a1a85b83930a432a3c2e55d43e9599a09c7c6e700ccc66ac31715f9c5e2020b6

Sharing

Copy URL Twitter E-mail

General

Target

a1a85b83930a432a3c2e55d43e9599a09c7c6e700ccc66ac31715f9c5e2020b6
Size

412KB
MD5

16485c269118faf85ca7fe910ef20280
SHA1

876807b2e61faa34ad11583901ea067015fbd1f3
SHA256

a1a85b83930a432a3c2e55d43e9599a09c7c6e700ccc66ac31715f9c5e2020b6
SHA512

86c9c1a5621ab5097e0484ce4c79125fc949050d8554c4c8dc816e532b6f4d0c09c6fa245f238264c6ba06e5e07457200824cebc50084d6655de6e6cf5c894dc
SSDEEP

6144:ZjJaTqbAVVbKkH6BJt00g3JiOs1kxkNZum9DR0P15he:ZjJa+0VwkaBz00D1kAR0P15h

Score

N/A

Malware Config

Signatures

Files

a1a85b83930a432a3c2e55d43e9599a09c7c6e700ccc66ac31715f9c5e2020b6
.exe windows x86

b6f4cbca94621eef5205445c2cc4d512

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmp
WriteFile
GetProcAddress
SetThreadContext
GetCommandLineA
MultiByteToWideChar
lstrcpyn
FreeResource
InitializeCriticalSection
ReadFile
GetStartupInfoA
SetConsoleCtrlHandler
RtlUnwind
GetStartupInfoW
CreateSemaphoreA
CreateNamedPipeA
WaitForMultipleObjectsEx
GlobalGetAtomNameW
GetVersionExA
SystemTimeToFileTime
GetModuleHandleA
GetProcessAffinityMask
ResumeThread
GetProfileStringA
Sleep
LoadModule
IsValidCodePage
SetThreadPriority
CloseHandle
SetWaitableTimer
TerminateProcess
GetCommandLineW
WriteConsoleOutputA
HeapAlloc
FindAtomA
GetCPInfo
SetHandleCount
CompareStringW
FindClose
CreateWaitableTimerA
TlsSetValue
ReadConsoleInputW
DebugActiveProcess
GetOEMCP
GetACP
VirtualQuery
FreeEnvironmentStringsW
GetStringTypeW
WriteConsoleA
GetProfileSectionW
GetDiskFreeSpaceExW
SetConsoleCursorInfo
GetCurrentThread
FindFirstFileExW
GetStringTypeExA
GetDateFormatA
InterlockedExchange
GetFileTime
ReadConsoleW
CreateEventW
GlobalUnlock
InterlockedIncrement
TlsAlloc
HeapReAlloc
LCMapStringA
GetTickCount
GetLocaleInfoA
HeapFree
ExitProcess
GetConsoleOutputCP
GetProcessHeap
CreateMutexA
HeapSize
GetEnvironmentStringsW
lstrcpyW
WriteProfileStringA
LCMapStringW
LeaveCriticalSection
TlsFree
VirtualAlloc
GetTimeZoneInformation
SetConsoleMode
IsValidLocale
SetFileAttributesW
GetEnvironmentStrings
CompareStringA
WideCharToMultiByte
IsBadReadPtr
GetStringTypeA
VirtualFree
SetEnvironmentVariableA
EnumSystemLocalesA
FreeEnvironmentStringsA
GetFileType
GetSystemTimeAsFileTime
IsDebuggerPresent
LoadLibraryA
GetFullPathNameA
QueryPerformanceCounter
FindFirstFileW
DeleteCriticalSection
GetPrivateProfileIntW
GetNumberFormatW
GetUserDefaultLCID
GetLastError
GetStdHandle
GetComputerNameA
GetCurrentThreadId
CommConfigDialogW
GetExitCodeThread
ReadConsoleOutputCharacterW
GetConsoleMode
TlsGetValue
SetVolumeLabelW
WriteConsoleOutputCharacterA
VirtualFreeEx
FoldStringW
EnterCriticalSection
OutputDebugStringW
GetCurrentDirectoryW
OpenMutexA
ReadConsoleOutputCharacterA
LocalHandle
GetShortPathNameA
GetProfileIntW
FreeLibraryAndExitThread
GetCurrentProcess
GetComputerNameW
WriteConsoleW
GetCurrentProcessId
SetFilePointer
GetDiskFreeSpaceA
GetConsoleCP
InterlockedDecrement
SetLastError
GetModuleFileNameW
HeapDestroy
LocalSize
SetUnhandledExceptionFilter
FreeLibrary
GetEnvironmentVariableA
CompareFileTime
GetModuleFileNameA
GetTimeFormatA
ReadConsoleInputA
UnhandledExceptionFilter
SetFileTime
SetStdHandle
lstrlenA
HeapCreate
GetLocaleInfoW
OpenProcess
CreateFileA
FlushFileBuffers
LoadLibraryW

comctl32

ImageList_SetFlags
InitMUILanguage
ImageList_GetFlags
ImageList_BeginDrag
CreateMappedBitmap
ImageList_Add
ImageList_Replace
InitCommonControlsEx
ImageList_Copy
ImageList_AddMasked

shell32

DuplicateIcon
SHGetSpecialFolderPathA
ShellAboutW

wininet

GopherOpenFileA
InternetTimeToSystemTime
InternetDial
InternetGetLastResponseInfoW

user32

RegisterClassExW
DdePostAdvise
RegisterClassA
CreateWindowExA
GetSystemMetrics
GetComboBoxInfo
CreateDesktopA
GetNextDlgTabItem
SendMessageW
CharLowerW
MessageBoxW
DeleteMenu
SetScrollPos
WindowFromDC
DestroyWindow
TranslateMDISysAccel
VkKeyScanW
SetMenuItemInfoA
SetMenuItemBitmaps
RegisterWindowMessageW
ShowWindow
DefWindowProcW
RegisterClassExA
CopyImage
CreateMDIWindowA
ReplyMessage
RegisterClassW
SetSysColors
GetUpdateRgn
EnumPropsExW
LoadCursorA

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6f4cbca94621eef5205445c2cc4d512

Headers

File Characteristics

Imports

kernel32

comctl32

shell32

wininet

user32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 136KB - Virtual size: 133KB

.data Size: 96KB - Virtual size: 108KB

.rsrc Size: 88KB - Virtual size: 84KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 136KB - Virtual size: 133KB

.data
Size: 96KB - Virtual size: 108KB

.rsrc
Size: 88KB - Virtual size: 84KB