8fe8ed7389eb65d2187f7d98e09879a18dc0340bc914137a020a087cd2215a08

Sharing

Copy URL Twitter E-mail

General

Target

8fe8ed7389eb65d2187f7d98e09879a18dc0340bc914137a020a087cd2215a08
Size

277KB
MD5

47e5bcc4f8be5246f0525b2ea11d9a56
SHA1

7b613b72825150c5e8d58c95cf4576d190a922a0
SHA256

8fe8ed7389eb65d2187f7d98e09879a18dc0340bc914137a020a087cd2215a08
SHA512

2e05056dfa5a9d41472f6d38608fd0c9e910786ca101e5b71c31914d59345335d3d7faddc75cb6b5586c947982b37c0af67a36bc875f6269cea74bf5f8389915
SSDEEP

6144:A3j2Q2lX1viobITH8Lw5eehFPe0CfhCYSHAOGF0AFZ90pRoIwDMqu:Az92ITQsPPEfhCRGcpRb

Score

N/A

Malware Config

Signatures

Files

8fe8ed7389eb65d2187f7d98e09879a18dc0340bc914137a020a087cd2215a08
.exe windows x86

5fe67098016acb7795596107d6e3723d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
LocalAlloc
GetVersionExW
GetModuleFileNameW
GetLastError
GetCurrentProcessId
LoadResource
FindResourceW
LocalFree
LoadLibraryW
GetModuleHandleW
InitializeCriticalSection
RaiseException
FreeLibrary
RemoveDirectoryW
CreateEventW
SetEvent
GetLogicalDriveStringsW
lstrcpynW
GetFileAttributesA
GetFullPathNameA
lstrcpynA
GetCurrentThread
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentThreadId
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetTickCount
WaitForMultipleObjects
GetModuleFileNameA
GetModuleHandleA
Sleep
MoveFileW
GetTempPathW
GetShortPathNameW
GetFileAttributesW
lstrlenW
lstrlenA
MultiByteToWideChar
DosDateTimeToFileTime
GetLogicalDrives
CreateDirectoryW
WaitForSingleObject
CopyFileExW
GetSystemInfo
GetExitCodeThread
CreatePipe
DuplicateHandle
GetExitCodeProcess
CreateMutexW
GetProcAddress
LoadLibraryA

user32

LoadBitmapW
DestroyCursor
SetCapture
SetCursor
GetCursorPos
GetAsyncKeyState
CopyRect
GetFocus
GetSysColor
LoadCursorW
EnableWindow
OffsetRect
UnregisterClassA
IsWindow
PeekMessageW
PostMessageW
SetWindowPos
GetKeyState
EnableMenuItem
InvalidateRect
SendMessageW
MoveWindow
GetMenuItemRect
CreateDesktopA
RegisterClassExA
IsMenu
LoadBitmapA
GetCapture
LoadMenuIndirectA
GetClassInfoA
MessageBoxA
GetForegroundWindow
PeekMessageA
InsertMenuItemA
GetDCEx
CharLowerW
AdjustWindowRect
GetSystemMetrics
FindWindowW
DestroyMenu
DefWindowProcW
EndDialog
CopyIcon
GetTopWindow
ShowWindow
DialogBoxParamA
IsIconic
TrackPopupMenu
ActivateKeyboardLayout
ShowCaret
WaitMessage
CreateAcceleratorTableW
CreateAcceleratorTableA
SetWindowTextA
DefWindowProcA
SetParent
mouse_event
ShowCursor
CreateDialogIndirectParamA
LoadImageW
UpdateLayeredWindow
GetIconInfo
GetScrollPos
SetFocus
wsprintfA
CharUpperA
IsChild
SetWindowRgn

gdi32

CreateFontW
CreateFontIndirectW
DeleteObject
CreateCompatibleDC
CreateHatchBrush
RemoveFontResourceA
CreateMetaFileW
SetWinMetaFileBits
CreateFontIndirectExW
GetRasterizerCaps
CreateScalableFontResourceW

advapi32

RegSetValueExW
RegDeleteValueW
OpenThreadToken
EqualSid
GetTokenInformation
OpenProcessToken
FreeSid
AllocateAndInitializeSid
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW

shell32

SHGetDesktopFolder
ShellExecuteW

comctl32

InitCommonControlsEx

ole32

CoInitialize
CoUninitialize
CoInitializeEx
CoCreateInstance

oleaut32

LoadTypeLi
DispCallFunc
VariantClear
LoadRegTypeLi
SysStringLen
VariantCopy
VariantChangeType
VariantInit
SysAllocString
SysFreeString

query

DoneCIISAPIPerformanceData

duser

MapGadgetPoints
GetStdColorI
CreateGadget
SetGadgetRootInfo
SetGadgetFillI
SetGadgetCenterPoint
GetGadgetStyle
RemoveGadgetMessageHandler
DUserGetAlphaPRID
IsGadgetParentChainStyle
InitGadgets
SetGadgetStyle
DUserPostMethod
EnumGadgets
GetStdPalette
ForwardGadgetMessage
BuildAnimation
UnregisterGadgetProperty

Sections

.icode
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RoOkSS
Size: 2KB - Virtual size: 391KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c
Size: 4KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.WRU
Size: 3KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 87KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 127KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fe67098016acb7795596107d6e3723d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

oleaut32

query

duser

Sections

.icode Size: 2KB - Virtual size: 2KB

.RoOkSS Size: 2KB - Virtual size: 391KB

.c Size: 4KB - Virtual size: 405KB

.text Size: 15KB - Virtual size: 16KB

.WRU Size: 3KB - Virtual size: 147KB

.rdata Size: 5KB - Virtual size: 53KB

.edata Size: 87KB - Virtual size: 134KB

.data Size: 7KB - Virtual size: 251KB

.edata Size: 127KB - Virtual size: 165KB

.rsrc Size: 22KB - Virtual size: 21KB

.icode
Size: 2KB - Virtual size: 2KB

.RoOkSS
Size: 2KB - Virtual size: 391KB

.c
Size: 4KB - Virtual size: 405KB

.text
Size: 15KB - Virtual size: 16KB

.WRU
Size: 3KB - Virtual size: 147KB

.rdata
Size: 5KB - Virtual size: 53KB

.edata
Size: 87KB - Virtual size: 134KB

.data
Size: 7KB - Virtual size: 251KB

.edata
Size: 127KB - Virtual size: 165KB

.rsrc
Size: 22KB - Virtual size: 21KB