2b5eefc4bc2d34cbe5093332c47b5405cf5c32e8156767fc8bc9ddd9cdcf3018

Sharing

Copy URL

Twitter E-mail

General

Target

2b5eefc4bc2d34cbe5093332c47b5405cf5c32e8156767fc8bc9ddd9cdcf3018
Size

441KB
MD5

a8c805792a954ca0664221acde199f48
SHA1

248a4be7db6485f85920b15a5cf21df68b800159
SHA256

2b5eefc4bc2d34cbe5093332c47b5405cf5c32e8156767fc8bc9ddd9cdcf3018
SHA512

9b54be9fb046cde9c3a6107bd2100268e179e8ae15756cfb0c134e3d3a37735121445c348192562a23148a57ded6f4e32a141161dc78fc711fd28e5a619e69ab
SSDEEP

6144:yvHhtrjD09LvsYY6d3QR26+BeISBZ36/8fF9e1liS/Jv5ag:yvHhtrWY6d3kL/RJfFo11F5ag

Score

N/A

Malware Config

Signatures

Files

2b5eefc4bc2d34cbe5093332c47b5405cf5c32e8156767fc8bc9ddd9cdcf3018
.exe windows x86

2578cc11ea18f7aa98506cc57c5aba11

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetUserDefaultLCID
SetFilePointer
FlushFileBuffers
GetConsoleCP
HeapReAlloc
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
WriteFile
IsValidCodePage
GetOEMCP
GetACP
ExitProcess
HeapSize
GlobalLock
SetLastError
TlsFree
EnumSystemLocalesA
TlsAlloc
TlsGetValue
GetProcAddress
GetModuleHandleW
HeapAlloc
LCMapStringW
LCMapStringA
HeapFree
GetCPInfo
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
GetConsoleMode
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateThread
GetCurrentThreadId
ExitThread
MultiByteToWideChar
InterlockedExchange
WideCharToMultiByte
GetCurrentProcess
LoadResource
MapViewOfFile
lstrcmpA
FindResourceA
GetFileSize
CreateFileA
LocalFree
IsValidLocale
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetSystemTime
OpenFileMappingA
GetFileInformationByHandle
LockResource
EnumSystemCodePagesW
VirtualAlloc
GetLastError
GlobalUnlock
ReadFile
SizeofResource
Sleep
TlsSetValue
GlobalAlloc
DeleteCriticalSection
GetModuleHandleA
WaitForSingleObject
GetModuleFileNameA
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
GetCommandLineW
CloseHandle
WaitForMultipleObjects
EnterCriticalSection
TerminateProcess
CreateProcessA
GetExitCodeProcess
LeaveCriticalSection
CreateEventA
SetEvent
TryEnterCriticalSection

user32

GetSystemMetrics
LoadStringA
LoadImageA
SetDlgItemTextA
DestroyMenu
DialogBoxParamA
MessageBoxA
DestroyIcon
ClientToScreen
PostMessageA
CloseClipboard
GetSystemMenu
GetWindowRect
SetActiveWindow
SendDlgItemMessageA
GetWindowDC
FindWindowA
LoadCursorA
DispatchMessageA
CreatePopupMenu
ShowWindow
GetMenuItemID
KillTimer
GetKeyState
GetSubMenu
DrawIconEx
CopyImage
GetFocus
LoadMenuA
GetClipCursor
IsWindowEnabled
wsprintfA
GetClientRect
GetDC
InflateRect
GetForegroundWindow
GetMenu
OffsetRect
GetWindowTextA
SetWindowLongA
InvalidateRect
GetWindowLongA
ReleaseDC
EnableMenuItem
EmptyClipboard
MonitorFromWindow
GetDlgItem
SetWindowPos
GetMenuItemInfoA
IsDlgButtonChecked
DrawMenuBar
GetMenuItemCount
ClipCursor
OpenClipboard
UnhookWindowsHookEx
InsertMenuA
SetWindowTextA
UpdateWindow
SetClipboardData
CallWindowProcA
GetDlgItemTextA
DrawFrameControl
ModifyMenuA
IsRectEmpty
EndPaint
DestroyWindow
GetMessageA
CreateDialogParamA
InsertMenuItemA
RegisterClassExA
PostQuitMessage
SetForegroundWindow
LoadIconA
SendMessageA
BeginPaint
IsDialogMessageA
TranslateMessage
TrackPopupMenuEx
CreateWindowExA
TranslateAcceleratorA
EndDialog
DefWindowProcA
GetCursorPos
LoadAcceleratorsA

gdi32

BitBlt
PatBlt
LineTo
SetTextColor
DeleteDC
CreateDIBSection
GetDeviceCaps
GetDIBits
SetBkColor
ExcludeClipRect
DeleteObject
SelectObject
CreateCompatibleDC
CreateRectRgnIndirect
CombineRgn
CreateCompatibleBitmap
Rectangle
StartDocA
OffsetRgn
SetDCPenColor
CreateRectRgn
CreatePen
GetStockObject
ExtTextOutA
CreateSolidBrush
MoveToEx

advapi32

IsTextUnicode
InitiateSystemShutdownA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
ImpersonateAnonymousToken
IsTokenUntrusted
ImpersonateNamedPipeClient
ImpersonateLoggedOnUser
ImpersonateSelf

shell32

SHBrowseForFolderA
ShellExecuteA
CommandLineToArgvW
ExtractIconExA
Shell_NotifyIconA

ole32

CoUninitialize
CoRegisterClassObject
CoRevokeClassObject
CoInitialize
StgCreateDocfile
CreateStreamOnHGlobal

oleaut32

SafeArrayAccessData
OleLoadPicture
SafeArrayCreate
VariantInit
SafeArrayUnaccessData
OleTranslateColor
LoadTypeLibEx

opengl32

glClearColor
glDepthFunc
glTexImage2D
glShadeModel
glTexParameteri
glEnable
glTexGeni
glHint
glClearDepth
glTexSubImage2D

comctl32

ImageList_DragMove

shlwapi

StrToIntExA
PathFindFileNameA
PathFileExistsA

uxtheme

DrawThemeBackground
GetThemeInt

msacm32

acmDriverClose

wtsapi32

WTSQuerySessionInformationA

msvfw32

DrawDibDraw
DrawDibOpen

avifil32

AVIStreamLength
AVIStreamGetFrameOpen
AVIStreamOpenFromFileA
AVIStreamSampleToTime
AVIStreamInfoA
AVIFileInit
AVIStreamGetFrame

activeds

ord24
ord22

authz

AuthzInitializeResourceManager

ntdsapi

DsWriteAccountSpnA

wldap32

ord143
ord211

Sections

.text
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2578cc11ea18f7aa98506cc57c5aba11

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

opengl32

comctl32

shlwapi

uxtheme

msacm32

wtsapi32

msvfw32

avifil32

activeds

authz

ntdsapi

wldap32

Sections

.text Size: 209KB - Virtual size: 209KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 9KB - Virtual size: 21KB

.rsrc Size: 165KB - Virtual size: 164KB

.text
Size: 209KB - Virtual size: 209KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 9KB - Virtual size: 21KB

.rsrc
Size: 165KB - Virtual size: 164KB