388d434e45ab394475c308a3ca1d99f0d8b938da8189221d36438d05f78ab559

Sharing

Copy URL

Twitter E-mail

General

Target

388d434e45ab394475c308a3ca1d99f0d8b938da8189221d36438d05f78ab559
Size

457KB
MD5

cfef19baf2fc5238c6d05b636660b9b1
SHA1

7c8083906cebd29aaca04468c90605b54e47ea0e
SHA256

388d434e45ab394475c308a3ca1d99f0d8b938da8189221d36438d05f78ab559
SHA512

402a6d9e47f32987538b6765234b6d83cc6c3ec40ff04b0adba064dc2ab8e6439d4111f3ede35c30593ee69b5c03ed295392df0a227ceb2f49c0cc3c5c8da247
SSDEEP

12288:y8BQ5Gbnegf3qupfj5KZz8XFo/7+PN/y7f:k5GbneUqupfj5g8VeIy7f

Score

N/A

Malware Config

Signatures

Files

388d434e45ab394475c308a3ca1d99f0d8b938da8189221d36438d05f78ab559
.exe windows x86

f98e48a31772d3ae08656f8f568b9edc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
LocalAlloc
SetEndOfFile
OutputDebugStringW
WriteConsoleW
LoadLibraryExW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetOEMCP
GetACP
IsValidCodePage
HeapSize
IsDebuggerPresent
EnumSystemLocalesW
GlobalFree
IsValidLocale
GetLocaleInfoW
LCMapStringW
IsProcessorFeaturePresent
SetConsoleCursorPosition
CreateThread
GetConsoleScreenBufferInfo
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
CopyFileA
GetCompressedFileSizeW
CreateFileW
GetFullPathNameW
GetModuleHandleA
GetModuleFileNameW
LoadLibraryA
CreateEventA
FormatMessageW
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
CreateFileA
GetModuleFileNameA
FormatMessageA
CloseHandle
ReadFile
GetFileSize
GetLastError
GetProcessHeap
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
LocalFree
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
MulDiv
GetStdHandle
WaitForSingleObject
AreFileApisANSI
GetModuleHandleExW
HeapFree
HeapReAlloc
HeapAlloc
GetUserDefaultLCID
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
RtlUnwind
RaiseException
GetStringTypeW
WideCharToMultiByte
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFileType
WriteFile
GetVersion
MultiByteToWideChar
GetCurrentThreadId

user32

wsprintfA
DispatchMessageA
TranslateMessage
GetProcessWindowStation
SendMessageA
GetUserObjectInformationW
GetMessageA
DdeNameService
RegisterRawInputDevices
GetCursorInfo
EnumDisplayMonitors
DlgDirSelectExA
GetIconInfo
LoadBitmapA
PtInRect
OffsetRect
GetSysColorBrush
GetCursorPos
MessageBoxA
GetClientRect
SetWindowTextA
InvalidateRect
BeginPaint
GetDC
WindowFromDC
UpdateWindow
DrawIcon
GetMenuItemCount
GetMenuStringA
GetSystemMetrics
VkKeyScanA
GetDlgItem
EndDialog
CreateWindowExA
PostQuitMessage

gdi32

SetViewportOrgEx
GetObjectA
SetAbortProc
StretchBlt
SelectObject
SelectClipRgn
GetClipBox
DeleteObject
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
ChoosePixelFormat

advapi32

RegisterEventSourceA
DeregisterEventSource
CryptAcquireContextA
CryptReleaseContext
LsaNtStatusToWinError
SetNamedSecurityInfoW
SetEntriesInAclA
FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
CryptImportKey
CryptDestroyKey
ReportEventA

shell32

SHParseDisplayName
SHCreateDirectoryExA
SHGetDataFromIDListA
SHBindToParent
SHGetSpecialFolderPathA
SHGetDesktopFolder

ole32

CoTaskMemFree
CoCreateInstance
CoInitializeEx
CreateStreamOnHGlobal
CoUninitialize

oleaut32

OleLoadPicture
UnRegisterTypeLi

shlwapi

wvnsprintfA
PathRemoveFileSpecW

crypt32

CryptBinaryToStringA
CryptStringToBinaryA
CryptDecodeObjectEx

winmm

mciSendCommandA

comctl32

ImageList_Add
ImageList_Create
ord17

rpcrt4

RpcBindingFromStringBindingA
RpcBindingFree
RpcStringFreeA
RpcMgmtSetComTimeout
RpcBindingSetObject
RpcStringBindingComposeA

secur32

LsaEnumerateLogonSessions
LsaFreeReturnBuffer
LsaGetLogonSessionData

setupapi

SetupCopyOEMInfA

ntdsapi

DsMapSchemaGuidsA
DsMakeSpnA

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f98e48a31772d3ae08656f8f568b9edc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

crypt32

winmm

comctl32

rpcrt4

secur32

setupapi

ntdsapi

Sections

.text Size: 145KB - Virtual size: 145KB

.rdata Size: 159KB - Virtual size: 158KB

.data Size: 27KB - Virtual size: 44KB

.text Size: 2KB - Virtual size: 1KB

.rsrc Size: 102KB - Virtual size: 101KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 145KB - Virtual size: 145KB

.rdata
Size: 159KB - Virtual size: 158KB

.data
Size: 27KB - Virtual size: 44KB

.text
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 102KB - Virtual size: 101KB

.reloc
Size: 20KB - Virtual size: 19KB