faf418b302fce567efa211dc2df809603ee59f7b328abb1c1e735b49b71cbae0

Sharing

Copy URL Twitter E-mail

General

Target

faf418b302fce567efa211dc2df809603ee59f7b328abb1c1e735b49b71cbae0
Size

344KB
MD5

654aa716c9520881054aae5ee0b1e886
SHA1

ade6734d9ceb6ca61ae3eb8de52c06c13b5839e0
SHA256

faf418b302fce567efa211dc2df809603ee59f7b328abb1c1e735b49b71cbae0
SHA512

e64a9d26666f0611e13e36d495442b5b01f2b63bc4112e247bae93d200ec9128896fe317158f580afd2109cf59d5f77075dd7dbb8f869ca2d006a6a037c4f15e
SSDEEP

6144:dxWMb0UXAUHYTI9qcifvufLryVGmyqa+lKNAfKx:dxpbFw0YTwqcuonCG/z+liPx

Score

N/A

Malware Config

Signatures

Files

faf418b302fce567efa211dc2df809603ee59f7b328abb1c1e735b49b71cbae0
.exe windows x86

16397342a27654403613076ee4243592

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
WSACleanup
socket
gethostbyname
htons
inet_ntoa
bind
inet_addr
closesocket
recv
send
connect
htonl

wininet

InternetCloseHandle
InternetSetOptionA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetReadFile
HttpQueryInfoA

kernel32

IsBadReadPtr
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetEndOfFile
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
CloseHandle
ReadFile
CreateFileA
WriteFile
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetPrivateProfileStringA
GetPrivateProfileIntA
SetFileAttributesA
GetCurrentDirectoryA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
lstrcpyW
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
lstrlenA
InterlockedDecrement
InterlockedIncrement
DebugBreak
OutputDebugStringA
GetCurrentThreadId
GetLastError
lstrlenW
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
IsBadCodePtr
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
CreateProcessA
CreateEventA
OpenEventA
CreateDirectoryA
TerminateThread
WaitForSingleObject
Sleep
CopyFileA
CreateThread
SetFilePointer
GetFileSize
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
lstrcatA
lstrcpyA
GetProcAddress
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
GetCommandLineA
GetStartupInfoA
GetFileAttributesA
GetFileType
GetSystemTimeAsFileTime
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
ExitProcess
RtlUnwind
GetTickCount
GetCurrentProcessId
LoadLibraryA
FlushFileBuffers
TerminateProcess
HeapSize
SetHandleCount
LoadLibraryExA
LCMapStringA
GetCPInfo
GetOEMCP
GetStdHandle
QueryPerformanceCounter

user32

GetSystemMetrics
KillTimer
LoadImageA
LoadStringA
IsWindow
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
GetDlgItem
SetTimer
GetWindowTextA
SetWindowTextA
PostMessageA
GetWindowLongA
SendMessageA
GetSysColorBrush
wsprintfA
DefWindowProcA
MessageBoxW
GetActiveWindow
EndDialog
DialogBoxParamA
DestroyWindow
CharNextA
wvsprintfA
SetWindowLongA
UnregisterClassA

gdi32

SetTextColor
SetBkMode

advapi32

RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegEnumKeyExA

ole32

CoTaskMemRealloc
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

imagehlp

MapFileAndCheckSumA

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

16397342a27654403613076ee4243592

Headers

File Characteristics

Imports

ws2_32

wininet

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

imagehlp

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 192KB - Virtual size: 192KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 192KB - Virtual size: 192KB