1812fe508c81ecfdf08b6f3f6962f9ebbf683c7b39d60fbeca5a0663ff196cce

Sharing

Copy URL

Twitter E-mail

General

Target

1812fe508c81ecfdf08b6f3f6962f9ebbf683c7b39d60fbeca5a0663ff196cce
Size

323KB
MD5

28ed4ff60872b6508a99b4757d30bea5
SHA1

b1dc8d74c51409560a13bc57212a45bd5ae7f0b3
SHA256

1812fe508c81ecfdf08b6f3f6962f9ebbf683c7b39d60fbeca5a0663ff196cce
SHA512

5a6fb3b7fbc55b8e9e68a8c9cc3932e6503d781fffb06da6ccb4e6a686aae9e7a0803f7cf88f09492c34f23e199a7c2cdb25c1b25e09ac0db192c2cdc32b1779
SSDEEP

6144:PAOMwYBX52aXXDNB9RXNq9z/g/YOMIZGXqT0Zz+GoJCSh:PAOlYR52yRB9RXM9fSwRZm

Score

N/A

Malware Config

Signatures

Files

1812fe508c81ecfdf08b6f3f6962f9ebbf683c7b39d60fbeca5a0663ff196cce
.exe windows x86

98793f76511473a60d3020afc5f875ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

GetModuleHandleA
CloseHandle
OpenFileMappingA
SetConsoleMode
ReadConsoleInputA
GetProcessHeap
SetEndOfFile
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
CreateFileA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
HeapSize
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
ReadFile
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
CreatePipe
WaitForMultipleObjects
OpenEventA
WritePrivateProfileStringA
LoadLibraryA
GetProcAddress
GetLastError
Sleep
GetCurrentThread
WaitForSingleObject
SetEvent
GetCurrentProcess
HeapAlloc
MapViewOfFile
GetFullPathNameA
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
GetStdHandle
WriteFile
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
ExitProcess
GetModuleHandleW

user32

UpdateWindow
DestroyCursor
SetDlgItemTextW
LoadImageA
SetWindowTextA
SendMessageW
EndDialog
GetDlgItem
ReleaseDC
SetClassLongW
BringWindowToTop
InvalidateRect
MessageBoxA
SetRect
GetAsyncKeyState
GetWindowTextA
LoadIconW
GetForegroundWindow
GetSystemMetrics
ShowWindow
EnumChildWindows
GetCaretPos
SetWindowPos
GetSysColor
ScreenToClient
GetWindowRect
SendDlgItemMessageA
FillRect
wsprintfA
GetClientRect
SetFocus
SendMessageA
EnumWindows
GetUpdateRect
GetDC
CharLowerBuffA

gdi32

ExcludeClipRect
RemoveFontResourceW
DeleteObject
SelectObject
SelectClipRgn
Polyline
CreatePen
CreateDIBitmap
GetStockObject
CreateSolidBrush
GetTextExtentPoint32A

comdlg32

GetOpenFileNameW

advapi32

AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenThreadToken
OpenProcessToken
FreeSid

ole32

CreateStreamOnHGlobal
ReadClassStg
StgCreateDocfile
WriteClassStg
StgOpenStorage

ws2_32

accept
WSAWaitForMultipleEvents
listen
send
WSACreateEvent
socket
bind
recv
WSAEventSelect
htons
WSAEnumNetworkEvents
WSAGetLastError
inet_addr
WSAStartup
ioctlsocket
WSACloseEvent

pdh

PdhOpenQueryA
PdhOpenLogA
PdhUpdateLogA
PdhAddCounterA

oleacc

CreateStdAccessibleObject

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98793f76511473a60d3020afc5f875ef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

ws2_32

pdh

oleacc

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 60KB - Virtual size: 60KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 108KB - Virtual size: 107KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 60KB - Virtual size: 60KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 108KB - Virtual size: 107KB