06d808c472aaa37b3df04d4d3b18ea90339a3e44cd16d61aa6bf4d3187d7eccc

Sharing

Copy URL

Twitter E-mail

General

Target

06d808c472aaa37b3df04d4d3b18ea90339a3e44cd16d61aa6bf4d3187d7eccc
Size

698KB
MD5

497ff42b0a1626b69e4234d94569b9a5
SHA1

335754dcd73a30bf83536489c1e3c5c34654c014
SHA256

06d808c472aaa37b3df04d4d3b18ea90339a3e44cd16d61aa6bf4d3187d7eccc
SHA512

804a6c21ea74b795e80936dd4986dc99fc7d59b265274b74b11c2cb4f13ab36fc9bda365c20975e1cc615670579aab9771db9f09c8d7a8ec20f0e2813729539d
SSDEEP

12288:Vj5QBGxzmMepfA1WswUZyNLKPwSMUMcNyPdScygB0G83zAO+QQMCb246F:4BlMepfAcswUZyNqGMrgBs3zF5Q7b24U

Score

N/A

Malware Config

Signatures

Files

06d808c472aaa37b3df04d4d3b18ea90339a3e44cd16d61aa6bf4d3187d7eccc
.exe windows x86

21fd7a8e66b864e55bbebfb189880e95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
FlushFileBuffers
GetStringTypeW
LCMapStringW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
LoadLibraryExW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GlobalMemoryStatus
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameW
GetProcessHeap
GetStartupInfoW
CreateFileW
GetStdHandle
DeleteCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
GetCurrentThreadId
SetLastError
HeapSize
WideCharToMultiByte
GetVersion
LocalAlloc
GetCurrentProcess
GetEnvironmentStringsW
SetEndOfFile
SetConsoleTitleW
GetPriorityClass
CancelIoEx
GetCommandLineW
LoadLibraryA
CreateEventW
CreateEventA
GetTickCount
GetSystemInfo
MulDiv
CloseHandle
ReadFile
WriteFile
Sleep
WaitForSingleObject
GlobalAlloc
GetProcAddress
FreeLibrary
FindNextFileA
FindFirstFileA
GetFileAttributesExA
lstrcmpA
GetVolumeInformationA
lstrcpyA
AreFileApisANSI
GetModuleHandleExW
ExitProcess
HeapFree
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
IsProcessorFeaturePresent
RaiseException
RtlUnwind
DecodePointer
EncodePointer
GetOverlappedResult
GetLastError
GetFileType
FreeEnvironmentStringsA
GetDriveTypeA
GetModuleHandleA
GetLogicalDriveStringsA
lstrcatA
GetSystemTimeAsFileTime

user32

GetProcessWindowStation
MessageBoxA
DestroyWindow
PostQuitMessage
RegisterClassExW
GetUserObjectInformationW
ShowWindow
DialogBoxParamA
EndDialog
LoadAcceleratorsA
TranslateAcceleratorA
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExW
LoadBitmapA
GetWindow
GetClassNameA
GetParent
GetDesktopWindow
SetWindowLongA
OffsetRect
CopyRect
GetSysColor
GetCursorPos
EndPaint
GetWindowTextA
SetWindowTextA
SetScrollPos
ScrollWindowEx
InvalidateRect
GetClientRect
BeginPaint
ReleaseDC
GetDC
DrawIcon
CreatePopupMenu
DrawMenuBar
GetSystemMetrics
EnableWindow
SendInput
SetFocus
SendDlgItemMessageW
SendDlgItemMessageA
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItem
DialogBoxIndirectParamA
SetWindowPos
MoveWindow
CallWindowProcA
wsprintfA
CreateWindowExA
SendMessageA
LoadIconA
LoadCursorA
GetWindowRect
UpdateWindow

gdi32

CreateFontIndirectA
CreateCompatibleDC
StretchBlt
SetWindowExtEx
GetObjectA
SetAbortProc
CreateHalftonePalette
SetTextColor
BitBlt
SetMapMode
SelectObject
GetTextExtentPoint32A
GetStockObject
GetPixel
GetDeviceCaps
FillRgn
DeleteObject
DeleteDC

comdlg32

ChooseFontA
GetSaveFileNameW

advapi32

ReportEventA
DeregisterEventSource
OpenProcessToken
GetTokenInformation
LsaNtStatusToWinError
CredEnumerateA
CryptGenRandom
CryptGenKey
CryptReleaseContext
CryptAcquireContextA
RegisterEventSourceA

shell32

CommandLineToArgvW
SHCreateShellItem
SHBrowseForFolderA
ShellExecuteA

ole32

CreateFileMoniker
BindMoniker
CoInitializeEx
CoUninitialize

odbc32

ord12
ord24
ord39
ord75
ord72
ord19
ord7

comctl32

ImageList_Add
InitCommonControlsEx
ImageList_Create
ord17

shlwapi

StrStrA
StrNCatA

ws2_32

WSALookupServiceBeginA
WSALookupServiceNextA
WSALookupServiceEnd
inet_addr
WSAGetLastError
WSAStartup
WSACleanup

netapi32

NetShareGetInfo

iphlpapi

SendARP

secur32

LsaEnumerateLogonSessions
LsaGetLogonSessionData
LsaFreeReturnBuffer

imm32

ImmGetDefaultIMEWnd

winhttp

WinHttpCloseHandle
WinHttpAddRequestHeaders
WinHttpCheckPlatform

Exports

Exports

Try

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21fd7a8e66b864e55bbebfb189880e95

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

odbc32

comctl32

shlwapi

ws2_32

netapi32

iphlpapi

secur32

imm32

winhttp

Exports

Exports

Sections

.text Size: 125KB - Virtual size: 125KB

.rdata Size: 165KB - Virtual size: 165KB

.data Size: 26KB - Virtual size: 43KB

.rsrc Size: 360KB - Virtual size: 360KB

.reloc Size: 19KB - Virtual size: 19KB

.text
Size: 125KB - Virtual size: 125KB

.rdata
Size: 165KB - Virtual size: 165KB

.data
Size: 26KB - Virtual size: 43KB

.rsrc
Size: 360KB - Virtual size: 360KB

.reloc
Size: 19KB - Virtual size: 19KB