346cd59272d213e59280c7ffe92363906efe832c6b79d19aa4d523f953b2686e

Sharing

Copy URL Twitter E-mail

General

Target

346cd59272d213e59280c7ffe92363906efe832c6b79d19aa4d523f953b2686e
Size

484KB
MD5

fa2a8730dfeefd479c3992f74a757464
SHA1

7481e896e83cd7467c68d97c8886797f989a4499
SHA256

346cd59272d213e59280c7ffe92363906efe832c6b79d19aa4d523f953b2686e
SHA512

c378c1efd7de7690f7742a70c2955fd74005923598a809e02a490df085d82d2fc82dd8a3d60667981bde2a55ef930d61585a595a419e30a0bd6126f67c2eedf2
SSDEEP

12288:A+MdEW/5pUwtgoKUfxMHicebq+7PG/vCW:AbWWjtGz+vu/Z

Score

N/A

Malware Config

Signatures

Files

346cd59272d213e59280c7ffe92363906efe832c6b79d19aa4d523f953b2686e
.exe windows x86

58595d2598ef31099e8adae0e1703b91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegEnumKeyExA
SetSecurityDescriptorDacl
RegDeleteKeyA
RegQueryValueExA
CloseServiceHandle
RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExW
DeleteService
RegDeleteValueA
ControlService
AdjustTokenPrivileges
RegOpenKeyExA
OpenProcessToken
GetUserNameA
RegQueryValueExW
AllocateAndInitializeSid
RegSetValueExW
RegCloseKey
InitializeSecurityDescriptor
GetTokenInformation
QueryServiceStatus
FreeSid
RegDeleteKeyW

user32

SetScrollInfo
GetDlgCtrlID
LoadIconW
MessageBoxW
GetNextDlgTabItem
LockWindowUpdate
DestroyAcceleratorTable
RegisterWindowMessageW
RegisterClassW
GetSystemMenu
EmptyClipboard
GetParent
DefWindowProcW
GetKeyState
IsWindow
GetWindow
TranslateMessage
EnableScrollBar
LoadBitmapW
TrackMouseEvent
SetFocus
LoadImageW
TrackPopupMenu
GetMenuItemID
LoadAcceleratorsW
DestroyWindow
IsMenu
GetMenuItemInfoW
ShowWindow
CopyRect
GetWindowDC
RegisterClassExW
SetActiveWindow
wsprintfW
UnhookWindowsHookEx
DestroyIcon
DestroyMenu
IsRectEmpty
CreateWindowExW
MessageBeep
GetDC
IsWindowEnabled
EnableMenuItem
GetSysColor
ReleaseCapture
SetMenu
WindowFromPoint
GetIconInfo
CopyImage
FillRect
CheckMenuItem
RedrawWindow
SetClipboardData

shlwapi

StrStrA
PathIsDirectoryA
StrToIntA
PathIsURLA

kernel32

GetConsoleOutputCP
FlushFileBuffers
CreateThread
GetLastError
RaiseException
LCMapStringA
GetCommandLineW
GetSystemTimeAsFileTime
InterlockedExchange
CompareStringW
GetStartupInfoW
TerminateProcess
GetCurrentThreadId
FlushInstructionCache
GetStringTypeW
GetFileSize
lstrcpyW
GlobalFree
VirtualFree
QueryPerformanceCounter
IsDebuggerPresent
DeleteCriticalSection
HeapReAlloc
ExitProcess
GetStringTypeA
GetStdHandle
FreeLibrary
IsValidCodePage
FileTimeToSystemTime
CreateMutexW
VirtualAlloc
GetConsoleCP
LCMapStringW
Sleep
GetDateFormatA
GetModuleFileNameW
GetACP
GetEnvironmentStrings
LockResource
GetCurrentThread
GetCPInfo
GetTimeFormatA
TlsAlloc
RtlUnwind
TlsSetValue
SetUnhandledExceptionFilter
EnterCriticalSection
GlobalSize
FreeEnvironmentStringsA
GetVersionExA
GetOEMCP
DeleteFileW
WriteConsoleW
CreateFileA
GetTempPathW
MultiByteToWideChar
WriteConsoleA
VirtualQuery
MapViewOfFile
GetTimeZoneInformation
TlsFree
LoadLibraryW
ReadFile
HeapAlloc
FreeEnvironmentStringsW
SetFilePointer
GetCurrentProcess
InterlockedDecrement
HeapCreate
GlobalDeleteAtom
TlsGetValue
FindClose
HeapDestroy
GetModuleHandleA
GetCommandLineA
HeapSize
GetLocaleInfoW
InitializeCriticalSection
WideCharToMultiByte
GetProcessHeap
UnmapViewOfFile
GetCurrentProcessId
CloseHandle
LocalFree
LeaveCriticalSection
InterlockedIncrement
GlobalHandle
GetProcAddress
GetModuleHandleW
SetLastError
SetStdHandle
GetVersion
SetEnvironmentVariableA
GetConsoleMode
GetStartupInfoA
LoadLibraryA
GetFileType
WriteFile
HeapFree
InterlockedCompareExchange
GlobalUnlock
GetTickCount
SetHandleCount
GetLocaleInfoA
UnhandledExceptionFilter
CompareStringA
GetExitCodeProcess
GetModuleFileNameA
GetEnvironmentStringsW

gdi32

CreateCompatibleBitmap
SelectPalette
GetObjectA
PatBlt
PolyBezier
Pie
GetBoundsRect
Rectangle
SetMapMode
DPtoLP
IntersectClipRect
GetSystemPaletteEntries
SetPixel
GetROP2
DeleteObject
SelectClipRgn
CreateDIBitmap
LPtoDP
LineTo
Escape

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58595d2598ef31099e8adae0e1703b91

Headers

File Characteristics

Imports

advapi32

user32

shlwapi

kernel32

gdi32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 264KB - Virtual size: 263KB

.data Size: 76KB - Virtual size: 104KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 264KB - Virtual size: 263KB

.data
Size: 76KB - Virtual size: 104KB

.rsrc
Size: 24KB - Virtual size: 21KB