5c7c9bdaa5ffeb0fd2e28ec4ac9f3f200c421443cf8ee37063735964dd9ed18b

Sharing

Copy URL

Twitter E-mail

General

Target

5c7c9bdaa5ffeb0fd2e28ec4ac9f3f200c421443cf8ee37063735964dd9ed18b
Size

526KB
MD5

deb7ea4e988481d4fddc7ed9d7fa2b3e
SHA1

e927b245e4fce6183b8c6b0f304619aa29022d85
SHA256

5c7c9bdaa5ffeb0fd2e28ec4ac9f3f200c421443cf8ee37063735964dd9ed18b
SHA512

b8d9ab7c1c843fe440e52c82b8acd49647fc48f6c987ec1991f0851e5e8a0562b579c7da0258865c564efb32794444d5fa7fed598fd1c8fccaa8ffaf016a5714
SSDEEP

12288:2egwnGC3V1Eo0Fl2/UELlbTsFUMOBX75YAJm/1V:2ePGCl1Eo0Fl2tBTVMOBX9YWm/1V

Score

N/A

Malware Config

Signatures

Files

5c7c9bdaa5ffeb0fd2e28ec4ac9f3f200c421443cf8ee37063735964dd9ed18b
.exe windows x86

310b518613ba1b3f0266b6aa1907fc1b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenW
InternetErrorDlg
HttpSendRequestW
InternetOpenUrlW
HttpOpenRequestW
InternetCloseHandle
InternetQueryOptionW
HttpOpenRequestA
InternetReadFile
HttpQueryInfoW
HttpSendRequestA
InternetConnectW

urlmon

UrlMkGetSessionOption
CoInternetSetFeatureEnabled

kernel32

MultiByteToWideChar
WideCharToMultiByte
CreateProcessW
VirtualQuery
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
GetFileSize
ReadFile
lstrcmpiA
MoveFileExW
GetCurrentThread
FreeResource
GlobalAlloc
WriteFile
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
MulDiv
lstrcmpW
lstrlenW
FreeLibrary
lstrcmpiW
LoadLibraryExW
TerminateProcess
GetPrivateProfileIntW
WritePrivateProfileStringW
WaitForSingleObject
SetFilePointer
lstrlenA
lstrcpynW
UnmapViewOfFile
LocalFree
MapViewOfFileEx
CreateFileMappingW
lstrcpyW
Sleep
InterlockedCompareExchange
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
VirtualAlloc
VirtualFree
VirtualProtect
GetLastError
DecodePointer
EncodePointer
GetStringTypeW
HeapFree
GetProcessHeap
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
IsProcessorFeaturePresent
HeapDestroy
HeapReAlloc
HeapSize
IsDebuggerPresent
CreateThread
ExitThread
GetSystemTimeAsFileTime
GetCommandLineW
RtlUnwind
GetCPInfo
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
GetStdHandle
IsValidCodePage
GetACP
GetOEMCP
GetFileType
GetConsoleCP
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GlobalUnlock
GlobalLock
FlushInstructionCache
SetLastError
RaiseException
LeaveCriticalSection
HeapAlloc
EnterCriticalSection
SetUnhandledExceptionFilter
GetLocalTime
GetTempPathW
CloseHandle
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
UnhandledExceptionFilter
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
ReadConsoleW
OutputDebugStringW
LoadLibraryW
SetStdHandle
WriteConsoleW
SetEndOfFile

user32

DestroyAcceleratorTable
GetWindowThreadProcessId
AttachThreadInput
GetDesktopWindow
ReleaseDC
InvalidateRgn
FillRect
ReleaseCapture
GetForegroundWindow
SetCapture
BringWindowToTop
IsIconic
MoveWindow
IsWindowVisible
SetTimer
GetWindow
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
MapWindowPoints
SetFocus
SetWindowTextW
ScreenToClient
ClientToScreen
DestroyWindow
RedrawWindow
CharNextW
GetSysColor
GetClassNameW
IsWindow
SendMessageW
GetDlgItem
GetFocus
IsChild
RegisterWindowMessageW
GetKeyState
GetDlgCtrlID
SendNotifyMessageW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
FindWindowW
LoadImageW
GetSystemMetrics
RealGetWindowClassW
UnregisterClassW
EnumChildWindows
SetForegroundWindow
KillTimer
PostMessageW
DialogBoxParamW
RegisterClipboardFormatW
GetDC
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
GetWindowTextLengthW
GetWindowTextW
SetLayeredWindowAttributes
ShowWindow
WindowFromPoint
SetWindowPos
GetCursorPos
wsprintfW
MessageBoxW
PtInRect
DrawTextW
EndPaint
BeginPaint
SystemParametersInfoW
SetRect
InvalidateRect
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
GetClientRect
CreateAcceleratorTableW

gdi32

TextOutW
CreateSolidBrush
GetObjectW
GetDeviceCaps
Rectangle
GetStockObject
CreatePen
SetTextColor
SetBkMode
ExtTextOutW
SetBkColor
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SetViewportOrgEx
DeleteDC
DeleteObject
SelectObject
CreateFontIndirectW

advapi32

GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSecurityDescriptorLength
GetSecurityDescriptorControl
MakeSelfRelativeSD
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
GetSecurityDescriptorOwner

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW
CommandLineToArgvW
ShellExecuteW

ole32

CreateStreamOnHGlobal
ProgIDFromCLSID
CoTaskMemRealloc
CLSIDFromString
RegisterDragDrop
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
OleLockRunning
CoCreateInstance
CoGetClassObject
CLSIDFromProgID
OleInitialize

oleaut32

SysFreeString
VariantClear
SysAllocString
OleCreateFontIndirect
SysStringLen
LoadRegTypeLi
LoadTypeLi
VariantInit
SysAllocStringLen
VarUI4FromStr
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayCopy
SafeArrayGetVartype
SafeArrayUnaccessData
SafeArrayAccessData

shlwapi

PathFindExtensionW
PathFindFileNameW
StrCmpIW
SHRegGetPathW
StrCmpW
PathFileExistsW
StrStrIW
StrCmpNIW
PathCombineW
PathAppendW

dbghelp

MiniDumpWriteDump

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

gdiplus

GdipImageSelectActiveFrame
GdipFree
GdipDisposeImage
GdipAlloc
GdipDeleteGraphics
GdipCreateFromHWND
GdipCloneImage
GdipLoadImageFromStreamICM
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipCreateFromHDC
GdipDrawImageRectI
GdiplusStartup
GdipDrawImageI

Sections

.text
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

310b518613ba1b3f0266b6aa1907fc1b

Headers

DLL Characteristics

File Characteristics

Imports

wininet

urlmon

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

dbghelp

version

gdiplus

Sections

.text Size: 330KB - Virtual size: 329KB

.rdata Size: 90KB - Virtual size: 90KB

.data Size: 23KB - Virtual size: 40KB

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 55KB - Virtual size: 55KB

.text
Size: 330KB - Virtual size: 329KB

.rdata
Size: 90KB - Virtual size: 90KB

.data
Size: 23KB - Virtual size: 40KB

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 55KB - Virtual size: 55KB