
WidenPath
DeleteDC
CreateDCA
GetTextFaceA
OffsetClipRgn
Arc
SetICMProfileW
CreateDCA

advapi32

RegDeleteValueA
RegOpenKeyW
RegOpenKeyA
RegEnumValueA
RegQueryValueW
RegRestoreKeyA
RegDeleteKeyA
RegDeleteValueW
RegRestoreKeyW
RegFlushKey
RegSaveKeyW
RegSaveKeyA

shell32

ExtractIconA

shlwapi

SHAutoComplete
UrlGetLocationA
StrRetToStrA
SHRegOpenUSKeyA
SHDeleteKeyW
SHRegSetUSValueA
PathSkipRootW
SHStrDupW

ole32

CoGetMalloc
CoDeactivateObject

setupapi

CM_Query_And_Remove_SubTree_ExA
SetupSetDirectoryIdW
SetupSetFileQueueFlags
SetupDiCreateDeviceInfoA
CM_Get_Class_Registry_PropertyW
pSetupUnicodeToMultiByte
CM_Set_DevNode_Registry_Property_ExW
CM_Connect_MachineA
pSetupGetInfSections
SetupGetLineByIndexW

urlmon

RevokeFormatEnumerator

winspool.drv

AddPortExA
AddPrinterW
GetPrinterDriverDirectoryW
GetPrinterDataA
EndPagePrinter
DeviceMode
ConnectToPrinterDlg
SetPortA

oledlg

OleUIUpdateLinksW

sqlunirl

_SendMessage@16
_GetMessage_@16
_AddFontResource_@4
_RegSetValue_@20
_CharUpperBuff_@8
_RegQueryMultipleValues_@20
_DlgDirSelectEx_@16
_GetServiceKeyName_@16
_OpenFile_@12
_GetUserObjectInformation_@20
_ShellAbout_@16
_GetProfileSection_@12
_FindWindow_@8
_ShellExecute_@24
_GetBinaryType_@8
_IsBadStringPtr_@8
_NDdeGetShareSecurity_@24
_SetEnvironmentVariable_@8
_DefFrameProc_@20
_CreateIC_@16
_ExpandEnvironmentStrings_@12
_RegisterEventSource_@8
_ChangeServiceConfig_@44

Sections

.vuryD
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rXIPQ
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SnO
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.D
Size: 3KB - Virtual size: 383KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.I
Size: 4KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vxI
Size: 5KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Khn
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1030056c876dd5eaa51c42a75aa21f32

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

ole32

setupapi

urlmon

winspool.drv

oledlg

sqlunirl

Sections

.vuryD Size: 4KB - Virtual size: 4KB

.rXIPQ Size: 83KB - Virtual size: 82KB

.SnO Size: 12KB - Virtual size: 12KB

.D Size: 3KB - Virtual size: 383KB

.I Size: 4KB - Virtual size: 50KB

.vxI Size: 5KB - Virtual size: 284KB

.Khn Size: 84KB - Virtual size: 83KB

.data Size: 10KB - Virtual size: 296KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1024B - Virtual size: 1024B

.vuryD
Size: 4KB - Virtual size: 4KB

.rXIPQ
Size: 83KB - Virtual size: 82KB

.SnO
Size: 12KB - Virtual size: 12KB

.D
Size: 3KB - Virtual size: 383KB

.I
Size: 4KB - Virtual size: 50KB

.vxI
Size: 5KB - Virtual size: 284KB

.Khn
Size: 84KB - Virtual size: 83KB

.data
Size: 10KB - Virtual size: 296KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1024B - Virtual size: 1024B