80130935101adaabe9e85bb9d3aa21a195bf041b8d71989773cfe9f442868a31

Sharing

Copy URL

Twitter E-mail

General

Target

80130935101adaabe9e85bb9d3aa21a195bf041b8d71989773cfe9f442868a31
Size

492KB
MD5

cf33054b5e1551583945bc1960af2864
SHA1

27888d41034f43ae52f17d15896f6a919e37ade0
SHA256

80130935101adaabe9e85bb9d3aa21a195bf041b8d71989773cfe9f442868a31
SHA512

a92fbcbe9494dd055f43bc468ec8826f26147a185f46996240ac68b48f663adbb74007a5170af9cb7b5151b7b3df6d1d8e822323bba6dc3f565be4008f0fec68

Score

N/A

Malware Config

Signatures

Files

80130935101adaabe9e85bb9d3aa21a195bf041b8d71989773cfe9f442868a31
.exe windows x86

e180b414d6f344d39e9e9dce1b725709

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
LocalFree
GetSystemTime
ReadFile
SetEndOfFile
CreateFileW
GetStringTypeW
FlushFileBuffers
WriteConsoleW
GetLocalTime
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
LoadLibraryW
OutputDebugStringW
HeapReAlloc
FindClose
VirtualAlloc
GetLastError
FindFirstFileA
GetFileSizeEx
GetTempPathW
MultiByteToWideChar
CreateEventA
WaitForSingleObject
SetFilePointerEx
FindFirstFileW
GetTempFileNameW
SetStdHandle
GetSystemDefaultLangID
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
SetConsoleCtrlHandler
LoadLibraryExW
FreeLibrary
InterlockedExchange
FatalAppExitA
CreateSemaphoreW
GetModuleHandleW
TlsFree
EncodePointer
DecodePointer
GetCommandLineA
RaiseException
RtlUnwind
IsProcessorFeaturePresent
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
HeapSize
Sleep
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetStdHandle
WriteFile
GetModuleFileNameW
HeapFree
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
CloseHandle
HeapAlloc
SetLastError
InterlockedIncrement
GetCurrentThread
GetCurrentThreadId
GetProcessHeap
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
ReadConsoleW

user32

GetSystemMetrics
GetMenuItemInfoA
GetShellWindow
GetCaretBlinkTime
UpdateWindow
GetWindowDC
GetClipboardFormatNameA
SendMessageA
EnumWindows
PtInRect
GetDC
GetForegroundWindow
SetWindowContextHelpId
GetWindowTextA
GetMenuItemRect
GetAncestor
GetCursorPos

advapi32

GetLengthSid
ImpersonateAnonymousToken
GetSidLengthRequired
ImpersonateLoggedOnUser
DuplicateToken
GetAclInformation
GetTokenInformation
GetSidSubAuthorityCount
ConvertStringSidToSidA
SetNamedSecurityInfoA
SetEntriesInAclA
GetSidIdentifierAuthority
GetNamedSecurityInfoA

shell32

SHGetFolderLocation

ole32

CoInitialize

oleaut32

VariantInit
SysAllocStringLen
VariantChangeType

dwmapi

ord102

wtsapi32

WTSEnumerateSessionsA

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e180b414d6f344d39e9e9dce1b725709

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

dwmapi

wtsapi32

Sections

.text Size: 196KB - Virtual size: 195KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 5KB - Virtual size: 14KB

.rsrc Size: 253KB - Virtual size: 253KB

.text
Size: 196KB - Virtual size: 195KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 5KB - Virtual size: 14KB

.rsrc
Size: 253KB - Virtual size: 253KB