5af50a8739b29421b66aae5371ea7b88470c5403a2bbb4f838fc7ff369de3836

Sharing

Copy URL Twitter E-mail

General

Target

5af50a8739b29421b66aae5371ea7b88470c5403a2bbb4f838fc7ff369de3836
Size

1.1MB
MD5

41ed02afafa4e49264d3962dfcdd5031
SHA1

88e553655496eb5f5bc0faadff0b7108c81eadbf
SHA256

5af50a8739b29421b66aae5371ea7b88470c5403a2bbb4f838fc7ff369de3836
SHA512

7bf9803a048b7430139d9d35212a9bf0c451969412eff3a5d1c59670a6291480bca875df7172547fae1ae9420697b1d16a9f6718fdffd08f5470a0a25497a808
SSDEEP

12288:CPYtQATa1NkUN6STPTT6EsGawmeec0RsboSIbsdGB1WPud5srQVe:CwtvTazLNdTyENRT0CbBMsyA

Score

N/A

Malware Config

Signatures

Files

5af50a8739b29421b66aae5371ea7b88470c5403a2bbb4f838fc7ff369de3836
.exe windows x86

d1f4a31492553ec9b1d4a84c992cd56f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
lstrlenW
MultiByteToWideChar
lstrlenA
GlobalUnlock
GlobalLock
InterlockedIncrement
InterlockedDecrement
lstrcmpA
WritePrivateProfileStringA
CompareStringW
CompareStringA
SetEndOfFile
LoadLibraryA
GetStringTypeW
GetStringTypeA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
FindResourceA
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
VirtualAlloc
VirtualFree
HeapCreate
GetProcAddress
HeapSize
HeapReAlloc
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
RaiseException
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
TerminateProcess
ExitProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
SetFileAttributesA
LoadResource
LockResource
GlobalHandle
GlobalFree
FreeResource
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
CopyFileA
CreateProcessA
CreateMutexA
GetLastError
GetCurrentDirectoryA
ReleaseMutex
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileStringA
CreateThread
ResumeThread
CloseHandle
WaitForSingleObject
GetEnvironmentStringsW
Sleep
RtlUnwind
InterlockedExchange
SetEnvironmentVariableA
FindFirstFileA
FindNextFileA
FindClose
SetCurrentDirectoryA
CreateDirectoryA
GetFileSize
WriteFile
ReadFile
SetFilePointer
CreateFileA
GetFileAttributesA
DeleteFileA
MoveFileA
FlushInstructionCache
IsBadWritePtr
GetDiskFreeSpaceExA

user32

MapWindowPoints
SetWindowLongA
SystemParametersInfoA
GetWindow
GetParent
GetClientRect
SetWindowPos
SendMessageA
GetWindowLongA
EndPaint
BeginPaint
EndDialog
LoadImageA
SetWindowRgn
GetDlgItem
GetWindowRect
MoveWindow
LoadStringA
DefWindowProcA
ReleaseDC
GetDC
IsWindowVisible
GetSystemMetrics
CallWindowProcA
PostMessageA
SetTimer
SetWindowTextA
OffsetRect
ShowWindow
GetDesktopWindow
wsprintfA
CreateDialogIndirectParamA
PtInRect
CreateWindowExA
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetClassNameA
RedrawWindow
IsWindow
FillRect
GetFocus
IsChild
SetFocus
GetSysColor
GetWindowTextLengthA
GetWindowTextA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
DialogBoxIndirectParamA
DestroyWindow
GetActiveWindow
IsWindowEnabled
EnableWindow
KillTimer
DialogBoxParamA

gdi32

GetStockObject
CreateSolidBrush
GetDeviceCaps
GetObjectA
CreateCompatibleBitmap
TextOutA
GetTextMetricsA
SetBkMode
SetTextColor
CreateFontIndirectA
BitBlt
CreateCompatibleDC
SelectObject
GetPixel
CreateRectRgn
DeleteObject
DeleteDC

shell32

SHFileOperationA

ole32

OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
CoUninitialize

oleaut32

VariantClear
SysFreeString
SysAllocStringLen
SysAllocString
LoadRegTypeLi
SysStringLen
OleCreateFontIndirect

ws2_32

closesocket
setsockopt
ioctlsocket
socket
WSACleanup
select
connect
htons
gethostbyname
inet_addr
__WSAFDIsSet
recv
inet_ntoa
send
WSAGetLastError
WSAStartup

shlwapi

PathFileExistsA

winmm

timeGetTime

comctl32

_TrackMouseEvent
InitCommonControlsEx

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 924KB - Virtual size: 921KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1f4a31492553ec9b1d4a84c992cd56f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

ws2_32

shlwapi

winmm

comctl32

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 924KB - Virtual size: 921KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 924KB - Virtual size: 921KB