573e12b677a57e51d4124eb5af42e7a10b149794c141a864fa818a049ab4c37b

Sharing

Copy URL Twitter E-mail

General

Target

573e12b677a57e51d4124eb5af42e7a10b149794c141a864fa818a049ab4c37b
Size

316KB
MD5

3778f91752b285ac3ce7a0be9ca3471f
SHA1

6c75fa6600c8f20940f4b098b35df466badc0371
SHA256

573e12b677a57e51d4124eb5af42e7a10b149794c141a864fa818a049ab4c37b
SHA512

a8be9ef745a828024e5e2b423b9cb010c50413b3a06225a537667e2c3f29592697c04429a2ff495ee0c1c7241f425b64cee92eb53f9d2faaca4c368a9640605e
SSDEEP

3072:1VVHe5Utrtgm2rUls4uY0toz2z6wSb43rknmLr1i1JGZs49koDvjvGPhNjlPtqWf:1VPCm2ZueXGQOJVIvzBWurIvz

Score

N/A

Malware Config

Signatures

Files

573e12b677a57e51d4124eb5af42e7a10b149794c141a864fa818a049ab4c37b
.exe windows x86

84434d2d8004d853e507b3b305aa7714

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyA
SHGetValueA

kernel32

lstrlenA
FreeResource
CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
MoveFileExA
Process32Next
TerminateProcess
Process32First
Thread32Next
SuspendThread
OpenProcess
OpenThread
Thread32First
CreateToolhelp32Snapshot
GetDriveTypeA
FindClose
FindNextFileA
FindFirstFileA
GetTempPathA
GetFileAttributesA
GetSystemDirectoryA
GetFileAttributesExA
GetLogicalDrives
GetTickCount
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFilePointer
ReadFile
GetFileSize
LoadResource
FindResourceA
lstrcpyA
FlushInstructionCache
GetCurrentProcess
InterlockedIncrement
lstrcmpiA
CompareStringA
GetCommandLineA
WritePrivateProfileStringA
GetTempFileNameA
Module32Next
Module32First
LoadLibraryW
GetLastError
LocalFree
LocalAlloc
CreateFileW
MultiByteToWideChar
GetModuleFileNameA
LoadLibraryA
InterlockedDecrement
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
WideCharToMultiByte
HeapSize
HeapReAlloc
UnhandledExceptionFilter
ResumeThread
SetLastError
TlsAlloc
GetOEMCP
GetACP
GetCPInfo
RaiseException
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
RtlUnwind
ExitThread
TlsGetValue
TlsSetValue
CreateThread
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
DeleteFileA
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
GetCurrentThreadId
GetProcAddress

user32

SetFocus
DialogBoxParamA
GetActiveWindow
DefWindowProcA
EnableWindow
EndDialog
GetDlgItem
SendMessageA
CallWindowProcA
IsWindowEnabled
GetSysColor
GetFocus
DrawFocusRect
FillRect
GetDlgCtrlID
CreateWindowExA
DrawTextA
ReleaseDC
GetClassNameA
CreateCursor
GetWindowTextLengthA
GetWindowTextA
GetDC
OffsetRect
CharNextA
BeginPaint
LoadStringA
InvalidateRect
PtInRect
SetCursor
UpdateWindow
EndPaint
SetCapture
GetCapture
ReleaseCapture
GetCursorPos
ScreenToClient
SetWindowLongA
IsWindow
DestroyCursor
GetWindowLongA
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
SetRectEmpty
DestroyWindow
GetTopWindow
MessageBoxA
ShowWindow
SetWindowTextA
GetSystemMetrics
LoadImageA

gdi32

SetTextColor
DeleteDC
GetStockObject
GetObjectA
CreateFontIndirectA
SelectObject
DeleteObject
SetBkMode

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize

comctl32

_TrackMouseEvent
InitCommonControlsEx

wsock32

ioctlsocket
WSAStartup
WSACleanup
gethostbyaddr

psapi

GetMappedFileNameA
GetModuleFileNameExA

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84434d2d8004d853e507b3b305aa7714

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

wsock32

psapi

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 220KB - Virtual size: 219KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 220KB - Virtual size: 219KB