4062c9e3fb85ce9a89fd5b6537997a97a32b32c5d31b879bff20540468998f77

Sharing

Copy URL Twitter E-mail

General

Target

4062c9e3fb85ce9a89fd5b6537997a97a32b32c5d31b879bff20540468998f77
Size

157KB
MD5

11e0e285b2fe6b35e577a9bc353a9ee5
SHA1

25d440254b215b7d994e895e8e87dcae17f8539b
SHA256

4062c9e3fb85ce9a89fd5b6537997a97a32b32c5d31b879bff20540468998f77
SHA512

cca8f1bdd8d85c1a18ea25c420f9fe7555749791bc4441383f64e1ea535f7e51a3e385ad3f0c5fc61345f0171c0479e0a0748d426ee0f7005dd4072461bc4c83
SSDEEP

3072:m66CbU0Xieb5BqJPm2sOl4wM+DIr0Yku12TZFwfR:J6Cgxk/hYDu0212

Score

1^/10

Malware Config

Signatures

Files

4062c9e3fb85ce9a89fd5b6537997a97a32b32c5d31b879bff20540468998f77
.exe windows x86

e34440be414d5d2517162de8def7616b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetProcAddress
LoadLibraryA
CreateEventA
lstrcmpiA
lstrcmpA
GetLastError
CreateFileMappingA
SetLastError
InitializeCriticalSection
lstrcpynA
HeapFree
HeapAlloc
GetProcessHeap
OpenProcess
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
GetSystemDirectoryA
GetModuleHandleA
ExpandEnvironmentStringsA
GetVersionExA
SetErrorMode
FreeEnvironmentStringsW
FreeEnvironmentStringsA
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
UnhandledExceptionFilter
TerminateProcess
FreeLibrary
TlsAlloc
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
RtlUnwind
ExitThread
TlsGetValue
TlsSetValue
GetCurrentThreadId
CreateThread
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
WideCharToMultiByte
GetCurrentProcess
DuplicateHandle
ResumeThread
Sleep
WaitForSingleObject
OpenEventA
OpenFileMappingA
MapViewOfFile
SetEvent
CloseHandle
UnmapViewOfFile
lstrcatA
lstrcpyA
GetModuleFileNameA
lstrlenA

user32

IsWindowEnabled
MessageBoxA
PeekMessageA
EnableWindow
OpenDesktopA
EnumDesktopWindows
IsWindowVisible
FindWindowA
UpdateWindow
GetDesktopWindow
InvalidateRect
GetDC
ReleaseDC
OpenInputDesktop
GetUserObjectInformationA
CloseDesktop
SetWindowTextA
DialogBoxParamA
SetForegroundWindow
GetSubMenu
SetMenuDefaultItem
EnableMenuItem
DeleteMenu
GetCursorPos
TrackPopupMenu
CreateDialogParamA
DefWindowProcA
DestroyMenu
PostQuitMessage
LoadCursorA
RegisterClassExA
CreateWindowExA
LoadImageA
GetMessageA
TranslateMessage
DispatchMessageA
GetForegroundWindow
ExitWindowsEx
GetWindowLongA
GetDlgItemTextA
DrawTextA
PostMessageA
DestroyWindow
IsWindow
SendDlgItemMessageA
SendMessageA
CopyRect
GetSystemMetrics
SystemParametersInfoA
MoveWindow
SetWindowPos
MessageBeep
FlashWindow
BeginPaint
GetClientRect
GetDlgItem
GetWindowRect
ScreenToClient
DrawIcon
EndPaint
KillTimer
ShowWindow
LoadIconA
LoadStringA
wsprintfA
SetDlgItemTextA
SetTimer
EndDialog
SetWindowLongA
LoadMenuA

gdi32

DeleteObject
GetDeviceCaps
SelectObject
CreateSolidBrush
SetBkColor
SetBkMode
SetTextColor
GetStockObject

advapi32

RegQueryValueExA
OpenProcessToken
GetTokenInformation
LookupAccountSidA
GetUserNameA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CoInitialize

wsock32

ioctlsocket
gethostbyname
connect
htons
shutdown
closesocket
socket
WSAGetLastError
setsockopt
WSACleanup
WSAStartup
recv
send

winmm

PlaySoundA

Sections

.code
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

000030D6
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e34440be414d5d2517162de8def7616b

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

wsock32

winmm

Sections

.code Size: 49KB - Virtual size: 52KB

.idata Size: 6KB - Virtual size: 8KB

000030D6 Size: 12KB - Virtual size: 16KB

.rsrc Size: 88KB - Virtual size: 156KB

.code
Size: 49KB - Virtual size: 52KB

.idata
Size: 6KB - Virtual size: 8KB

000030D6
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 88KB - Virtual size: 156KB