4769bdc3c340d2e384af60fdffbb63b834a349275a7bbd903279bae3733c9fd7

Sharing

Copy URL Twitter E-mail

General

Target

4769bdc3c340d2e384af60fdffbb63b834a349275a7bbd903279bae3733c9fd7
Size

512KB
MD5

597ab1aeba4c28eaad8807fb13b6c250
SHA1

d980d0575f455d155364f44e21d34c1d0f48bf67
SHA256

4769bdc3c340d2e384af60fdffbb63b834a349275a7bbd903279bae3733c9fd7
SHA512

9b005f658b6a2d54b981acb517670e1e370d9fc8a121b46dc8e87a913df88ea4c68f553c63680df39a387436dc8146f182c8519c1a7aa0785c08f2e6527ead16
SSDEEP

12288:o4c2pPp0i/yQ9dXIT03rxCra293soZrALyXJh:o4pX+a42LwL

Score

N/A

Malware Config

Signatures

Files

4769bdc3c340d2e384af60fdffbb63b834a349275a7bbd903279bae3733c9fd7
.exe windows x86

5f6c1b08a57a61c9ffd44be170af8c75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GlobalFree
GlobalUnlock
DeleteCriticalSection
TerminateThread
GlobalLock
GlobalAlloc
GetPrivateProfileIntW
GetPrivateProfileStringW
GetWindowsDirectoryW
SetCurrentDirectoryW
GetComputerNameA
GetSystemDirectoryW
GetDiskFreeSpaceExW
GetTickCount
SetFilePointer
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
UnmapViewOfFile
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
RtlUnwind
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetCPInfo
GetModuleFileNameA
GetStdHandle
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
HeapCreate
GetStartupInfoW
CreateThread
ResumeThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
MapViewOfFileEx
lstrcmpiW
InterlockedDecrement
CreateFileMappingW
InterlockedIncrement
GetSystemDirectoryA
LoadLibraryExW
LoadLibraryA
LeaveCriticalSection
GetCurrentThreadId
FreeLibrary
EnterCriticalSection
FreeResource
FlushInstructionCache
lstrcmpA
RaiseException
InitializeCriticalSection
GetModuleHandleW
GetProcAddress
RemoveDirectoryW
FindClose
FindNextFileW
GetCurrentProcess
MoveFileExW
MoveFileW
WaitForSingleObject
CreateProcessW
GetModuleFileNameW
GetLocalTime
WideCharToMultiByte
DeleteFileW
SetFileAttributesW
lstrcmpW
FindFirstFileW
GetCurrentProcessId
LoadLibraryW
ReadFile
lstrlenW
lstrlenA
GetFileAttributesW
MultiByteToWideChar
SetLastError
GetLastError
SizeofResource
CreateDirectoryW
LoadResource
LockResource
CloseHandle
WriteFile
GetFileSize
FindResourceW
CreateFileW
FindResourceExW
SetEndOfFile
GetStartupInfoA

user32

GetMessageW
DefWindowProcW
SystemParametersInfoW
TranslateMessage
SetWindowPos
DispatchMessageW
AttachThreadInput
ExitWindowsEx
wsprintfW
wvsprintfW
CharNextW
GetSystemMetrics
LoadBitmapW
FindWindowW
SendMessageTimeoutW
SetTimer
MessageBoxW
KillTimer
SetCursor
IsWindow
GetForegroundWindow
SetForegroundWindow
DrawIconEx
SetActiveWindow
IsWindowVisible
EndPaint
ClientToScreen
PostThreadMessageW
EqualRect
ShowWindow
InflateRect
CreateWindowExW
BeginPaint
OffsetRect
GetKeyState
GetWindowRect
CharNextA
GetFocus
SendMessageW
GetDlgCtrlID
PostMessageW
DrawFrameControl
IsChild
GetWindowLongW
CallWindowProcW
RegisterClassExW
LoadCursorW
GetParent
ReleaseDC
GetNextDlgTabItem
PeekMessageW
GetWindowThreadProcessId
IsDialogMessageW
LoadImageW
UnregisterClassA
WindowFromPoint
GetWindow
PtInRect
GetClientRect
DrawTextW
SetWindowLongW
MoveWindow
InvalidateRect
MapWindowPoints
UpdateLayeredWindow
DestroyWindow
SetCapture
ReleaseCapture
GetClassInfoExW
CopyRect
EnableWindow
GetMonitorInfoW
IsWindowEnabled
SetRectEmpty
MonitorFromWindow
GetDesktopWindow
GetActiveWindow
GetDC
DestroyIcon
SetFocus
wvsprintfA
SetWindowRgn
LoadIconW
GetScrollPos
GetDlgItem
SetRect

gdi32

DeleteDC
RectInRegion
OffsetRgn
SetRectRgn
CreateFontIndirectW
ExtTextOutW
SaveDC
SetBkColor
BitBlt
SelectClipRgn
CreateRectRgn
StretchBlt
GetObjectW
MoveToEx
GetStockObject
CreateRectRgnIndirect
SetTextColor
LineTo
DeleteObject
CreateDIBSection
CreatePen
CreateCompatibleDC
GetTextExtentPoint32W
SelectObject
GetCurrentObject
SetBkMode
GetClipRgn
RestoreDC
GetTextColor
RoundRect
CreateCompatibleBitmap
TextOutW
Rectangle
CreateRoundRectRgn
SetStretchBltMode
CreateBitmap
CombineRgn

advapi32

RegOpenKeyExW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegDeleteKeyW
RegOpenKeyW
CloseServiceHandle
OpenSCManagerW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegCloseKey

shell32

SHGetSpecialFolderPathW
ShellExecuteW

ole32

CreateStreamOnHGlobal
CoTaskMemAlloc
CoCreateInstance
CoCreateGuid
CoTaskMemRealloc
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

VarUI4FromStr
SysFreeString

shlwapi

PathFileExistsW
SHGetValueW
StrStrIA
StrToIntW
PathRemoveFileSpecW
PathAppendW
StrToIntA

comctl32

InitCommonControlsEx
_TrackMouseEvent

gdiplus

GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdiplusShutdown
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdipDeleteGraphics
GdipDeleteBrush
GdipCreateFontFromLogfontW
GdipCreateFontFromDC
GdipCreateSolidFill
GdipDeleteFont
GdipCreateStringFormat
GdipDeleteStringFormat
GdipGetImageHeight
GdipSetStringFormatAlign
GdipGetImageWidth
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipDrawString
GdipFree
GdipCloneBrush
GdipCreateFromHDC
GdipDrawImageRectRectI

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 374KB - Virtual size: 374KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f6c1b08a57a61c9ffd44be170af8c75

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

iphlpapi

version

Sections

.text Size: 374KB - Virtual size: 374KB

.rdata Size: 59KB - Virtual size: 58KB

.data Size: 9KB - Virtual size: 19KB

.rsrc Size: 95KB - Virtual size: 94KB

.text
Size: 374KB - Virtual size: 374KB

.rdata
Size: 59KB - Virtual size: 58KB

.data
Size: 9KB - Virtual size: 19KB

.rsrc
Size: 95KB - Virtual size: 94KB