c49b327eb60d698152424b7315d2f848c104c4ee6197cd732a651c5ade37fe51

Sharing

Copy URL Twitter E-mail

General

Target

c49b327eb60d698152424b7315d2f848c104c4ee6197cd732a651c5ade37fe51
Size

1.0MB
MD5

60a5dc3be317a34c7977ac5f030315ef
SHA1

f450d1b97774c3e50ca249309da0debe8781ce7e
SHA256

c49b327eb60d698152424b7315d2f848c104c4ee6197cd732a651c5ade37fe51
SHA512

4e7dbe87c51f1eb5d6fe56f24830fe59bbe58d8673a9f7728c4503ed9381b30f8ca926ff40e781bc5ef5a0d2d998810e7b9567810cd305065a87f9cc6d01f0c7
SSDEEP

24576:Vwa/Nhy/9xE+f7+d5YuLeCNx2M29EiKJVVWiTQ0CLEMx+kclEp:nG9Q/NxAiiuTgPx+kcl

Score

N/A

Malware Config

Signatures

Files

c49b327eb60d698152424b7315d2f848c104c4ee6197cd732a651c5ade37fe51
.exe windows x86

ef51b2e719ed5dbca0e5ba77201df5e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockFile
UnlockFile
GetVolumeInformationA
GetFullPathNameA
InterlockedIncrement
FileTimeToSystemTime
GlobalFlags
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetOEMCP
SetErrorMode
FileTimeToLocalFileTime
RtlUnwind
ExitProcess
ExitThread
CreateThread
VirtualProtect
VirtualAlloc
VirtualQuery
GetTimeFormatA
FlushFileBuffers
GetStartupInfoA
GetCommandLineA
HeapReAlloc
SetHandleCount
GetStdHandle
SetStdHandle
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
WritePrivateProfileStringA
PeekNamedPipe
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
InterlockedDecrement
SetLastError
MulDiv
GlobalAlloc
LocalFree
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetStringTypeA
LCMapStringA
GetCPInfo
LCMapStringW
GetStringTypeW
SetEndOfFile
GetFileType
Sleep
GetCurrentProcess
DuplicateHandle
FormatMessageA
HeapFree
GetProcessHeap
HeapAlloc
FindResourceExA
MapViewOfFile
GetSystemInfo
UnmapViewOfFile
CreateFileMappingA
GetFileInformationByHandle
GetTickCount
GetFileTime
CompareFileTime
SetFilePointer
ReadFile
GetFileSize
WriteFile
LeaveCriticalSection
EnterCriticalSection
FindNextFileA
GetTempPathA
GetTempFileNameA
CreateDirectoryA
GetFileAttributesA
SetFileAttributesA
CreateFileA
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
MoveFileA
RemoveDirectoryA
RaiseException
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
lstrcmpiA
CompareStringA
CompareStringW
GetVersion
GetWindowsDirectoryA
CreateEventA
SetEvent
GetCurrentDirectoryA
CreateProcessA
GetSystemDirectoryA
FindFirstFileA
FindClose
SetCurrentDirectoryA
CreateMutexA
CloseHandle
OpenProcess
WaitForSingleObject
TerminateProcess
LoadResource
LockResource
SizeofResource
FindResourceA
GetLastError
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
DeleteFileA
GetDateFormatA
GetModuleFileNameA

user32

RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
DestroyMenu
LoadCursorA
GetSysColorBrush
CharNextA
InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
SetRect
IsRectEmpty
SetWindowContextHelpId
MapDialogRect
wsprintfA
GetMessageA
TranslateMessage
ValidateRect
SetCursor
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextA
TabbedTextOutA
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
SystemParametersInfoA
GetCursorPos
ReleaseCapture
SetWindowRgn
GetWindowRect
SetTimer
KillTimer
GetCapture
SetCapture
SendMessageA
EnableWindow
LoadIconA
SetWindowPos
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoA
PostThreadMessageA
CharUpperA
UnregisterClassA
PostMessageA
GetClientRect
RegisterWindowMessageA
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
GetSystemMetrics
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetWindow
PtInRect
CopyRect
GetWindowPlacement
IsIconic
IntersectRect
OffsetRect
SetWindowLongA
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
RegisterClassA
DrawTextExA

gdi32

GetBkColor
GetTextColor
GetMapMode
GetRgnBox
CreateRectRgnIndirect
GetStockObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
CreateRectRgn
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CombineRgn
ScaleViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSpecialFolderPathA

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathFileExistsA
PathIsUNCA

oledlg

ord8

ole32

CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleRun
OleIsCurrentClipboard

oleaut32

SysAllocStringLen
VariantInit
VariantClear
SysStringLen
SysAllocString
VariantCopy
VariantChangeType
DispCallFunc
LoadRegTypeLi
SysAllocStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect
GetErrorInfo
SysFreeString

wininet

FtpGetFileSize
FtpCommandA
FtpOpenFileA
FtpSetCurrentDirectoryA
HttpQueryInfoA
HttpOpenRequestA
HttpSendRequestA
InternetQueryDataAvailable
InternetGetLastResponseInfoA
InternetSetFilePointer
InternetReadFile
InternetConnectA
InternetCloseHandle
InternetOpenA

Sections

.text
Size: 540KB - Virtual size: 537KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STLPORT_
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ef51b2e719ed5dbca0e5ba77201df5e8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 540KB - Virtual size: 537KB

.rdata Size: 108KB - Virtual size: 104KB

.data Size: 16KB - Virtual size: 43KB

STLPORT_ Size: 4KB - Virtual size: 32B

.rsrc Size: 204KB - Virtual size: 200KB

.tc Size: 196KB - Virtual size: 196KB

.text
Size: 540KB - Virtual size: 537KB

.rdata
Size: 108KB - Virtual size: 104KB

.data
Size: 16KB - Virtual size: 43KB

STLPORT_
Size: 4KB - Virtual size: 32B

.rsrc
Size: 204KB - Virtual size: 200KB

.tc
Size: 196KB - Virtual size: 196KB