887534fe34e9928224d5d1d5abc0b5b81ddf75d0ce063782d9a471fc35d47113

Sharing

Copy URL Twitter E-mail

General

Target

887534fe34e9928224d5d1d5abc0b5b81ddf75d0ce063782d9a471fc35d47113
Size

66KB
MD5

230ff639f0d42b5ca7ff1233cc0780d2
SHA1

3951a9e891752c177d310132d36acccb7a888fd9
SHA256

887534fe34e9928224d5d1d5abc0b5b81ddf75d0ce063782d9a471fc35d47113
SHA512

0ec659d0c56a3706822a97ade7a5a0be4551b86309ff15ff00477296076b93dfd6f9caa6e3453f823edfeaaaf9f13027598738cb79249108b523b4d99cc157ab
SSDEEP

1536:MjfeFLvn1Yeqg7gE1ZXLf5zagrC9+wTfe5Ec:jLXxBZXL5tafe5Ec

Score

N/A

Malware Config

Signatures

Files

887534fe34e9928224d5d1d5abc0b5b81ddf75d0ce063782d9a471fc35d47113
.exe windows x86

c9094e393cf42290366eb544b620a976

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateToolbarEx
ord17
CreateStatusWindowW

kernel32

LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
lstrcpyW
WideCharToMultiByte
GetLocaleInfoA
HeapSize
RtlUnwind
HeapReAlloc
HeapAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetWindowsDirectoryW
CloseHandle
lstrcatW
VirtualAlloc
GlobalUnlock
lstrlenW
lstrcmpW
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
InterlockedDecrement
GetLastError
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetProcAddress
Sleep
GetModuleHandleW
SetUnhandledExceptionFilter
CreateFileW
ReadFile
GetConsoleWindow
GlobalAlloc
EnumLanguageGroupLocalesW
GetProcessHeap
GlobalLock
HeapFree
CreateProcessW
GetFileSize
MultiByteToWideChar

msacm32

acmStreamSize
acmFormatEnumW
acmStreamPrepareHeader
acmFilterChooseA

mscms

GetStandardColorSpaceProfileA
GetCMMInfo
GetColorProfileFromHandle
SetColorProfileElementReference

wininet

ParseX509EncodedCertificateForListBoxEntry
CreateUrlCacheEntryA
InternetGetCertByURL
CreateUrlCacheContainerW
GopherOpenFileA
InternetOpenUrlA
FtpFindFirstFileW
GopherOpenFileW
CommitUrlCacheEntryA

oleaut32

VarFormatNumber
VarBstrFromUI2
SafeArrayAllocData
VarDecFromI2

gdi32

StartDocA
StartPage
ResetDCA
GetCharABCWidthsI
EnumEnhMetaFile
GetGraphicsMode
SetBkMode

user32

UnloadKeyboardLayout
RegisterWindowMessageW
CheckDlgButton
EnumDesktopsA
CreateAcceleratorTableA
DispatchMessageW
DestroyWindow
GetWindowTextLengthW
CloseClipboard
TranslateAcceleratorW
GetMessageW
PostQuitMessage
DialogBoxParamW
LoadCursorW
GetClientRect
SetFocus
wsprintfW
TranslateMessage
LoadAcceleratorsW
GetMenu
GetWindowTextW
EnableMenuItem
EmptyClipboard
GetDlgItem
EndDialog
LoadStringW
MoveWindow
ShowWindow
IsDlgButtonChecked
CreateWindowExW
OpenClipboard
MessageBoxW
RegisterClassW
IsWindowVisible
SendMessageW
UpdateWindow
SetClipboardData
SetWindowTextW
DefWindowProcW
CheckMenuItem

ole32

EnableHookObject
OleIsRunning
OleCreateLinkFromDataEx
HMETAFILE_UserUnmarshal
WriteClassStm
CLSIDFromString
OleInitialize
OleUninitialize
CreateStdProgressIndicator

wsock32

getservbyport
WSAAsyncGetHostByName
getservbyname
ord1113
socket
ord1115

mpr

MultinetGetConnectionPerformanceA
WNetEnumResourceW
WNetGetProviderNameW
WNetGetResourceParentW
WNetAddConnection3W
WNetGetConnectionA

comdlg32

GetOpenFileNameW

advapi32

RegOpenKeyW
RegSetValueExW
RegCloseKey
RegEnumValueW
RegGetValueW
RegCreateKeyW
RegEnumKeyW
RegQueryValueW

shell32

ShellAboutW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9094e393cf42290366eb544b620a976

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

msacm32

mscms

wininet

oleaut32

gdi32

user32

ole32

wsock32

mpr

comdlg32

advapi32

shell32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 8KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 8KB

.reloc
Size: 5KB - Virtual size: 4KB