68c10d8335d8515cc952b60337da2d61f4d20f6e4309764d2a08c728657fca27

Sharing

Copy URL

Twitter E-mail

General

Target

68c10d8335d8515cc952b60337da2d61f4d20f6e4309764d2a08c728657fca27
Size

339KB
MD5

abda009f44d21cc481db045018d7d044
SHA1

df6c14d7f25f3b764a600f2f7f9ea36c89b395d2
SHA256

68c10d8335d8515cc952b60337da2d61f4d20f6e4309764d2a08c728657fca27
SHA512

df6526af2bd7e200779d30aebc3fa79a68aafae478eb5c33fcaaf51efeafb8f73f5084ecf0f3586f496e3f57a30d86b60ede88d09d11b918dcb894cda0ff883c
SSDEEP

6144:jRf43Vxo8QZgR88sUhrEhhbjLrFyGk4LGYcRQ5uF9ZNOrT+:VwlKbgRZsmrEhZjFzkUGYemuFXkO

Score

N/A

Malware Config

Signatures

Files

68c10d8335d8515cc952b60337da2d61f4d20f6e4309764d2a08c728657fca27
.exe windows x86

f66ed58d46d00a30090733bf9cff71ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
ReadFile
LeaveCriticalSection
EnterCriticalSection
HeapFree
MultiByteToWideChar
GetProcAddress
DeleteCriticalSection
GetStdHandle
WriteFile
GetModuleFileNameW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetProcessHeap
GetFileType
SetFilePointerEx
GetConsoleMode
ReadConsoleW
DeleteFileW
MoveFileExW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
HeapReAlloc
OutputDebugStringW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
SetStdHandle
WriteConsoleW
CreateFileW
SetEndOfFile
GetConsoleWindow
WideCharToMultiByte
FindFirstFileA
CreateFileA
OutputDebugStringA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryW
LoadLibraryA
lstrlenA
lstrcmpA
AreFileApisANSI
GetModuleHandleExW
ExitProcess
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
FormatMessageA
GetTickCount
CloseHandle
Sleep
SetLastError
GetLastError
GetCurrentThreadId
CreateThread
GetCurrentProcessId
GetCurrentProcess
OpenProcess
HeapAlloc
LocalFree
LocalAlloc
GetCommandLineA

user32

IsWindowEnabled
EnableWindow
SetCapture
GetDlgCtrlID
GetSystemMetrics
SetMenu
DrawMenuBar
SetThreadDesktop
CreateMenu
CreatePopupMenu
TranslateMessage
DispatchMessageA
PeekMessageA
SendMessageA
DefWindowProcA
PostQuitMessage
GetDlgItemTextA
SetDlgItemTextA
SetProcessWindowStation
CheckMenuItem
EnableMenuItem
AppendMenuA
TrackPopupMenu
InsertMenuItemA
DrawIcon
UpdateWindow
RegisterClassA
CreateWindowExA
ShowWindow
MoveWindow
EnumDesktopsA
GetDlgItem
LoadIconA
EndDialog
OpenDesktopA
wsprintfA
GetSystemMenu
GetWindowInfo
LoadStringA
GetDC
LoadCursorA
LoadBitmapA
GetWindowThreadProcessId
GetTopWindow
SetWindowLongA
GetWindowLongA
PtInRect
OffsetRect
InflateRect
SetRect
FillRect
MapWindowPoints
GetCursorPos
MessageBoxW
MessageBoxA
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
SetWindowPos

gdi32

ExtTextOutA
TextOutA
SetAbortProc
GetTextMetricsA
PlayEnhMetaFile
GetEnhMetaFileHeader
GetEnhMetaFileA
DeleteEnhMetaFile
SetTextAlign
SetTextColor
SetBkMode
SetDCPenColor
SetDCBrushColor
SelectObject
RestoreDC
GetStockObject
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreatePen
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt

comdlg32

ChooseFontA
ChooseColorA

advapi32

GetUserNameW
GetSidSubAuthority
GetSidSubAuthorityCount
GetLengthSid
InitializeAcl
InitializeSecurityDescriptor
DuplicateToken
AllocateAndInitializeSid
EqualSid
AdjustTokenPrivileges
GetTokenInformation
OpenProcessToken
LookupAccountNameA
LookupPrivilegeValueA
GetUserNameA
ConvertStringSidToSidA
GetNamedSecurityInfoA
OpenSCManagerA
CryptAcquireContextA
GetCurrentHwProfileA
ImpersonateLoggedOnUser
LogonUserA
GetSidIdentifierAuthority

shell32

SHGetDesktopFolder
SHGetMalloc
SHCreateDirectoryExA
SHGetFolderPathA
SHChangeNotify
SHFileOperationA

ole32

StringFromCLSID
CoCreateInstance
CoTaskMemFree
StgOpenStorage
CoInitializeSecurity
CoCreateGuid
CoInitializeEx
CLSIDFromProgID

oleaut32

SysAllocString
SafeArrayPutElement
SafeArrayCreateVector
VariantClear
CreateErrorInfo

ws2_32

__WSAFDIsSet
accept
bind
closesocket
getsockopt
htons
listen
recv
select
socket
WSAStartup
WSACleanup
WSAGetLastError
WSASocketA

netapi32

NetUserGetInfo
NetUserModalsGet
NetApiBufferFree
NetShareGetInfo

msi

ord5

msacm32

acmDriverOpen

winscard

SCardEstablishContext
SCardListReadersA

crypt32

CertOpenSystemStoreA
CertFindCertificateInStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertEnumCertificateContextProperties

shlwapi

UrlHashA
UrlCombineW
UrlCompareW
UrlGetPartA
PathRemoveFileSpecA
UrlEscapeW
StrDupA
StrFormatByteSizeW
StrTrimA
StrRetToBufA
PathAppendA
UrlGetLocationA

comctl32

ImageList_DragEnter
ImageList_BeginDrag
ImageList_LoadImageA
ord17
ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_GetBkColor
ImageList_Draw

pdh

PdhCollectQueryData

secur32

AcceptSecurityContext
AcquireCredentialsHandleA

winhttp

WinHttpOpen

uxtheme

GetThemeSysColor
DrawThemeBackground
CloseThemeData
OpenThemeData

authz

AuthzInitializeContextFromSid
AuthzAccessCheck

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f66ed58d46d00a30090733bf9cff71ba

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

netapi32

msi

msacm32

winscard

crypt32

shlwapi

comctl32

pdh

secur32

winhttp

uxtheme

authz

Sections

.text Size: 114KB - Virtual size: 113KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 165KB - Virtual size: 165KB

.text
Size: 114KB - Virtual size: 113KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 165KB - Virtual size: 165KB