2558b674b1252290f78f8149eedd54403c514ce4ebb2779bfffd3b6ad74b4ec0

Sharing

Copy URL Twitter E-mail

General

Target

2558b674b1252290f78f8149eedd54403c514ce4ebb2779bfffd3b6ad74b4ec0
Size

921KB
MD5

a96e40b863242f7bc31db0d61165f0b3
SHA1

93466d117d9d5471d7b70e0363c4b074c8caa8ae
SHA256

2558b674b1252290f78f8149eedd54403c514ce4ebb2779bfffd3b6ad74b4ec0
SHA512

00846dccc7047cb60a4d584bc0e1acb443300484af1df9142d7a9ba7ce022469fbf32eaf2ba5add86d89bcea94986c5d53df3e26bf24e557edd8b96d5640e27c
SSDEEP

24576:qzx0W+LwBm2tOEw0TcBCzXy4me4rSpKFuE/1B77w/+q:qF0W+Lb2tOEw0TcBCzXy4me4rSpKFb1

Score

N/A

Malware Config

Signatures

Files

2558b674b1252290f78f8149eedd54403c514ce4ebb2779bfffd3b6ad74b4ec0
.exe windows x86

8e2f8469f8db9340a1609fd054b7a759

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineW

kernel32

InterlockedDecrement
GetModuleFileNameW
LeaveCriticalSection
GetCurrentThreadId
MultiByteToWideChar
LoadResource
FindResourceW
GetProcAddress
GetModuleHandleW
FreeLibrary
InterlockedIncrement
lstrcmpiW
LoadLibraryExW
GetCurrentProcessId
QueryPerformanceCounter
WideCharToMultiByte
GetStringTypeW
EncodePointer
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
OutputDebugStringW
HeapAlloc
HeapFree
GetProcessHeap
InterlockedPopEntrySList
InterlockedPushEntrySList
EnterCriticalSection
VirtualAlloc
VirtualFree
LoadLibraryExA
LocalFree
RtlUnwind
QueryPerformanceFrequency
HeapReAlloc
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
GetACP
GetFileType
HeapSize
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
SetFilePointerEx
GetTimeZoneInformation
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
WriteConsoleW
ReadConsoleW
CreateFileW
SetEndOfFile
SetLastError
SetThreadLocale
SizeofResource
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
GetSystemDefaultLangID
InitializeCriticalSectionAndSpinCount
SetThreadUILanguage
FlushInstructionCache

user32

GetClientRect
GetDlgItem
GetParent
DialogBoxParamW
PtInRect
SetWindowLongW
GetCursorPos
GetWindowTextW
UnregisterClassW
MessageBoxW
MessageBoxA
SetCapture
GetWindowLongW
GetWindowTextLengthW
GetWindow
GetWindowRect
SetWindowPos
MonitorFromWindow
SendMessageW
EndDialog
LoadStringW
GetActiveWindow
GetCapture
GetMonitorInfoW
SetDlgItemTextW
MapWindowPoints
CharNextW
ReleaseCapture
LoadIconW

advapi32

RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegCloseKey
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
SystemFunction036
RegOpenKeyExW

shell32

ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc

oleaut32

VariantClear
SysFreeString
SysAllocString
SysStringLen
VarUI4FromStr
VariantChangeType
VariantInit

Sections

.text
Size: 493KB - Virtual size: 492KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e2f8469f8db9340a1609fd054b7a759

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 493KB - Virtual size: 492KB

.rdata Size: 110KB - Virtual size: 110KB

.data Size: 18KB - Virtual size: 26KB

.gfids Size: 2KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 265KB - Virtual size: 264KB

.reloc Size: 30KB - Virtual size: 30KB

.text
Size: 493KB - Virtual size: 492KB

.rdata
Size: 110KB - Virtual size: 110KB

.data
Size: 18KB - Virtual size: 26KB

.gfids
Size: 2KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 265KB - Virtual size: 264KB

.reloc
Size: 30KB - Virtual size: 30KB