75aeabc3bb085799e056fbef3c4a7fbb3eac88f9c0797fcbab345245c223d747

Sharing

Copy URL Twitter E-mail

General

Target

75aeabc3bb085799e056fbef3c4a7fbb3eac88f9c0797fcbab345245c223d747
Size

3.5MB
MD5

00081969ae1d1e058fa91bd1949de4f3
SHA1

6d78780831706f00cbeb4f29e8e5d28d1c296d60
SHA256

75aeabc3bb085799e056fbef3c4a7fbb3eac88f9c0797fcbab345245c223d747
SHA512

73b629f51e275e735f225830b2d7e0fa7945a6add1bc82a08fffa306e6614c28723a495eb6036581d704071491cd634e6a427365fbef13f27388a3249a51630c
SSDEEP

98304:yjwDIVLBUYjh8HEQilvjcgsv6u+HdplMnzru:swDIVTt8kJRswHdplIr

Score

1^/10

Malware Config

Signatures

Files

75aeabc3bb085799e056fbef3c4a7fbb3eac88f9c0797fcbab345245c223d747
.exe windows x86

2399fa67cb7e26bb2e40fe500561be3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetStartupInfoA
Sleep
GetCurrentDirectoryA
SetEnvironmentVariableA
LoadLibraryA
lstrcpyA
GetProcAddress
CreateFileA
GlobalFree
GetVersion
SetFileTime
FileTimeToLocalFileTime
GetVolumeInformationA
GetFullPathNameA
SetVolumeLabelA
GetDriveTypeA
GetLocaleInfoA
GetFileTime
FileTimeToSystemTime
HeapFree
GetProcessHeap
lstrcpynA
GetVersionExA
InterlockedExchange
CreateMutexA
HeapAlloc
SetEnvironmentVariableW
GetThreadLocale
CompareStringW
CompareStringA
FormatMessageW
ReadFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
ReleaseMutex
GetSystemDefaultLangID
FormatMessageA
LocalFree
GetEnvironmentVariableA
LoadLibraryExA
FreeLibrary
IsDBCSLeadByte
lstrcmpiA
lstrlenA
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
GetFileAttributesExA
EnterCriticalSection
lstrlenW
WideCharToMultiByte
GetModuleHandleA
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
DeleteCriticalSection
InitializeCriticalSection
RaiseException
MultiByteToWideChar
GetCurrentProcess
FindFirstFileA
SetFileAttributesA
FindNextFileA
FindClose
GetFileAttributesA
RemoveDirectoryA
GetLastError
FindResourceA
LoadResource
LockResource
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
GetFileType
SetHandleCount
SetFilePointer
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
HeapSize
GetCurrentThreadId
GetModuleFileNameA
SetEndOfFile
DeleteFileA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
HeapReAlloc
CreateDirectoryA
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError

user32

SendMessageA
CharNextA
UnregisterClassA
MessageBoxW
GetDC
ReleaseDC
PostQuitMessage
CharToOemA
OemToCharA
ExitWindowsEx
DialogBoxParamA
MessageBoxA
EndPaint
DestroyIcon
BeginPaint
LoadImageA
wsprintfA
GetWindowLongA
SetDlgItemTextW
SetWindowTextA
SetDlgItemTextA
SetFocus
GetDlgItem
ShowWindow
EndDialog

gdi32

GetDeviceCaps

advapi32

OpenProcessToken
LookupPrivilegeValueA
GetSecurityDescriptorControl
GetKernelObjectSecurity
SetKernelObjectSecurity
IsValidSecurityDescriptor
GetSecurityDescriptorDacl
IsValidAcl
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
IsValidSid
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
AdjustTokenPrivileges

ole32

CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree

oleaut32

VarUI4FromStr
OleLoadPicture

crypt32

CryptQueryObject

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2399fa67cb7e26bb2e40fe500561be3c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

crypt32

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 24KB

.rsrc Size: 156KB - Virtual size: 156KB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 24KB

.rsrc
Size: 156KB - Virtual size: 156KB