944bcee326d36898875963440679e40b787821cec310d019b30e56283ac33e80

Sharing

Copy URL Twitter E-mail

General

Target

944bcee326d36898875963440679e40b787821cec310d019b30e56283ac33e80
Size

257KB
MD5

7007744cac8595846af812d634ebc258
SHA1

89c4778f41162b03d034acd1cb8f9b94321b36f5
SHA256

944bcee326d36898875963440679e40b787821cec310d019b30e56283ac33e80
SHA512

407f9735fb5c679fd4a040cb3a685d60f9131b08f79768a9e92078f2899310bd3358f9addedbebde585113328bc766ffcbd713f083e3b68f4a67ea3ad67a7f68
SSDEEP

3072:2S5jxPLn8bywhaYiwEScQWsEetmvevzzDvOO782xOPVuatnlWb8LirHQAj1U41Gp:bt4i62sE2ZzW9fPV7TWaDAj13IzhUS

Score

N/A

Malware Config

Signatures

Files

944bcee326d36898875963440679e40b787821cec310d019b30e56283ac33e80
.exe windows x86

7ae54a572129433fede3999134b6a0d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathW
GetTempFileNameW
InitializeCriticalSection
WaitForSingleObject
GetCurrentProcess
CreateEventW
GetCurrentThreadId
GetCurrentProcessId
WaitForMultipleObjects
GetModuleHandleA
GetModuleFileNameW
GetLocaleInfoA
CreateDirectoryW
Sleep
GetFileAttributesW
lstrcpynA
lstrlenA
GetLastError
GetFullPathNameA
GetFileAttributesA
lstrcpynW
lstrlenW
LoadLibraryW
FreeLibrary
GetTickCount
MultiByteToWideChar
GetVersionExW
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetVersionExA
GetProcessHeap
SetUnhandledExceptionFilter
HeapCreate
ExitProcess
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
RaiseException
GetStartupInfoA
GetEnvironmentStringsW
QueryPerformanceCounter
GetProcAddress

user32

MessageBoxW
PeekMessageW
SendDlgItemMessageA
LoadMenuA
AppendMenuW
MessageBoxIndirectA
ShowCursor
InsertMenuItemW
WinHelpA
GetSystemMetrics
MonitorFromPoint
EnableMenuItem
CreateDialogIndirectParamW
GetFocus
SetWindowRgn
LoadIconA
GetMenu
GetDesktopWindow
GetActiveWindow
SetMenu
GetClassInfoExW
MessageBoxA
DestroyMenu
EnumClipboardFormats
GetScrollPos

advapi32

FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyW
RegQueryValueExW
RegCloseKey
RegDeleteKeyW
RegDeleteKeyA
EqualSid

shell32

ord680
ShellExecuteExW
SHGetDesktopFolder

security

SealMessage
CompleteAuthToken

gdi32

CreateFontIndirectExA
CreateScalableFontResourceW
SelectBrushLocal
AddFontResourceA
GetRasterizerCaps
GetEnhMetaFileA
CreateSolidBrush
CreateBitmapIndirect
CreatePen
AddFontResourceW
GetStockObject
CreateFontIndirectExW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.UNeyY
Size: 1024B - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.P
Size: 1024B - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.C
Size: 103KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EI
Size: 3KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Qxlzm
Size: 120KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ae54a572129433fede3999134b6a0d1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

security

gdi32

Sections

.text Size: 12KB - Virtual size: 12KB

.UNeyY Size: 1024B - Virtual size: 48KB

.rdata Size: 3KB - Virtual size: 31KB

.P Size: 1024B - Virtual size: 137KB

.C Size: 103KB - Virtual size: 121KB

.EI Size: 3KB - Virtual size: 304KB

.data Size: 6KB - Virtual size: 131KB

.Qxlzm Size: 120KB - Virtual size: 142KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 12KB - Virtual size: 12KB

.UNeyY
Size: 1024B - Virtual size: 48KB

.rdata
Size: 3KB - Virtual size: 31KB

.P
Size: 1024B - Virtual size: 137KB

.C
Size: 103KB - Virtual size: 121KB

.EI
Size: 3KB - Virtual size: 304KB

.data
Size: 6KB - Virtual size: 131KB

.Qxlzm
Size: 120KB - Virtual size: 142KB

.rsrc
Size: 7KB - Virtual size: 7KB