a48d474374d6a51f08963bc65fee7f059b244302fdabd6a6b1d2693aa5748d44

Sharing

Copy URL

Twitter E-mail

General

Target

a48d474374d6a51f08963bc65fee7f059b244302fdabd6a6b1d2693aa5748d44
Size

762KB
MD5

cb63942bac51002b79ab0fa1ce4fdb57
SHA1

4c37b81fa0e253ab6d60b61970f057599bc6393f
SHA256

a48d474374d6a51f08963bc65fee7f059b244302fdabd6a6b1d2693aa5748d44
SHA512

1ef28f27d47549a81843764b9d1773481199b83eb83b0f599a4e708e762df90af56d0489ce69930d0acd8a9b87af7f9aa3378a4987f143805992d2bce309335c
SSDEEP

12288:w7j55E4clBt4RvQxAvQ8PnDvIlADK3FPxUXSbsJ2XNaXcgNJpUFyb5ADjc3xlAF5:w7V5E3xAXIlBJU2sJ2e9/Kk1BuFu3G44

Score

1^/10

Malware Config

Signatures

Files

a48d474374d6a51f08963bc65fee7f059b244302fdabd6a6b1d2693aa5748d44
.exe windows x86

9e58145fd68edf1105bca0358f458a02

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleInformation
WriteFile
GetFileAttributesW
ReadFile
MultiByteToWideChar
GetStdHandle
SetLastError
GetLocalTime
FindNextFileW
DuplicateHandle
GetProcAddress
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalFree
GetCurrentThreadId
GetModuleHandleExW
GetTickCount
SleepEx
WaitForMultipleObjectsEx
TerminateThread
LoadLibraryW
GetComputerNameExW
GetCommandLineW
SetErrorMode
SetEnvironmentVariableW
GetCurrentProcessId
GetDateFormatW
CreateDirectoryW
GetTimeFormatW
GetModuleFileNameW
RaiseException
DecodePointer
GetSystemTime
GetModuleHandleW
FormatMessageW
GetCurrentProcess
VerSetConditionMask
VerifyVersionInfoW
Sleep
GlobalFree
InterlockedExchange
WaitForSingleObject
InterlockedCompareExchange
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetCPInfo
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
WaitForSingleObjectEx
CreateTimerQueue
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SystemTimeToFileTime
FindFirstFileW
GetFullPathNameW
OutputDebugStringW
ResetEvent
SetEvent
CreateEventW
WideCharToMultiByte
GetLastError
CreateMutexW
RtlUnwind
LoadLibraryExW
HeapReAlloc
IsDebuggerPresent
GetDriveTypeW
ExitThread
CloseHandle
GetExitCodeProcess
ReleaseMutex
CreateThread
WriteConsoleW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
FreeLibraryAndExitThread
GetThreadTimes
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentDirectoryW
FlushFileBuffers
GetOEMCP
GetACP
IsValidCodePage
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
SetStdHandle
GetProcessHeap
HeapSize
HeapAlloc
GetFileType
IsProcessorFeaturePresent
HeapFree
EncodePointer
GetSystemTimeAsFileTime
GetStringTypeW
GetCurrentThread
DeviceIoControl
lstrlenW
GetFileTime
SwitchToThread
GetFileSize
SetEndOfFile
SetFilePointer
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateFileA
CreateDirectoryA
lstrcpynW
lstrlenA
OutputDebugStringA
CreateFileW
InterlockedIncrement
GetLongPathNameW
FreeLibrary
GetSystemDirectoryW
ExitProcess

user32

SetTimer
GetPropW
SetPropW
RemovePropW
DefWindowProcW
PostQuitMessage
LoadAcceleratorsW
TranslateAcceleratorW
TranslateMessage
GetMessageW
KillTimer
PostMessageW
DestroyWindow
IsWindow
SendMessageW
LoadCursorW
CreateWindowExW
RegisterClassExW
GetClassInfoExW
DispatchMessageW
SystemParametersInfoW
SetWindowPos
ShowWindow
ReleaseDC
UpdateLayeredWindow
GetDC
GetWindowRect
GetWindowLongW
SetWindowLongW
RegisterClassW
FindWindowExW

gdi32

DeleteObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC

advapi32

RegOpenKeyExA
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegQueryValueExA

shell32

SHGetSpecialFolderPathW
SHGetFolderPathA
ShellExecuteExW
CommandLineToArgvW
SHCreateDirectoryExW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

gdiplus

GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromScan0
GdipFree
GdipAlloc
GdipReleaseDC
GdipDrawImageRectI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageHeight
GdipGetImageWidth
GdiplusShutdown
GdiplusStartup

wininet

InternetOpenW
HttpOpenRequestA
HttpSendRequestW
InternetCloseHandle
InternetConnectW

ws2_32

recvfrom
ntohl
htonl
select
WSAGetLastError
htons
ntohs
getsockname
WSAStartup
sendto
recv
bind
socket
__WSAFDIsSet
closesocket
send
getsockopt
listen
accept
inet_ntoa
connect
ioctlsocket
getpeername
setsockopt

winhttp

WinHttpCloseHandle
WinHttpOpen
WinHttpSetStatusCallback
WinHttpConnect
WinHttpGetIEProxyConfigForCurrentUser
WinHttpOpenRequest
WinHttpSetTimeouts
WinHttpSetOption
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpWriteData
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpGetProxyForUrl
WinHttpCrackUrl

shlwapi

PathCanonicalizeW
PathIsDirectoryW
PathAppendW
PathAddBackslashW
PathRemoveFileSpecW
SHRegGetPathW
PathIsRelativeW
PathFileExistsW

netapi32

Netbios

Sections

.text
Size: 460KB - Virtual size: 460KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QMGuid
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e58145fd68edf1105bca0358f458a02

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

version

gdiplus

wininet

ws2_32

winhttp

shlwapi

netapi32

Sections

.text Size: 460KB - Virtual size: 460KB

.rdata Size: 191KB - Virtual size: 191KB

.data Size: 18KB - Virtual size: 37KB

.QMGuid Size: 512B - Virtual size: 32B

.rsrc Size: 42KB - Virtual size: 41KB

.reloc Size: 36KB - Virtual size: 32KB

.text
Size: 460KB - Virtual size: 460KB

.rdata
Size: 191KB - Virtual size: 191KB

.data
Size: 18KB - Virtual size: 37KB

.QMGuid
Size: 512B - Virtual size: 32B

.rsrc
Size: 42KB - Virtual size: 41KB

.reloc
Size: 36KB - Virtual size: 32KB