b73f8697 | Triage

General

Target

b73f8697
Size

36KB
MD5

3e849d9099875258dd84050b9ea2623c
SHA1

f9911bbd98816cb29d03780e4f749cbd876b2f7e
SHA256

0ed6e961a7bcebf37764de044209710dc23a004a9e2e51fe8e778df87e64819b
SHA512

56c58462607b47926024b68fc9932326565113c5bd491bfec3f0a426cd70d6307a3abd97646220d870591c61d17982bd7c56e351166469dd90ca0b0931876ec2
SSDEEP

768:hjcfgqlLYzjOdoXbL4JvF2tlWDhcE1LMrgmI/+YkdhdsMd:hjslsGIb8vKWLQMVNk/dF

Score

N/A

Malware Config

Signatures

Files

b73f8697
.exe windows x86

b7c3df2710e6ac04818e0e6c3bc1d99e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
InterlockedCompareExchange
UnhandledExceptionFilter
InterlockedExchange
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualAllocExNuma
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
FreeConsole
LoadLibraryExW
FindResourceA
LoadResource
SizeofResource
GetCurrentProcess
Sleep
GetSystemTimeAsFileTime

user32

GetClientRect
GetWindowRect
PtInRect
GetCursorPos
GetDC
EndPaint
BeginPaint
ReleaseDC
DialogBoxParamA
SetWindowLongA
CallWindowProcA
InvalidateRect
GetDlgItemInt
SetDlgItemInt
wsprintfA
SendMessageA
CreateDialogParamA
ShowWindow
SetWindowTextA
EndDialog
GetDlgItem
SetWindowPos

gdi32

GetBkMode
GetTextColor
GetBkColor
SetBkMode
CreateFontIndirectA
SetBkColor
EnumFontFamiliesExA
TextOutA
DeleteObject
SetTextColor
SelectObject

comdlg32

ChooseFontA
ChooseColorA

msvcr90

_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_crt_debugger_hook
printf
memcpy
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
exit
__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7c3df2710e6ac04818e0e6c3bc1d99e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

msvcr90

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 16KB - Virtual size: 15KB