aafa83d5e0619e69e64fcac4626cfb298baac54c7251f479721df1c2eb16bee7

Sharing

Copy URL

Twitter E-mail

General

Target

aafa83d5e0619e69e64fcac4626cfb298baac54c7251f479721df1c2eb16bee7
Size

639KB
MD5

8ed076f9b5d1287b3ab2adef74d0ecdb
SHA1

5751e93c32b250c816a708aaa11d281a3551cafb
SHA256

aafa83d5e0619e69e64fcac4626cfb298baac54c7251f479721df1c2eb16bee7
SHA512

786be06b66b9a22be234e94eb49f6d32f8634bda8ec5c29ccfdb9a283cdf6675b744c087b8fa483a9af842776c049a49608e6c1af28cc291149ed405a2d63b7a
SSDEEP

12288:3gL3qJxG5hfNV6oYYbDRcY4KhbmwPMCchbjBxwhrVmHAyzNkyRJK7hRMCQ:3mqkhfzYZY4kmgsbdm2HAENk0K7Dm

Score

N/A

Malware Config

Signatures

Files

aafa83d5e0619e69e64fcac4626cfb298baac54c7251f479721df1c2eb16bee7
.exe windows x86

fd01b5f7289bd1ee94daebbc04d95003

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetACP
FlushFileBuffers
GetConsoleCP
HeapSize
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetLocaleInfoW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsValidCodePage
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
GetProcessHeap
GetModuleFileNameA
WaitForSingleObject
WriteFile
ExitProcess
SetUnhandledExceptionFilter
GetProcAddress
GetCurrentThreadId
GetModuleHandleW
TlsFree
GetStringTypeW
HeapReAlloc
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LoadLibraryW
WriteConsoleW
GetModuleFileNameW
GetTickCount
GetCommandLineW
SetLastError
VirtualAlloc
CreateFileA
SetFilePointer
GetFileSize
CreateEventW
GetFullPathNameW
GetLastError
FormatMessageW
LocalFree
ReadFile
GetOverlappedResult
CloseHandle
HeapCreate
CreateThread
HeapAlloc
GetCurrentProcessId
CreateToolhelp32Snapshot
GetModuleHandleA
Module32FirstW
Module32NextW
TlsSetValue
TlsGetValue
TlsAlloc
IsProcessorFeaturePresent
GetCPInfo
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
GetStdHandle
CreateFileW
GetConsoleMode
SetFileInformationByHandle
FreeEnvironmentStringsW
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineA
RtlUnwind
RaiseException
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
DecodePointer
EncodePointer
InterlockedDecrement
InterlockedIncrement
SetStdHandle

user32

SetClipboardData
GetWindowTextA
GetWindowTextLengthA
GetClientRect
SetRectEmpty
GetParent
UpdateWindow
AppendMenuW
BringWindowToTop
GetDC
ChangeDisplaySettingsA
BeginPaint
EndPaint
IsDialogMessageW
GetDlgItem
IsDlgButtonChecked
GetSystemMenu
EnumDisplaySettingsA
SendMessageA
DestroyWindow
LoadBitmapA
AppendMenuA
OpenClipboard
EmptyClipboard
CopyImage
EnableMenuItem
CloseClipboard
EndDialog
ReleaseDC
SetWindowTextA
SetRect
UnionRect
LoadCursorFromFileA
LoadImageA
LoadCursorA
RegisterClassExA
ClientToScreen
WindowFromPoint
GetActiveWindow
EnumWindowStationsW

gdi32

CreateFontIndirectA
SetViewportOrgEx
SelectClipRgn
AbortDoc
DeleteObject
BitBlt
GetStockObject
FillRgn
StartPage
Rectangle
CreateSolidBrush
CreateCompatibleDC
CreateEllipticRgn
BeginPath
GetMapMode
SetMapMode
DeleteDC
CreateCompatibleBitmap
PatBlt
CreateBitmap
SetBkColor
SetTextColor
GetDeviceCaps
GetTextMetricsW
SelectObject
CreatePalette
SetBkMode
GetObjectA

advapi32

GetTokenInformation
CryptReleaseContext
CryptAcquireContextA
CryptGenKey
CryptGenRandom

shell32

SHBrowseForFolderA
CommandLineToArgvW

ole32

CreateItemMoniker

oleaut32

VariantInit
VariantChangeTypeEx

crypt32

CertGetNameStringA

comctl32

CreateToolbarEx
_TrackMouseEvent

gdiplus

GdipDeleteFontFamily
GdipCreateFont
GdipCreateFontFamilyFromName
GdipDeleteFont

winmm

PlaySoundA
mmioSeek
mmioDescend
mmioClose

shlwapi

PathQuoteSpacesA
PathFindExtensionA
PathIsDirectoryW
PathRelativePathToA
PathFindFileNameA
PathParseIconLocationA
PathRemoveFileSpecW
PathFileExistsW
StrPBrkA

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 464KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd01b5f7289bd1ee94daebbc04d95003

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

crypt32

comctl32

gdiplus

winmm

shlwapi

Sections

.text Size: 116KB - Virtual size: 116KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 6KB - Virtual size: 17KB

.rsrc Size: 464KB - Virtual size: 464KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 116KB - Virtual size: 116KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 6KB - Virtual size: 17KB

.rsrc
Size: 464KB - Virtual size: 464KB

.reloc
Size: 10KB - Virtual size: 10KB