2be722ac6ff170765f5b44f0c0b902876e0bf3a14897e6ae33ef071f088ebe30

Sharing

Copy URL

Twitter E-mail

General

Target

2be722ac6ff170765f5b44f0c0b902876e0bf3a14897e6ae33ef071f088ebe30
Size

128KB
MD5

c8097342245cf7c2e7b82e20168a64de
SHA1

b066df687b8242069dc4093ce19ca481205218ef
SHA256

2be722ac6ff170765f5b44f0c0b902876e0bf3a14897e6ae33ef071f088ebe30
SHA512

2559e6fc3b9d462514a319b34720b17c1334fe3cd5858f4f932af5d26f4c7cd94a316e58d905967f5a3ace9fd0711bd214093a3bcefdbce82ca984207a089bb1
SSDEEP

3072:Jx3vgAghd3vHon5rUk1XAyIwaQXroA41l5DIm5DIN5DI5JM4en3MKObi0vGFI/H:Jx34AgX3vHw5VtcdS3M/bICH

Score

N/A

Malware Config

Signatures

Files

2be722ac6ff170765f5b44f0c0b902876e0bf3a14897e6ae33ef071f088ebe30
.exe windows x86

ad8ba70f842997a65c2c084629c51fcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntW
MultiByteToWideChar
DeleteFileW
GetPrivateProfileStringW
WaitForSingleObject
GetExitCodeProcess
GetModuleFileNameW
GetShortPathNameW
FindClose
FindNextFileW
RemoveDirectoryW
FindFirstFileW
SetFilePointer
GetFileSize
CreateFileW
CreateDirectoryW
InterlockedDecrement
LocalFree
LocalAlloc
GetCurrentProcessId
lstrcmpA
GetVersionExW
GetTickCount
GetCurrentProcess
GetLastError
ReadFile
VirtualAlloc
VirtualFree
GetStartupInfoA
GetModuleHandleA
WritePrivateProfileStringW
lstrcatW
CopyFileW
FreeLibrary
GetLongPathNameW
CreateToolhelp32Snapshot
Module32FirstW
lstrcpyW
lstrlenW
WideCharToMultiByte
LoadLibraryW
GetProcAddress
Sleep
CreateProcessW
CloseHandle

user32

PostMessageW
FindWindowW
ShowWindow
DrawTextW
BeginPaint
DialogBoxParamW
EnableMenuItem
EndDialog
LoadStringW
GetWindowThreadProcessId
SendMessageW
CreateDialogParamW
SetWindowPos
GetDlgItem
LoadIconW
PeekMessageW
TranslateMessage
DispatchMessageW
SetTimer
DestroyWindow
GetDesktopWindow
MessageBoxW
ExitWindowsEx
IsWindow
GetSystemMenu
EndPaint

gdi32

GetObjectW
CreateFontIndirectW
SetBkMode
SelectObject

advapi32

RegOpenKeyExW
RegLoadKeyW
RegSaveKeyW
RegUnLoadKeyW
OpenProcessToken
LookupPrivilegeValueW
RegCloseKey
AdjustTokenPrivileges

shell32

ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW

comctl32

InitCommonControlsEx

shlwapi

SHDeleteValueW
SHDeleteKeyW
SHSetValueW
PathIsRootW
StrStrW
SHGetValueW
PathFileExistsW

msvcrt

free
_strnicmp
iswspace
memmove
_waccess
memcpy
wcsncpy
memcmp
_wcsnicmp
wcscmp
_wfopen
fseek
ftell
??2@YAPAXI@Z
fread
fgetws
fclose
fwrite
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
wcsstr
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_except_handler3
_controlfp
_stricmp
_itow
wcscpy
_snwprintf
wcscat
strlen
strncpy
wcsrchr
__CxxFrameHandler
memset
_wcsicmp
wcslen
__set_app_type

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wintrust

CryptCATAdminCalcHashFromFileHandle
CryptCATAdminReleaseContext
CryptCATAdminReleaseCatalogContext
CryptCATAdminEnumCatalogFromHash
CryptCATAdminAcquireContext
WinVerifyTrust

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__360sta
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad8ba70f842997a65c2c084629c51fcb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

shlwapi

msvcrt

version

wintrust

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 20KB

__360sta Size: 4KB - Virtual size: 4B

.rsrc Size: 152KB - Virtual size: 148KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 20KB

__360sta
Size: 4KB - Virtual size: 4B

.rsrc
Size: 152KB - Virtual size: 148KB