791589997ff52b3a4e158edf17dbed86beae8b59f0517166d7b151c809f01c5d

Sharing

Copy URL Twitter E-mail

General

Target

791589997ff52b3a4e158edf17dbed86beae8b59f0517166d7b151c809f01c5d
Size

620KB
MD5

bdb1e0d7fa6e7c3902df9e38c22074f9
SHA1

ac685f32f3b020276f2339b6ca5fb302b5c0bc27
SHA256

791589997ff52b3a4e158edf17dbed86beae8b59f0517166d7b151c809f01c5d
SHA512

232c37ed784b0c1579cd521ccc69213dc916e1b243a6a84e6ab3509ef73382f8d4290692078cde173f85a3aff5588db86d96e67664e1f4a38a33483d67d60a3e
SSDEEP

12288:yw61ZO7cFz87dd7srf7ovyT1tZ1OB+/ApKP9nD1T4l1WM:oZO7cFz0Oz7syT1tZ9A4N1T4l1WM

Score

N/A

Malware Config

Signatures

Files

791589997ff52b3a4e158edf17dbed86beae8b59f0517166d7b151c809f01c5d
.exe windows x86

84695bdc33a7629db382fd6a16f3a3d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoCreateInstance
CoInitialize

winmm

timeGetTime

kernel32

OutputDebugStringA
MoveFileExA
SetEndOfFile
GetSystemTime
OpenProcess
GetLogicalDriveStringsA
GetDriveTypeA
SetErrorMode
lstrlenA
CreateDirectoryA
GetCurrentProcessId
GetModuleHandleA
GetCurrentThreadId
AllocConsole
SetFilePointer
CreateThread
ResumeThread
GetComputerNameA
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
FindFirstFileA
FindNextFileA
FindClose
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
InterlockedExchange
FindResourceA
GetStdHandle
CreateMutexA
LockResource
SizeofResource
LoadResource
CreateProcessA
TerminateProcess
SetProcessShutdownParameters
WaitForSingleObject
GetVersionExA
Sleep
GlobalAlloc
CreateFileA
GetDiskFreeSpaceExA
WriteFile
CloseHandle
GlobalLock
SetFileTime
FlushFileBuffers
SystemTimeToFileTime
GlobalFree
DeleteFileA
GlobalUnlock
FileTimeToSystemTime
GetFileSize
GetFileTime
IsBadReadPtr
ReadFile
IsBadWritePtr
WriteConsoleA
HeapSize
IsValidLocale
IsValidCodePage
SetLastError
TlsFree
ExitThread
RaiseException
GetVersion
GetCommandLineA
GetStartupInfoA
GetFileType
SetStdHandle
ExitProcess
InterlockedIncrement
InterlockedDecrement
GetLocalTime
GetTimeZoneInformation
HeapFree
HeapAlloc
RtlUnwind
TlsGetValue
HeapReAlloc
SetConsoleCtrlHandler
GetCPInfo
TlsAlloc
GetCurrentThread
DuplicateHandle
TlsSetValue
SetThreadPriority
CreateSemaphoreA
ReleaseSemaphore
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetEnvironmentVariableA
HeapDestroy
HeapCreate
GetEnvironmentStrings
GetOEMCP
FatalAppExitA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetHandleCount
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadCodePtr
GetStringTypeA
GetStringTypeW
VirtualAlloc
VirtualFree
GetCurrentProcess
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID

user32

GetSystemMetrics
RegisterWindowMessageA
InvalidateRect
wsprintfA
GetWindowRect
mouse_event
keybd_event
SetTimer
GetForegroundWindow
GetWindowThreadProcessId
SetActiveWindow
MessageBeep
FlashWindow
DispatchMessageA
TranslateMessage
WaitMessage
GetDesktopWindow
GetClassNameA
WindowFromPoint
GetCursorPos
PeekMessageA
DestroyWindow
ChangeClipboardChain
KillTimer
FindWindowA
EnumDesktopWindows
OpenDesktopA
GetWindowTextA
EnumWindows
SetClipboardViewer
GetMessageA
PostThreadMessageA
EnumWindowStationsA
OpenWindowStationA
SystemParametersInfoA
GetKeyboardState
CloseWindowStation
IsRectEmpty
LoadImageA
ChangeDisplaySettingsA
GetThreadDesktop
SetThreadDesktop
OpenInputDesktop
CloseDesktop
EnumDisplaySettingsA
GetDC
ReleaseDC
GetWindowLongA
EndDialog
GetDlgItemTextA
SetFocus
SetWindowLongA
SetWindowTextA
LoadStringA
SetForegroundWindow
DialogBoxParamA
GetScrollInfo
PostMessageA
SetDlgItemTextA
GetDlgItem
SendDlgItemMessageA
MessageBoxA
SendMessageA
GetProcessWindowStation
GetUserObjectInformationA
ExitWindowsEx
GetDlgItemInt
IsDlgButtonChecked
SetDlgItemInt
CheckDlgButton
GetSubMenu
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
EnableMenuItem
DestroyMenu
LoadIconA
LoadMenuA
MapVirtualKeyA
GetAsyncKeyState
SetRect
IsIconic
GetParent
WaitForInputIdle
GetClipboardOwner
GetClipboardData
DefWindowProcA
PostQuitMessage
IsWindowVisible
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetIconInfo
DrawIconEx
LoadCursorA
RegisterClassExA
CreateWindowExA
VkKeyScanA
EnableWindow
SetProcessWindowStation

gdi32

CreateRectRgn
SetRectRgn
OffsetRgn
DeleteObject
GetRgnBox
EqualRgn
GetRegionData
CreateDCA
ExtEscape
GetSystemPaletteEntries
BitBlt
PatBlt
DeleteDC
CreateSolidBrush
CreateCompatibleDC
SelectObject
GetPixel
GetDIBits
GetClipBox
GetDeviceCaps
SetDIBColorTable
CreateCompatibleBitmap
SelectPalette
CreatePalette
RealizePalette
CreateDIBSection
GdiFlush
GetStockObject
GetObjectA
GetBitmapBits
CombineRgn

wsock32

WSAGetLastError
getsockname
getpeername
accept
listen
recv
send
htons
ioctlsocket
bind
shutdown
closesocket
socket
setsockopt
WSACleanup
WSAStartup
inet_addr
gethostname
gethostbyname
connect
htonl

shell32

Shell_NotifyIconA
ShellExecuteA

advapi32

CloseServiceHandle
RegCloseKey
RegSetValueExA
RegCreateKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
GetUserNameA
RevertToSelf
ImpersonateLoggedOnUser
OpenProcessToken
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
CreateServiceA
OpenSCManagerA
DeleteService
QueryServiceStatus
ControlService
OpenServiceA
RegDeleteValueA
RegOpenKeyA
SetServiceStatus
DeregisterEventSource
ReportEventA
RegisterEventSourceA

vnchooks

SetHooks
SetKeyboardFilterHook
SetMouseFilterHook
UnSetHooks

Sections

.text
Size: 336KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84695bdc33a7629db382fd6a16f3a3d4

Headers

File Characteristics

Imports

ole32

winmm

kernel32

user32

gdi32

wsock32

shell32

advapi32

vnchooks

Sections

.text Size: 336KB - Virtual size: 334KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 64KB - Virtual size: 134KB

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 160KB - Virtual size: 158KB

.reloc Size: 20KB - Virtual size: 16KB

.text
Size: 336KB - Virtual size: 334KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 64KB - Virtual size: 134KB

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 160KB - Virtual size: 158KB

.reloc
Size: 20KB - Virtual size: 16KB