c85de281d2af0bb7d1fd454067f71e5030a4deaa668f28db2e5e99a045d3defd

Sharing

Copy URL Twitter E-mail

General

Target

c85de281d2af0bb7d1fd454067f71e5030a4deaa668f28db2e5e99a045d3defd
Size

304KB
MD5

89783157f36cf4fa3ad7e7ecc83b5d2b
SHA1

25ce8339f4ab3b428df1a4cdff0fffe1a041c996
SHA256

c85de281d2af0bb7d1fd454067f71e5030a4deaa668f28db2e5e99a045d3defd
SHA512

4fb86893d474c09602a9c0444f3e8167b9dc2c84d1bb20962847d9473061bc026ab1edbabfb56184b8f41f955a3496ba0c66b3bed66777f3e3f70d936e51b80b
SSDEEP

6144:k91W+movCMzBlE5+jTN/5tmAVM9Cvxbm6aZBkOMD:81Rmo9E5KTJ5tm0MCpbmtZB

Score

N/A

Malware Config

Signatures

Files

c85de281d2af0bb7d1fd454067f71e5030a4deaa668f28db2e5e99a045d3defd
.exe windows x86

82456c662893ea5fc8bb8b15a1be2976

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
LookupAccountSidA
LookupPrivilegeValueA
RegEnumKeyW
GetSecurityDescriptorGroup
OpenThreadToken
RegEnumKeyA
CopySid
CryptGetHashParam
RegCreateKeyW
RegQueryValueExW
RegSetValueA
RegDeleteKeyA
OpenServiceW
SetEntriesInAclW

shlwapi

UrlUnescapeW
StrStrIA
StrRetToStrW

comdlg32

CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameW

user32

MoveWindow
DialogBoxIndirectParamW
MapVirtualKeyA
GetUserObjectInformationW
GetWindowLongA
SetDlgItemTextW
IsWindowVisible
SetMenuItemInfoA
GetMenuItemInfoW
CreateIconIndirect
PostMessageW
DestroyCaret
DeferWindowPos
TrackPopupMenuEx
RegisterClassExW
ShowCursor
GetMenuStringA
ScrollWindow
DdeUninitialize
FindWindowExA
SystemParametersInfoA
MonitorFromPoint
ReleaseDC
RegisterClassExA
SetMenuDefaultItem
DdeFreeDataHandle
GetWindowThreadProcessId
IsWindowUnicode
SubtractRect
GetQueueStatus
DestroyAcceleratorTable
GetWindowTextLengthA
DrawStateW
IsDlgButtonChecked
GetCaretPos
SetParent
InflateRect
MessageBeep
WinHelpA
GetDlgItemInt
SetPropW
DefFrameProcA
CreateMenu
CharPrevW
RegisterClipboardFormatA
GetKeyboardLayoutList
CharToOemBuffA
SetWindowLongA
FlashWindow
RemovePropA
DdeDisconnect
GetWindowTextA
GetSysColorBrush
SetCaretPos
WindowFromDC
AllowSetForegroundWindow
LoadIconA
IsWindow
EndMenu
GetCaretBlinkTime
CreateDialogParamW
LoadStringA
OffsetRect
TranslateMessage
InvertRect
CheckDlgButton
ChildWindowFromPoint
OpenClipboard
CreateAcceleratorTableW
GetMenu
RemoveMenu
GetMenuStringW
GetMenuItemInfoA
SetScrollRange
IsZoomed
CheckMenuRadioItem
EnableMenuItem
LoadAcceleratorsA
MessageBoxIndirectW
PostThreadMessageA
CheckMenuItem
ModifyMenuW
CallWindowProcW
CharNextA
UpdateLayeredWindow

version

VerQueryValueA

ole32

CreateBindCtx
GetHGlobalFromILockBytes
ReadClassStg
OleGetIconOfClass
StgOpenStorageOnILockBytes
CoGetInterfaceAndReleaseStream
CoRegisterMessageFilter
StgOpenStorage
OleRun
StgCreateDocfileOnILockBytes
CoRegisterClassObject
OleQueryCreateFromData

kernel32

LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
HeapReAlloc
HeapAlloc
GetOEMCP
GetACP
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetLastError
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
GetProcAddress
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetCommandLineW
GetVersionExA
GetVolumeInformationW
CopyFileA
GetThreadLocale
FindNextFileW
GetProcessAffinityMask
IsProcessorFeaturePresent
GetLongPathNameW
GetConsoleOutputCP
AddAtomA
GetEnvironmentVariableA
GetPrivateProfileIntW
SetUnhandledExceptionFilter
GetStartupInfoW
SetNamedPipeHandleState
GetShortPathNameW
GetFullPathNameW
VerifyVersionInfoW
LoadLibraryW
SwitchToThread
GetPrivateProfileStringW
GetCurrentProcess
GetCPInfo
GetDiskFreeSpaceW
MoveFileA
GetTempFileNameW
VirtualProtect
CloseHandle
SetErrorMode
GetUserDefaultUILanguage
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
GetUserDefaultLangID
CompareFileTime
LocalFileTimeToFileTime
ResetEvent
SetConsoleCtrlHandler
FlushInstructionCache
MoveFileExA
LocalUnlock
GetModuleFileNameW
GetProfileStringW
SetPriorityClass
OpenEventA
VirtualAlloc
GetDiskFreeSpaceExW
DeleteTimerQueueTimer
GetFileType
lstrcmpA
_lread
LoadLibraryA
SetEnvironmentVariableA
ReleaseSemaphore
CopyFileW
GlobalHandle
GetSystemDefaultLangID
FlushFileBuffers
LoadResource
OpenEventW
TlsGetValue
CreateEventW
CreateThread
DeleteFileA
GlobalFindAtomW

oleaut32

VariantClear

gdi32

GetTextCharsetInfo
Arc
MoveToEx
SetROP2

comctl32

CreateToolbarEx
ImageList_GetBkColor

shell32

ExtractIconA
SHGetPathFromIDListW

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82456c662893ea5fc8bb8b15a1be2976

Headers

File Characteristics

Imports

advapi32

shlwapi

comdlg32

user32

version

ole32

kernel32

oleaut32

gdi32

comctl32

shell32

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 8KB - Virtual size: 5KB