3458cab8522eda9aa5b8d6c8da56b5b82ed690ecefb5a476d5b74d164d35eb2c

Sharing

Copy URL Twitter E-mail

General

Target

3458cab8522eda9aa5b8d6c8da56b5b82ed690ecefb5a476d5b74d164d35eb2c
Size

244KB
MD5

4fe3b789acb6122002ac0ea886299f98
SHA1

fcb4a02a4c24c13775a35dfeed0b3d4c0ae14c9b
SHA256

3458cab8522eda9aa5b8d6c8da56b5b82ed690ecefb5a476d5b74d164d35eb2c
SHA512

a9189d6d5d55d69a319eeae82cb86e5f9162d9f7f6049dd09c2c41598ef19c79919554a2ce18e7cc00146442aaaeba61548e7aee887fd91eced32c33e23ce5ca
SSDEEP

6144:bmkpsNlgarda1b3+WSFqqDLubSXIbv+IC78fWVTZlv1f:CosNlg8da1SkqnubSJf

Score

N/A

Malware Config

Signatures

Files

3458cab8522eda9aa5b8d6c8da56b5b82ed690ecefb5a476d5b74d164d35eb2c
.exe windows x86

d92651ed4218af4708085c250866ac90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileW

kernel32

LockResource
LoadResource
GetLongPathNameW
FindResourceExW
GetModuleFileNameW
FindResourceW
GetTempPathW
GetFileAttributesW
DeleteFileW
GetTickCount
GetCurrentProcessId
GetACP
MultiByteToWideChar
WideCharToMultiByte
VirtualAlloc
SizeofResource
FreeLibrary
HeapAlloc
HeapFree
VirtualFree
GetProcessHeap
IsBadReadPtr
LoadLibraryW
lstrcmpiA
GetProcAddress
InterlockedIncrement
InterlockedDecrement
CreateFileW
WriteConsoleW
GetConsoleOutputCP
GetLastError
CreateDirectoryW
SetEnvironmentVariableA
VirtualProtect
HeapReAlloc
WriteConsoleA
SetStdHandle
CompareStringW
CompareStringA
SetEndOfFile
CreateFileA
LoadLibraryA
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
LCMapStringW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
HeapDestroy
LCMapStringA
HeapSize
InterlockedExchange
GetLocaleInfoA
GetThreadLocale
GetSystemTimeAsFileTime
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
GetCPInfo
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetTimeZoneInformation
GetFullPathNameW
GetCurrentDirectoryA
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
ReadFile
CloseHandle
HeapCreate
GetDriveTypeA

user32

UnregisterClassA

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
IsTextUnicode

shell32

SHGetFolderPathW

ole32

CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
SysAllocStringLen

shlwapi

StrCmpNIW
PathCreateFromUrlW
UrlIsW
UrlCombineW
UrlUnescapeA
StrStrIW
UrlUnescapeW
UrlCanonicalizeW
StrTrimW
PathFileExistsW
PathAddBackslashW
StrChrW
StrStrIA
StrCpyW
UrlCanonicalizeA

Sections

.text
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d92651ed4218af4708085c250866ac90

Headers

File Characteristics

Imports

urlmon

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 152KB - Virtual size: 148KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 24KB - Virtual size: 28KB

.rsrc Size: 32KB - Virtual size: 29KB

.text
Size: 152KB - Virtual size: 148KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 24KB - Virtual size: 28KB

.rsrc
Size: 32KB - Virtual size: 29KB