5357fbff137b5ad83b0ae7a2eb9f9762844987d888d29c3afec372568f525fde

Sharing

Copy URL

Twitter E-mail

General

Target

5357fbff137b5ad83b0ae7a2eb9f9762844987d888d29c3afec372568f525fde
Size

2.0MB
MD5

c8cba838e87f76326dff14153ffa7070
SHA1

91cd18b7dad6f3e1cbc08fd0c6ac8e552f0b3590
SHA256

5357fbff137b5ad83b0ae7a2eb9f9762844987d888d29c3afec372568f525fde
SHA512

2e83f2f8ed6f4688781f3636b41b95040f414d0dc141e66037b039b6d4895c0a56552ef1ad0503356f533753aef8840b312fe81415128853994c14532d401194
SSDEEP

49152:gsaazZ00Sqtqr6D4MDXa92gd95YemNqylqcS5KpYZyTYhlB:gsaazZfSqtqr6De4gd95tyk9yyj

Score

N/A

Malware Config

Signatures

Files

5357fbff137b5ad83b0ae7a2eb9f9762844987d888d29c3afec372568f525fde
.exe windows x86

3c78a1a2ba855ef1b6235b5beee926b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
QueueUserAPC
OpenThread
VirtualFreeEx
GetExitCodeThread
WaitForSingleObject
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
SuspendThread
TerminateProcess
ResumeThread
CreateProcessW
LoadLibraryW
DeleteFileW
GetCurrentDirectoryW
ProcessIdToSessionId
GetCurrentProcessId
GetTickCount
LoadLibraryA
ReadFile
SizeofResource
LockResource
LoadResource
FindResourceW
lstrcatW
lstrcpyW
lstrlenW
QueryDosDeviceW
IsBadWritePtr
GetNativeSystemInfo
GetCurrentProcess
MultiByteToWideChar
WideCharToMultiByte
IsBadReadPtr
GetVolumeInformationW
GetVolumeNameForVolumeMountPointW
GetModuleHandleW
VirtualFree
OpenProcess
GetFileSize
GetProcAddress
GetDriveTypeW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
WriteFile
GetModuleFileNameW
GetACP
ExitProcess
FreeResource
MulDiv
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetFileType
DuplicateHandle
SystemTimeToFileTime
DosDateTimeToFileTime
CreateDirectoryW
SetFileTime
GlobalUnlock
GlobalLock
GlobalAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
GetStartupInfoW
RaiseException
RtlUnwind
HeapReAlloc
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapCreate
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapSize
GetModuleHandleA
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLogicalDriveStringsW
GetLocalTime
CloseHandle
Sleep
GetLastError
CreateFileW
DeviceIoControl

user32

GetPropW
SetPropW
PostMessageW
RegisterClassW
LoadCursorW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
GetKeyState
UnionRect
InvalidateRect
SetTimer
KillTimer
SetCapture
ReleaseCapture
ScreenToClient
PtInRect
GetDC
CharNextW
ReleaseDC
DestroyWindow
GetFocus
MapWindowPoints
IntersectRect
GetUpdateRect
IsRectEmpty
EndPaint
BeginPaint
GetWindowLongW
OffsetRect
SetCursor
wvsprintfW
GetWindowRgn
MoveWindow
IsZoomed
SetWindowRgn
FillRect
InvalidateRgn
GetGUIThreadInfo
CreateAcceleratorTableW
GetWindowTextW
GetWindowTextLengthW
GetCaretPos
GetCaretBlinkTime
DrawTextW
CharPrevW
SetRect
CreateCaret
HideCaret
ShowCaret
SetCaretPos
GetSysColor
SetFocus
TranslateMessage
DispatchMessageW
ShowWindow
IsWindow
SetWindowLongW
DefWindowProcW
GetSystemMetrics
CallWindowProcW
LoadImageW
SendMessageW
EnableWindow
GetActiveWindow
wsprintfW
GetWindowRect
GetParent
GetWindow
ClientToScreen
PostQuitMessage
DestroyMenu
TrackPopupMenu
SetForegroundWindow
GetCursorPos
GetSubMenu
AppendMenuW
InsertMenuW
CreatePopupMenu
CreateMenu
SetWindowTextW
GetClientRect
IsWindowVisible
MessageBoxW
SetWindowPos
IsIconic
MonitorFromWindow
GetMonitorInfoW
GetMessageW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegQueryValueExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenSCManagerW
OpenServiceW
DeleteService
RegCloseKey
RegEnumKeyExW
CloseServiceHandle
CreateServiceW
StartServiceW
RegOpenKeyExW

ole32

CreateStreamOnHGlobal
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoUninitialize
StringFromCLSID
CoTaskMemFree
IIDFromString
CoInitialize

comctl32

ord17
_TrackMouseEvent

iphlpapi

GetAdaptersAddresses
GetAdaptersInfo

psapi

GetProcessImageFileNameW

imm32

ImmSetCompositionWindow
ImmSetCompositionFontW
ImmReleaseContext
ImmGetContext

gdi32

CreateRectRgn
PtInRegion
CreateCompatibleDC
GetTextMetricsW
SaveDC
BitBlt
RestoreDC
Rectangle
SetWindowOrgEx
DeleteDC
CreatePen
GetStockObject
GetObjectW
CreateFontIndirectW
DeleteObject
SelectObject
CreateCompatibleBitmap
CreateDIBSection
CreateRoundRectRgn
GetDeviceCaps
CreateSolidBrush
CreatePatternBrush
SetTextColor
SetBkMode
SelectClipRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
CombineRgn
StretchBlt
SetStretchBltMode
ExtTextOutW
SetBkColor
GetObjectA
GdiFlush
TextOutW
GetCharABCWidthsW
GetTextExtentPoint32W
RoundRect
CreatePenIndirect
MoveToEx
LineTo

oleaut32

VariantInit
VariantClear
SysFreeString
SysAllocString

gdiplus

GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipGetImageWidth
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipGetImageHeight
GdiplusShutdown
GdipFree
GdipAlloc
GdipDeleteBrush
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteGraphics
GdipDeleteFontFamily
GdipDeleteFont
GdipDisposeImage
GdipCreateBitmapFromScan0
GdiplusStartup
GdipCreateLineBrushI
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipSetCompositingQuality
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipGraphicsClear
GdipDrawString
GdipDrawImage
GdipDrawImageRectI
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipGetFamily
GdipCloneBrush
GdipCloneImage

Sections

.text
Size: 439KB - Virtual size: 439KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�e�O�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3c78a1a2ba855ef1b6235b5beee926b7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

comctl32

iphlpapi

psapi

imm32

gdi32

oleaut32

gdiplus

Sections

.text Size: 439KB - Virtual size: 439KB

.rdata Size: 96KB - Virtual size: 96KB

.data Size: 13KB - Virtual size: 37KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 34KB - Virtual size: 34KB

�e�O�u� Size: 16KB - Virtual size: 20KB

.text
Size: 439KB - Virtual size: 439KB

.rdata
Size: 96KB - Virtual size: 96KB

.data
Size: 13KB - Virtual size: 37KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 34KB - Virtual size: 34KB

�e�O�u�
Size: 16KB - Virtual size: 20KB