956faae8517ba31508c71c345f459deb4fbbfc542a8c54a66db55ab45bdb4094

Sharing

Copy URL Twitter E-mail

General

Target

956faae8517ba31508c71c345f459deb4fbbfc542a8c54a66db55ab45bdb4094
Size

320KB
MD5

358f867a165b67a323410d13ea31f1e3
SHA1

714842e03b0ad06278e421f81091948d442d1523
SHA256

956faae8517ba31508c71c345f459deb4fbbfc542a8c54a66db55ab45bdb4094
SHA512

aad4d5210e9f99244bbd1631a850c68191f37103da581d3926dbd9c290c56b6595ff37c50eec44db449cc8afaa31d5a6c123fc2cc894e37f8e135f2224107745
SSDEEP

6144:un+TTh9qzW7NftkXGtQdDffO9UmZs9rrALXqo1jmUZxL6xQGQXK3M:un+59qi7NftkcEfVmZs9ELXqs76GK

Score

N/A

Malware Config

Signatures

Files

956faae8517ba31508c71c345f459deb4fbbfc542a8c54a66db55ab45bdb4094
.exe windows x86

fd1e2d65462516534cee1e5f88234f0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
CreateFileW
SetFilePointer
GetModuleFileNameW
CreateDirectoryW
GetFileAttributesW
RemoveDirectoryW
FindResourceW
FormatMessageW
LocalFree
GetSystemDefaultLangID
GetPrivateProfileStringW
GetLongPathNameW
SetFileAttributesW
lstrlenW
GetFullPathNameW
GetTempPathW
GetTempFileNameW
MoveFileExW
GetWindowsDirectoryW
FindNextFileW
FindFirstFileW
FindClose
CreateMutexW
ReleaseMutex
SetEndOfFile
WriteFile
GetFileSize
GetVersionExW
MultiByteToWideChar
EnterCriticalSection
GetCurrentThreadId
LeaveCriticalSection
SetLastError
FlushInstructionCache
GetCurrentProcess
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
Sleep
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
DeleteFileW
CloseHandle
GetModuleHandleW
GetLastError
InterlockedExchange
GetCurrentDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryW
CopyFileW

user32

SetPropW
EndDialog
SendDlgItemMessageW
GetDlgItem
SetWindowTextW
UnregisterClassA
SystemParametersInfoW
GetWindow
MapWindowPoints
IsWindow
MessageBoxW
DialogBoxParamW
LoadStringW
wsprintfW
ShowWindow
GetPropW
GetParent
GetClientRect
GetWindowLongW
SetWindowLongW
EnableWindow
SetFocus
GetDesktopWindow
PostMessageW
LoadIconW
SendMessageW
MoveWindow
SetWindowPos
CreateDialogParamW
ScreenToClient
GetWindowRect

advapi32

RegOpenKeyExA
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegCreateKeyW
RegOpenKeyW
RegQueryValueExA
RegDeleteValueW

shell32

ShellExecuteExW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHChangeNotify

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance
OleUninitialize
OleInitialize

msvcr80

_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__CxxFrameHandler3
_CxxThrowException
??3@YAXPAX@Z
memmove_s
??0exception@std@@QAE@XZ
?what@exception@std@@UBEPBDXZ
wcslen
_invalid_parameter_noinfo
_itow
??1exception@std@@UAE@XZ
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
memcpy_s
memset
strlen
memcpy
??_V@YAXPAX@Z
memcmp
_waccess
wcschr
towupper
towlower
free
malloc
sprintf_s
_controlfp_s

comctl32

PropertySheetW
InitCommonControlsEx

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 198KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fd1e2d65462516534cee1e5f88234f0a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

msvcr80

comctl32

version

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 9KB - Virtual size: 9KB

.tc Size: 198KB - Virtual size: 200KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 9KB - Virtual size: 9KB

.tc
Size: 198KB - Virtual size: 200KB