da4db5be6f4449a559367220c254f45b4e661338e89f8fff6a4b9fad7fe754f4

Sharing

Copy URL

Twitter E-mail

General

Target

da4db5be6f4449a559367220c254f45b4e661338e89f8fff6a4b9fad7fe754f4
Size

4.5MB
MD5

38d455ffd3bd29874d3db1239cd97f20
SHA1

6fd62f955a0f8187c14e1697b8710ee3c9f85200
SHA256

da4db5be6f4449a559367220c254f45b4e661338e89f8fff6a4b9fad7fe754f4
SHA512

9db4a4d2f419dfa2ac1bb0ac0e0ca4b85a61ba3da4cb2bb7246bcf6ad8cb8071db8088542e5f14089982594cec0d7f3ea9e1c14adf1c07c6f831fe6647c3908f
SSDEEP

98304:e1TcTjOiaulCk0HgZmw80NcKeo5234899IAG2BUdS:71CeZF8vv9VG22dS

Score

1^/10

Malware Config

Signatures

Files

da4db5be6f4449a559367220c254f45b4e661338e89f8fff6a4b9fad7fe754f4
.exe windows x86

2ed3979d44e42fcdf9036fa4fa7e7558

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHSetValueW
SHGetValueW
PathFindFileNameW
PathAppendW
PathRemoveFileSpecW
PathRemoveBackslashW
PathCanonicalizeW
PathIsRootW
PathRemoveExtensionW
PathFileExistsW
PathFileExistsA
PathIsDirectoryA

advapi32

RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW
RegOpenKeyExW
RegisterEventSourceA
ReportEventA
DeregisterEventSource

kernel32

LoadResource
FindResourceW
FindResourceExW
GetModuleHandleW
GetCurrentProcess
GetCurrentProcessId
CreateProcessW
CreateFileW
WriteFile
GetTempPathW
GetFileAttributesW
FindFirstFileW
RemoveDirectoryW
SetFileAttributesW
FindNextFileW
FindClose
CopyFileW
GetDiskFreeSpaceExW
GetTickCount
GetSystemDirectoryW
MoveFileExW
DeleteFileW
InterlockedCompareExchange
CreateMutexW
GetLastError
GetCommandLineW
CreateEventW
GetNativeSystemInfo
GetCurrentThreadId
GetUserDefaultUILanguage
FreeResource
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
SetFilePointer
SystemTimeToFileTime
CreateDirectoryW
GetCurrentDirectoryW
LocalFileTimeToFileTime
InterlockedIncrement
InterlockedDecrement
ExitProcess
lstrlenA
lstrlenW
InitializeCriticalSection
LeaveCriticalSection
LockResource
DeleteCriticalSection
OutputDebugStringA
Sleep
InitializeCriticalSectionAndSpinCount
GlobalMemoryStatus
GetVersion
GetModuleHandleA
SetEnvironmentVariableA
CompareStringW
SetEndOfFile
WriteConsoleW
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
SetConsoleCtrlHandler
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetLocaleInfoW
GetStdHandle
GetTimeZoneInformation
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
LCMapStringW
GetDateFormatA
GetTimeFormatA
RtlUnwind
GetStartupInfoW
HeapSetInformation
InterlockedExchange
DecodePointer
EncodePointer
RaiseException
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
SizeofResource
GetFileSizeEx
MultiByteToWideChar
WideCharToMultiByte
GetVersionExW
lstrcmpW
WaitForSingleObject
TerminateProcess
Process32NextW
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
GetComputerNameExW
CloseHandle
CreateThread
LoadLibraryA
FlushConsoleInputBuffer
ReadConsoleInputA
SetConsoleMode
EnterCriticalSection
GetSystemTimeAsFileTime
CreateFileA
CreateDirectoryA

user32

GetDesktopWindow
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
GetMessageW
PostThreadMessageW
wsprintfW
FindWindowW
SendMessageW
PostQuitMessage
IsWindow
CreateWindowExW
SetFocus
SetWindowTextW
ShowWindow
MoveWindow
SetCursor
LoadCursorW
EnableWindow
MessageBoxW
GetClassInfoExW
RegisterClassExW
SetWindowLongW
HideCaret
GetFocus
ShowCaret
GetSysColor
CreateCaret
SetCaretPos
SystemParametersInfoW
GetDC
GetSystemMetrics
SetRectEmpty
SetTimer
KillTimer
DrawTextW
DrawFocusRect
IntersectRect
PostMessageW
ClientToScreen
SetWindowRgn
ScreenToClient
SetActiveWindow
LoadImageW
SetCapture
IsZoomed
GetKeyState
IsWindowEnabled
TranslateMessage
OffsetRect
BringWindowToTop
PeekMessageW
ReleaseDC
GetCursorPos
GetActiveWindow
ReleaseCapture
MapWindowPoints
UpdateWindow
CallWindowProcW
GetWindow
DispatchMessageW
GetParent
PtInRect
GetWindowRect
EndPaint
UpdateLayeredWindow
GetClientRect
BeginPaint
MonitorFromWindow
GetMonitorInfoW
SetWindowPos
DestroyWindow
InvalidateRect
DefWindowProcW
GetWindowLongW

gdi32

SetBkColor
GetObjectW
CreateFontIndirectW
GetDeviceCaps
SetTextColor
SetBkMode
SelectClipRgn
CreateRectRgnIndirect
ExtTextOutW
GetClipBox
ExtSelectClipRgn
GetTextColor
BitBlt
SetRectRgn
CombineRgn
CreateCompatibleBitmap
OffsetRgn
CreateRectRgn
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
CreateCompatibleDC

shell32

SHGetSpecialFolderPathW
ShellExecuteW
SHGetPathFromIDListW
SHGetMalloc
ord165
SHBrowseForFolderW

ole32

CoCreateInstance
CoInitialize
OleInitialize
CoUninitialize
CoCreateGuid

oleaut32

SysFreeString

comctl32

ord17
_TrackMouseEvent

msimg32

GradientFill
AlphaBlend

riched20

ord4

winhttp

WinHttpCloseHandle
WinHttpConnect
WinHttpSendRequest
WinHttpOpen
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpAddRequestHeaders
WinHttpReadData
WinHttpCrackUrl
WinHttpOpenRequest
WinHttpSetTimeouts
WinHttpQueryDataAvailable

Sections

.text
Size: 890KB - Virtual size: 889KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23.1MB - Virtual size: 23.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ed3979d44e42fcdf9036fa4fa7e7558

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

advapi32

kernel32

user32

gdi32

shell32

ole32

oleaut32

comctl32

msimg32

riched20

winhttp

Sections

.text Size: 890KB - Virtual size: 889KB

.rdata Size: 269KB - Virtual size: 269KB

.data Size: 14KB - Virtual size: 33KB

.rsrc Size: 23.1MB - Virtual size: 23.1MB

.reloc Size: 116KB - Virtual size: 115KB

.text
Size: 890KB - Virtual size: 889KB

.rdata
Size: 269KB - Virtual size: 269KB

.data
Size: 14KB - Virtual size: 33KB

.rsrc
Size: 23.1MB - Virtual size: 23.1MB

.reloc
Size: 116KB - Virtual size: 115KB