a439ce0847cbeb9e3aff39fec2328888dd8492bb9622ce5102d3aff3c4c1dd84

Sharing

Copy URL Twitter E-mail

General

Target

a439ce0847cbeb9e3aff39fec2328888dd8492bb9622ce5102d3aff3c4c1dd84
Size

5.6MB
MD5

e8445028cfde3ae0e61773fe35b2e365
SHA1

0044d52d7c618ddb4229fbff61b58ad18d8ea5ee
SHA256

a439ce0847cbeb9e3aff39fec2328888dd8492bb9622ce5102d3aff3c4c1dd84
SHA512

f4676d61af24121dc754402a38940fd95812a6a7f2bfd7400a36442f7726a7e64f16afcfda7e50a48bb6f793409136a65701baa1b83df5fa3aa6a9725c4a4a5a
SSDEEP

49152:ncTc2DgQzxe8fuHtgWOmYFAsS+tvMc+xqBGxn2sEPxm1C5k7eYhh9hsIEsOTaY8x:nXgWOmYeeBGxxSxAOk7pLmOl55D7E

Score

1^/10

Malware Config

Signatures

Files

a439ce0847cbeb9e3aff39fec2328888dd8492bb9622ce5102d3aff3c4c1dd84
.exe windows x86

b6927f7db38b883467546dc5a119d733

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
wcslen
wcscpy
wcscat
memcpy
wcsncmp
wcscmp
_wcsicmp
tolower
floor
ceil
wcsncpy
_snwprintf
memmove
fabs
malloc
free
fseek
ftell
fread
fclose
pow
??3@YAXPAX@Z
_wcsnicmp
_wcsdup
wcsstr
_vsnwprintf

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
GetSystemTime
MoveFileExW
GetModuleFileNameW
MoveFileW
CloseHandle
InitializeCriticalSection
GetCommandLineW
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
HeapAlloc
CreateProcessW
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
HeapFree
PeekNamedPipe
GetExitCodeProcess
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetTickCount
TlsGetValue
FreeLibrary
LoadLibraryW
WideCharToMultiByte
GetProcAddress
Sleep
QueryPerformanceCounter
MulDiv
SetLastError
GetCurrentProcessId
GetDriveTypeW
FindFirstFileW
FindClose
GetFileAttributesW
CreateDirectoryW
FindNextFileW
SetFileAttributesW
DeleteFileW
RemoveDirectoryW
WriteFile
CreateFileW
SetFilePointer
ReadFile
HeapReAlloc
GlobalFree
GlobalAlloc
GetVersionExW
TlsFree
DeleteCriticalSection
InterlockedCompareExchange
InterlockedExchange
GetLastError
UnregisterWait
GetCurrentThread
RegisterWaitForSingleObject
MultiByteToWideChar

gdiplus

GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipDeleteMatrix
GdipDeletePen
GdipDeleteStringFormat
GdipFree
GdipGetDpiX
GdipGetDpiY

user32

ClipCursor
GetWindowRect
ShowCursor
SetCursorPos
DestroyWindow
InvalidateRect
ShowWindow
BeginPaint
EndPaint
CallWindowProcW
CreateWindowExW
SetWindowLongW
GetPropW
SetPropW
GetClientRect
SetWindowPos
GetForegroundWindow
PeekMessageW
TranslateMessage
DispatchMessageW
DefWindowProcW
LoadIconW
RegisterClassExW
GetWindowLongW
GetIconInfo
UpdateWindow
RedrawWindow
ReleaseCapture
DrawStateW
SetCapture
ScreenToClient
SendMessageW
GetSystemMetrics
GetSysColor
GetSysColorBrush
GetDC
GetWindowTextLengthW
GetWindowTextW
SetRect
DrawTextW
ReleaseDC
RemovePropW
GetParent
GetWindow
SetActiveWindow
DestroyIcon
LoadCursorW
RegisterClassW
AdjustWindowRectEx
CreateAcceleratorTableW
UnregisterClassW
GetMenu
MsgWaitForMultipleObjects
GetMessageW
GetActiveWindow
TranslateAcceleratorW
DefFrameProcW
SetFocus
GetFocus
FillRect
DestroyAcceleratorTable
EnumChildWindows
PostMessageW
IsWindowEnabled
IsWindowVisible
GetKeyState
GetClassNameW
GetWindowThreadProcessId
IsChild
RegisterWindowMessageW
CreateIconFromResourceEx
CreateIconFromResource
CharLowerW
CharUpperW

gdi32

GetStockObject
DeleteObject
CreateFontW
GetObjectType
GetObjectW
SetTextColor
SetBkColor
SelectObject
CreateSolidBrush
GetDeviceCaps
CreateCompatibleDC
CreateDIBSection
DeleteDC
CreateBitmap
SetPixel
GetDIBits
BitBlt
CreateDCW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegSetValueExW

comctl32

InitCommonControlsEx

shell32

SHCreateDirectory
ShellExecuteExW

winmm

timeEndPeriod

ole32

CoInitialize
CoCreateInstance
CoUninitialize
RevokeDragDrop

Sections

.code
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6927f7db38b883467546dc5a119d733

Headers

File Characteristics

Imports

msvcrt

kernel32

gdiplus

user32

gdi32

advapi32

comctl32

shell32

winmm

ole32

Sections

.code Size: 28KB - Virtual size: 28KB

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 5.3MB - Virtual size: 5.3MB

.rsrc Size: 162KB - Virtual size: 162KB

.code
Size: 28KB - Virtual size: 28KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 5.3MB - Virtual size: 5.3MB

.rsrc
Size: 162KB - Virtual size: 162KB