winttx151setup[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

winttx151setup.exe
Size

664KB
MD5

cf3b1271cc654555a901caad991e4721
SHA1

6d30e3654313bcdf60f13f7f974715631481c173
SHA256

e3992c385c2d5ba0c566024db8c27236d1bb2ee3588a6849325b8d817779ac87
SHA512

b5b5195e9f1091afd90c7917d002c52e019203b958ec5bccad5476d051744f12eb9f45e195fb0d403f84b32be6ec2dfd8ac8b4aeb068213170fea066e399f0de
SSDEEP

12288:6HX34kdTdrlD1rrlsX+aFx6uzD8A+ewQleCHEJYIvQ1fwJPeJs5vbhQpfN2Ff:637BrlD1GX+aFxBzYDewEeCHEJYI6fwX

Score

N/A

Malware Config

Signatures

Files

winttx151setup.exe
.exe windows x86

a397bf014307625adc2577c7aa765e29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetPrivateProfileStringA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
IsBadWritePtr
GetVersionExA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
MoveFileA
DeleteFileA
RtlUnwind
SetEnvironmentVariableA
CreateDirectoryA
HeapFree
HeapAlloc
HeapCompact
TerminateProcess
ExitProcess
GetFileAttributesA
SetFileAttributesA
GetModuleFileNameA
GetDriveTypeA
GetCurrentProcess
MoveFileExA
FormatMessageA
SetFileTime
WritePrivateProfileStringA
OpenFile
SetErrorMode
GetLocalTime
GetFullPathNameA
FindFirstFileA
FindClose
MultiByteToWideChar
WideCharToMultiByte
GetTempPathA
GetShortPathNameA
GetExitCodeProcess
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateProcessA
lstrcatA
lstrlenA
WinExec
LoadLibraryA
GetProcAddress
FreeLibrary
GetDiskFreeSpaceA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CloseHandle
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetLastError
GetWindowsDirectoryA
HeapReAlloc
GetSystemDirectoryA

user32

DialogBoxParamA
ExitWindowsEx
IsIconic
RedrawWindow
BringWindowToTop
DefWindowProcA
AdjustWindowRectEx
PostMessageA
EndDialog
IsDlgButtonChecked
GetLastActivePopup
FindWindowA
RegisterClassA
LoadIconA
PostQuitMessage
GetWindow
SendMessageA
GetSysColor
ScreenToClient
GetWindowRect
GetDlgItem
EndPaint
BeginPaint
GetClientRect
FillRect
CheckDlgButton
SetTimer
GetDlgItemTextA
SendDlgItemMessageA
CheckRadioButton
SetFocus
GetParent
UpdateWindow
IsWindowVisible
InvalidateRect
CreateDialogParamA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
SetDlgItemTextA
SetWindowTextA
SetWindowPos
ShowWindow
DestroyWindow
CreateWindowExA
GetWindowLongA
IsWindowEnabled
EnableWindow
CallWindowProcA
ValidateRect
SetWindowLongA
GetClassNameA
MessageBoxA
PeekMessageA
wsprintfA
GetSystemMetrics
DrawTextA
LoadCursorA

gdi32

DeleteDC
GetDeviceCaps
GetSystemPaletteEntries
CreatePalette
SetBkColor
DeleteObject
CreateFontIndirectA
AddFontResourceA
RemoveFontResourceA
GetStockObject
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
RealizePalette
SelectPalette
CreateHalftonePalette
CreateDIBPatternBrush
CreateSolidBrush
SetBrushOrgEx
SetStretchBltMode
StretchDIBits
ExtTextOutA
SetBkMode
SetTextColor

advapi32

RegDeleteValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA

shell32

SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

ole32

OleInitialize
CoCreateInstance
CoGetMalloc
OleUninitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerFindFileA

comctl32

ord17

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a397bf014307625adc2577c7aa765e29

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

version

comctl32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 20KB - Virtual size: 21KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 20KB - Virtual size: 21KB

.rsrc
Size: 12KB - Virtual size: 10KB