bf43eafd9365c34862e9ff41857bfacb2649e37c405bec4dae099374146cda87

Sharing

Copy URL

Twitter E-mail

General

Target

bf43eafd9365c34862e9ff41857bfacb2649e37c405bec4dae099374146cda87
Size

560KB
MD5

b0f46ff6a22ba47e9847c60bf231d16d
SHA1

d6b9ef6687fda4bafcd335784fff4cacd96d9dde
SHA256

bf43eafd9365c34862e9ff41857bfacb2649e37c405bec4dae099374146cda87
SHA512

ba6c9845d951eccea8b39958e889a74697f0acb2080c70a715035ae39561d6c1abc8e4165b5d7a8f7b7d367dd9e1b0c6892981c45a062880c9aacbcee70b34b4
SSDEEP

12288:tgwkjwm+jcxiEK6t4ttBxr0MRLC24RUe3Q1MjXStf:ewW0cDvXaLCJHQ1MStf

Score

N/A

Malware Config

Signatures

Files

bf43eafd9365c34862e9ff41857bfacb2649e37c405bec4dae099374146cda87
.exe windows x86

fd7c3f715c7c19d80e688f2b25d64a5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
Sleep
SetFilePointer
SetEnvironmentVariableA
GetTimeZoneInformation
CreateFileW
CloseHandle
ReadConsoleW
ReadFile
SetStdHandle
SetFilePointerEx
GetStringTypeW
HeapReAlloc
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
CreateThread
GetDateFormatW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
TlsFree
TlsSetValue
GlobalAlloc
TlsAlloc
GetLocalTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
GetCurrentThreadId
SetLastError
GetCPInfo
GetOEMCP
InterlockedIncrement
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
GetModuleHandleW
EnumSystemLanguageGroupsA
FindFirstFileA
DeleteFileW
GetCurrentDirectoryA
GetModuleFileNameA
LoadLibraryW
GetTimeFormatW
LoadLibraryA
FindClose
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
GetACP
IsValidCodePage
HeapSize
LoadLibraryExW
OutputDebugStringW
IsDebuggerPresent
IsProcessorFeaturePresent
WriteFile
GetCommandLineW
HeapAlloc
MultiByteToWideChar
AreFileApisANSI
ExitProcess
InterlockedDecrement
RtlUnwind
RaiseException
SetEndOfFile
HeapFree
WriteConsoleW
GetModuleHandleExW
GetModuleFileNameW
GetFileType
GetStdHandle
DecodePointer
EncodePointer
TerminateProcess
GetCurrentProcess
TlsGetValue
GetLastError

user32

LockSetForegroundWindow
DialogBoxParamW
EndDialog
GetDlgItem
GetSystemMetrics
GetMenu
GetWindowRect
OffsetRect
GetShellWindow
SetDlgItemTextW
GetFocus
EnableWindow
GetParent
GetClientRect
wsprintfW
SendMessageA
GetWindowLongW
MoveWindow
SetWindowLongW
MonitorFromWindow
SetScrollInfo
GetIconInfo
SetWindowPos
DrawIcon
MapVirtualKeyA
DialogBoxParamA
SendMessageW

gdi32

GetPixel
GetDeviceCaps
CreateICA
CreateDCA
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
BitBlt
GetStockObject

comdlg32

GetOpenFileNameA

advapi32

RegOpenKeyW
RegQueryValueExW
RegCloseKey

ole32

CoTaskMemFree
CoInitialize
CreateItemMoniker
GetRunningObjectTable
CoUninitialize
CoInitializeEx
CoCreateInstance

oleaut32

SystemTimeToVariantTime
VariantClear
VariantInit
SysFreeString
SafeArrayAccessData
SafeArrayUnaccessData

psapi

EnumProcessModules
GetModuleInformation

mpr

WNetAddConnection2A

winscard

g_rgSCardT1Pci
g_rgSCardT0Pci
SCardTransmit
SCardConnectA
SCardListReadersA
SCardEstablishContext

shlwapi

SHCreateStreamOnFileEx

rpcrt4

UuidCreate
UuidToStringW

gdiplus

GdipGetFamilyName
GdipCreateFontFamilyFromName
GdipCloneFontFamily
GdipDeleteBrush
GdipCloneBrush
GdiplusStartup
GdipDeleteFontFamily
GdipCreateSolidFill
GdipFree
GdipAlloc
GdipGetFontCollectionFamilyList
GdipGetFontCollectionFamilyCount
GdipNewInstalledFontCollection
GdipDeleteFont
GdipCreateFont

uxtheme

DrawThemeBackground

d2d1

ord1

dwrite

DWriteCreateFactory

Sections

.text
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd7c3f715c7c19d80e688f2b25d64a5b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

psapi

mpr

winscard

shlwapi

rpcrt4

gdiplus

uxtheme

d2d1

dwrite

Sections

.text Size: 323KB - Virtual size: 323KB

.rdata Size: 79KB - Virtual size: 78KB

.data Size: 10KB - Virtual size: 21KB

.rsrc Size: 147KB - Virtual size: 146KB

.text
Size: 323KB - Virtual size: 323KB

.rdata
Size: 79KB - Virtual size: 78KB

.data
Size: 10KB - Virtual size: 21KB

.rsrc
Size: 147KB - Virtual size: 146KB