aad7d3d4849bfddc64caf357c2075ed23e222dc1ba817d066f10026762c674c2

Sharing

Copy URL

Twitter E-mail

General

Target

aad7d3d4849bfddc64caf357c2075ed23e222dc1ba817d066f10026762c674c2
Size

205KB
MD5

162bdbf48706e2032c24efae0f22f0ab
SHA1

c6baf97524734393ed6f7790f822b26f5b3a4008
SHA256

aad7d3d4849bfddc64caf357c2075ed23e222dc1ba817d066f10026762c674c2
SHA512

7a4d148e32e9db7b3134b1c0a6a9a79cb1c811833974183bd8f1dcf5bb6e0470e30bbe9aefe47c77c114e029efe6e2e6f89af2bb0ef7be7aa706b493298a4119
SSDEEP

3072:cRRSzSUnXM3J+eoj/lwwM+DIr0Yku12TZFwfal:JznY0NDu0212Z

Score

1^/10

Malware Config

Signatures

Files

aad7d3d4849bfddc64caf357c2075ed23e222dc1ba817d066f10026762c674c2
.exe windows x86

ade117ad49ada4696030341a9588ba67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetProcAddress
LoadLibraryA
InterlockedIncrement
InterlockedDecrement
WritePrivateProfileStringA
GetPrivateProfileIntA
GetSystemDirectoryA
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpiA
lstrcmpA
SetLastError
GetCurrentThreadId
GetLastError
CreateFileMappingA
lstrcpynA
HeapFree
HeapAlloc
GetProcessHeap
OpenProcess
GetCurrentProcessId
GetModuleHandleA
WriteFile
SetFilePointer
ExpandEnvironmentStringsA
GetVersionExA
SetErrorMode
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
FreeLibrary
TerminateProcess
TlsAlloc
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
RtlUnwind
ExitThread
TlsGetValue
TlsSetValue
CreateThread
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
EnterCriticalSection
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
ResumeThread
CreateEventA
Sleep
WaitForMultipleObjects
ResetEvent
OpenEventA
OpenFileMappingA
MapViewOfFile
SetEvent
CloseHandle
UnmapViewOfFile
lstrcatA
lstrcpyA
GetModuleFileNameA
lstrlenA
UnhandledExceptionFilter

user32

EnumDesktopWindows
IsWindowVisible
SetWindowTextA
UpdateWindow
GetDesktopWindow
InvalidateRect
FindWindowA
OpenDesktopA
ReleaseDC
SetForegroundWindow
LoadMenuA
GetSubMenu
SetMenuDefaultItem
EnableMenuItem
DeleteMenu
GetCursorPos
EnableWindow
GetDC
PeekMessageA
TrackPopupMenu
DialogBoxParamA
CreateDialogParamA
MessageBoxA
PostQuitMessage
LoadCursorA
RegisterClassExA
CreateWindowExA
LoadImageA
OpenInputDesktop
GetThreadDesktop
CloseDesktop
GetUserObjectInformationA
SetThreadDesktop
GetMessageA
TranslateMessage
DispatchMessageA
RegisterClipboardFormatA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetForegroundWindow
ExitWindowsEx
GetWindowLongA
GetDlgItemTextA
DrawTextA
PostMessageA
DestroyWindow
IsWindowEnabled
DefWindowProcA
IsWindow
SendDlgItemMessageA
SendMessageA
CopyRect
GetSystemMetrics
SystemParametersInfoA
MoveWindow
SetWindowPos
MessageBeep
FlashWindow
BeginPaint
GetClientRect
GetDlgItem
GetWindowRect
ScreenToClient
DrawIcon
EndPaint
KillTimer
ShowWindow
LoadIconA
LoadStringA
wsprintfA
SetDlgItemTextA
SetTimer
EndDialog
SetWindowLongA
DestroyMenu

gdi32

DeleteObject
GetDeviceCaps
SelectObject
CreateSolidBrush
SetBkColor
SetBkMode
GetStockObject
SetTextColor

advapi32

RegOpenKeyExA
OpenProcessToken
GetTokenInformation
LookupAccountSidA
GetUserNameA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA

shell32

DragQueryFileA
Shell_NotifyIconA

ole32

RegisterDragDrop
CoInitialize
OleInitialize
RevokeDragDrop

wsock32

ioctlsocket
gethostbyname
connect
htons
shutdown
closesocket
socket
WSAGetLastError
setsockopt
WSACleanup
WSAStartup
recv
send

winmm

PlaySoundA

mpr

WNetGetUniversalNameA
WNetGetResourceInformationA

Sections

.code
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

000034FC
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ade117ad49ada4696030341a9588ba67

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

wsock32

winmm

mpr

Sections

.code Size: 58KB - Virtual size: 60KB

.idata Size: 7KB - Virtual size: 8KB

000034FC Size: 13KB - Virtual size: 20KB

.rsrc Size: 124KB - Virtual size: 124KB

.code
Size: 58KB - Virtual size: 60KB

.idata
Size: 7KB - Virtual size: 8KB

000034FC
Size: 13KB - Virtual size: 20KB

.rsrc
Size: 124KB - Virtual size: 124KB