f32f6b229913d68daad937cc72a57aa45291a9d623109ed48938815aa7b6005c

Sharing

Copy URL

Twitter E-mail

General

Target

f32f6b229913d68daad937cc72a57aa45291a9d623109ed48938815aa7b6005c
Size

246KB
MD5

505262547f8879249794fc31eea41fc6
SHA1

b312dd587e8725edf782e0c176b902fbbfc01468
SHA256

f32f6b229913d68daad937cc72a57aa45291a9d623109ed48938815aa7b6005c
SHA512

68e8acf5d310f763182ea484efa196e35ce8e0665e697a82c6d171d4d0a3fb5ccd3f3a01e22a1219341e9e4a1ade626d7a98e36385b09f07b585b09ab228eba3
SSDEEP

6144:HIfB+z77AzsX/7yqTJ2nnCo4Up9BSqjGXsgxH:HS4ozq/7ENBA

Score

N/A

Malware Config

Signatures

Files

f32f6b229913d68daad937cc72a57aa45291a9d623109ed48938815aa7b6005c
.exe windows x64

82fb39e3cccd7598249f660492cabe4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SystemTimeToFileTime
GetTickCount
WriteFile
WideCharToMultiByte
FileTimeToSystemTime
ReadFile
CreateFileW
GetLocalTime
CloseHandle
GetFileInformationByHandle
MultiByteToWideChar
GetCurrentDirectoryW
GetProcAddress
LoadLibraryA
CreateThread
WaitForSingleObject
InitializeCriticalSection
ExitProcess
GetModuleHandleA
GetCurrentProcess
GetLastError
FindFirstFileW
UnmapViewOfFile
GetModuleHandleW
Sleep
LeaveCriticalSection
GlobalUnlock
GetTempPathW
EnterCriticalSection
DeleteFileW
TerminateThread
SetEndOfFile
WriteConsoleW
FlushFileBuffers
SetStdHandle
GetStringTypeW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
LCMapStringW
HeapReAlloc
SetFilePointer
GlobalLock
GetFileSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LoadLibraryExW
ReadConsoleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
EncodePointer
DecodePointer
HeapFree
HeapAlloc
GetModuleHandleExW
AreFileApisANSI
GetCommandLineA
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
HeapSize
IsProcessorFeaturePresent
SetLastError
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetModuleFileNameW
IsDebuggerPresent
DeleteCriticalSection
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

GetWindowTextA
GetDesktopWindow
DispatchMessageW
UnhookWindowsHookEx
OpenClipboard
SetWindowsHookExW
PeekMessageW
GetClipboardData
TranslateMessage
CallNextHookEx
GetKeyState
MapVirtualKeyW
CloseClipboard
VkKeyScanW
keybd_event
GetForegroundWindow

advapi32

LookupPrivilegeValueW
OpenProcessToken
AdjustTokenPrivileges

ws2_32

closesocket
send
listen
inet_ntoa
socket
recv
shutdown
htons
WSAGetLastError
htonl
inet_addr
connect
bind
accept

gdiplus

GdipSaveImageToStream
GdipFree
GdipAlloc
GdipGetImageEncodersSize
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipGetImageEncoders
GdipCloneImage

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82fb39e3cccd7598249f660492cabe4c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

gdiplus

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 62KB - Virtual size: 61KB

.data Size: 11KB - Virtual size: 22KB

.pdata Size: 7KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 62KB - Virtual size: 61KB

.data
Size: 11KB - Virtual size: 22KB

.pdata
Size: 7KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 2KB