b7977dfda145d8915a3e69093cfccde66c744400cc3bb426ac3d3b6294b42035

Sharing

Copy URL Twitter E-mail

General

Target

b7977dfda145d8915a3e69093cfccde66c744400cc3bb426ac3d3b6294b42035
Size

160KB
MD5

b0744c86cd64d0a155ad35e0a17b6c73
SHA1

5b781b688558dd8e3c274cec01207dcf9f60162f
SHA256

b7977dfda145d8915a3e69093cfccde66c744400cc3bb426ac3d3b6294b42035
SHA512

bcf8be3ea76e713a0345b636cba21af86b97bcc11ba3f64784b09f23b6fb32709c6be8856c7e34476d7f942c9256ce071debf729084d781c2445cc8efd2bd01c
SSDEEP

3072:7FRq6QDQ8lgE6XTsHzdaE0HvIQiZoyev:7FfQDQ86XwHzgESIQX

Score

N/A

Malware Config

Signatures

Files

b7977dfda145d8915a3e69093cfccde66c744400cc3bb426ac3d3b6294b42035
.exe windows x86

756bda365cb844713fd40518627520c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegSetValueExA

kernel32

CreateFileA
GetLastError
lstrcpynA
lstrcmpA
lstrcpyA
Sleep
GetCurrentDirectoryA
GetCurrentThreadId
SetEvent
WaitForSingleObject
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GetTickCount
SetFilePointer
lstrcmpiA
ReadFile
WriteFile
SetThreadPriority
ReleaseSemaphore
CreateSemaphoreA
CreateEventA
TerminateThread
DeleteFileA
FindClose
FindNextFileA
GetDateFormatA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileA
SetCurrentDirectoryA
ReleaseMutex
GetModuleFileNameA
GetModuleHandleA
CreateMutexA
SetLastError
GetDriveTypeA
LoadLibraryA
GetProcAddress
GetFileSize
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
RtlUnwind
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
InterlockedIncrement
InterlockedDecrement
GetFullPathNameA
ExitThread
TlsSetValue
CreateThread
ResumeThread
HeapFree
GetLocalTime
GetSystemTime
GetTimeZoneInformation
lstrlenA
CloseHandle
HeapAlloc
HeapReAlloc

user32

MessageBoxA
PostMessageA
GetDlgItemInt
GetParent
SetDlgItemInt
SetDlgItemTextA
DefWindowProcA
SetTimer
KillTimer
SendMessageA
SetWindowPos
SystemParametersInfoA
GetDlgItemTextA
IsWindowVisible
UnhookWindowsHookEx
SetWindowsHookExA
GetWindowLongA
wvsprintfA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetDlgItem
MessageBeep
GetDialogBaseUnits
SetWindowTextA
wsprintfA
GetWindowRect
GetDC
ReleaseDC
GetClassInfoA
RegisterClassA
CreateWindowExA
DialogBoxParamA
GetClientRect
MapDialogRect
MoveWindow
InvalidateRect
FindWindowA
UnregisterClassA
GetWindow
DestroyIcon
LoadIconA
SetClassLongA
GetSystemMenu
AppendMenuA
CheckMenuItem
WinHelpA
SetWindowLongA
GetSystemMetrics
GetCursorPos
TrackPopupMenu
SetForegroundWindow
CreateDialogParamA
EnableWindow
SendDlgItemMessageA
EndDialog
DestroyWindow
GetWindowTextA
ShowWindow
GetTopWindow

gdi32

GetTextExtentPoint32A
LPtoDP

shell32

Shell_NotifyIconA
SHBrowseForFolderA
SHGetPathFromIDListA

wsock32

WSACleanup
WSAStartup
WSAAsyncGetHostByName
WSAIsBlocking
WSACancelBlockingCall
connect
send
ntohs
WSAAsyncSelect
recv
getservbyname
WSAGetLastError
WSASetLastError
select
closesocket
recvfrom
sendto
socket
htons
setsockopt
bind
htonl
ntohl
gethostname
gethostbyname
inet_addr
ioctlsocket

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iuqfnvq
Size: - Virtual size: 80KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

756bda365cb844713fd40518627520c6

Headers

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

shell32

wsock32

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 80KB - Virtual size: 108KB

iuqfnvq Size: - Virtual size: 80KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 80KB - Virtual size: 108KB

iuqfnvq
Size: - Virtual size: 80KB