1903054965db85227c9324e88928a00e36890de4e0dec8961abf68520b48e3f3

Sharing

Copy URL

Twitter E-mail

General

Target

1903054965db85227c9324e88928a00e36890de4e0dec8961abf68520b48e3f3
Size

221KB
MD5

616cbb4e11a548edd591c2616e6f013f
SHA1

f44f8aff3f97f40f245e66cb3567b86d4a54233b
SHA256

1903054965db85227c9324e88928a00e36890de4e0dec8961abf68520b48e3f3
SHA512

b8d4be20f1966d95647c7e210c3f980f1672625df24f097e9b139071ed42ec6ac02dc1f33ac96f0b65d159821a5353b839d2d9522c6f85b2aa51b655adb0256f
SSDEEP

3072:6b5luOp7O8qqImu2yvIB+RBNyBNKKh2XKqxWBNUx+kL+ERNvUfb/XzV4XS83DhQi:QsO2ths6UwhXxWWRL+fD/Xzu19Qi

Score

N/A

Malware Config

Signatures

Files

1903054965db85227c9324e88928a00e36890de4e0dec8961abf68520b48e3f3
.exe windows x86

9c08d4bb3483533f0f7634d75f80e90d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
FormatMessageW
CreateMailslotA
lstrlenA
GetCurrentDirectoryA
GetNumberFormatW
GetCommState
ReadConsoleW
ReadFile
CreateFileW
GetStringTypeW
OutputDebugStringW
WriteConsoleW
GetHandleInformation
CloseHandle
LockFile
DeleteCriticalSection
TerminateProcess
ExitProcess
VirtualProtect
GetBinaryTypeA
GlobalMemoryStatus
GlobalAlloc
PeekConsoleInputW
GetProcAddress
SetFilePointerEx
FlushFileBuffers
SetStdHandle
HeapReAlloc
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LoadLibraryExW
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetCommandLineW
IsProcessorFeaturePresent
GetLastError
HeapAlloc
HeapFree
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
HeapSize
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetConsoleCP
GetConsoleMode
SetLastError
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
LCMapStringW
SetEndOfFile

user32

GetClassInfoW
MenuItemFromPoint
DrawIcon
EnumPropsW
SendMessageA

gdi32

GetEnhMetaFileHeader
CopyEnhMetaFileW
EnumMetaFile
SetMapMode
SetDCBrushColor
GetCharWidth32A
PolylineTo

advapi32

LookupPrivilegeNameA
AccessCheckByType
LockServiceDatabase

winhttp

WinHttpSetDefaultProxyConfiguration
WinHttpCloseHandle
WinHttpQueryDataAvailable
WinHttpSetTimeouts
WinHttpGetProxyForUrl
WinHttpTimeToSystemTime

msimg32

TransparentBlt

Exports

Exports

MyFunc165@@4

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 63KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c08d4bb3483533f0f7634d75f80e90d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winhttp

msimg32

Exports

Exports

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 46KB - Virtual size: 45KB

.data Size: 5KB - Virtual size: 8.0MB

.text Size: 63KB - Virtual size: 66KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 46KB - Virtual size: 45KB

.data
Size: 5KB - Virtual size: 8.0MB

.text
Size: 63KB - Virtual size: 66KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 5KB - Virtual size: 5KB