b29284ed9a5ee49222261c2b205aa8d1dd43bbf3d6e3197c60b1e92581be9880

Sharing

Copy URL

Twitter E-mail

General

Target

b29284ed9a5ee49222261c2b205aa8d1dd43bbf3d6e3197c60b1e92581be9880
Size

304KB
MD5

366b3bd4a013aafef4f12f1316f35107
SHA1

9d446c844d0c307f52be32a952b609bb2925368a
SHA256

b29284ed9a5ee49222261c2b205aa8d1dd43bbf3d6e3197c60b1e92581be9880
SHA512

69044c674d63e40de40d71e93a32734ca6750a96a594e0074044f415eef9a82c51a165ecd7274a75c7b3f1fa6162dfa07a4c75a30134349cb1aa1556c6143623
SSDEEP

6144:kcXlK4wFuk6c9oBJbszio36UPJnbgH0eJu8o2q5aLEMdM/w:tXlK3x96Z613JtgPJo2q8AM2/w

Score

N/A

Malware Config

Signatures

Files

b29284ed9a5ee49222261c2b205aa8d1dd43bbf3d6e3197c60b1e92581be9880
.exe windows x86

b8079d9a5768f13f2bbc17daec817437

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathA

ole32

CoCreateInstance

user32

PeekMessageA
CharPrevA
DispatchMessageA
GetWindowRect
MsgWaitForMultipleObjects
GetDesktopWindow
AppendMenuA
wsprintfA
SendMessageA
TranslateMessage
CharUpperA

shlwapi

PathRemoveFileSpecA

shell32

SHCreateDirectoryExA

advapi32

SetSecurityDescriptorDacl
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegCloseKey
CloseServiceHandle
InitializeSecurityDescriptor
RegConnectRegistryA
RegOpenKeyExA
OpenServiceA
QueryServiceStatus
OpenSCManagerA
RegSetValueExA
GetUserNameA
RegEnumKeyExA

mapi32

ord183
ord75
ord129
ord13
ord17
ord137
ord135
ord174
ord140
ord60
ord139
ord185
ord15

kernel32

LoadLibraryExA
FindClose
GetLocalTime
WaitForSingleObject
CreateEventA
GetFileSize
LeaveCriticalSection
lstrcpyA
CreateMutexA
lstrcmpA
ReleaseMutex
WaitForMultipleObjects
FreeLibrary
WideCharToMultiByte
FileTimeToSystemTime
OutputDebugStringA
SetFilePointer
WriteFile
SetLastError
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
lstrlenW
ResetEvent
lstrcpynA
GetShortPathNameA
GetACP
CreateSemaphoreA
SetThreadPriority
CreateFileA
GetSystemTime
lstrlenA
SystemTimeToFileTime
CloseHandle
ReadFile
CreateThread
GetModuleHandleA
GetTempFileNameA
FormatMessageA
FindFirstFileA
OpenFile
OpenEventA
GlobalAlloc
ReleaseSemaphore
lstrcpyW
DeleteFileW
FindNextFileA
GlobalFree
CreateFileW
lstrcmpW
VirtualAllocEx

msvcrt

_mbscmp
wcscpy
isdigit
strncpy
_snprintf
_strlwr
fread
sscanf
_CxxThrowException
wcslen
_mbsdec
strlen
strcpy
strcspn
free
_wcsicmp
fclose
sprintf
_stricmp
fgets
_itoa
_makepath
wcscspn
_strcmpi
wcsncpy
_mbsicmp
memcmp
_mbsrchr
_mbsnbicmp
_splitpath
_access
strncmp
wcscat
atoi
memcpy
fwrite
strchr
wcscmp
_strnicmp
__CxxFrameHandler
abs
__dllonexit
_mbschr
_mbsnbcpy
_mbsnbcat
_wcsnicmp
_mbsinc
malloc
memmove
strcat
_mbsnbcmp
_snwprintf
calloc
_onexit
strstr
fopen
_initterm
localtime
memset

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

comctl32

ImageList_LoadImageA
ImageList_SetBkColor
ImageList_DragMove
ImageList_GetIcon
ImageList_DragEnter
InitMUILanguage
FlatSB_GetScrollProp
ImageList_Replace

rasser

PortGetStatistics

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 575KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8079d9a5768f13f2bbc17daec817437

Headers

File Characteristics

Imports

shfolder

ole32

user32

shlwapi

shell32

advapi32

mapi32

kernel32

msvcrt

version

comctl32

rasser

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 273KB - Virtual size: 575KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 273KB - Virtual size: 575KB

.rsrc
Size: 4KB - Virtual size: 4KB