a0232357638587a0187f588c9693af17918a7f39a6d657e637994dd585b9716c

Sharing

Copy URL Twitter E-mail

General

Target

a0232357638587a0187f588c9693af17918a7f39a6d657e637994dd585b9716c
Size

439KB
MD5

dc96f76b635b581bbc3a8efd476d7f0c
SHA1

6fe29ed9128f3e117ac154603a10193e06892bb6
SHA256

a0232357638587a0187f588c9693af17918a7f39a6d657e637994dd585b9716c
SHA512

81d6e6b8d63b36a9df6bd5fae4c62e635527675e56aab6ef06a0ab761867cbff285d8470a0cc9b9b1e4ba67b1d8f550ce1daaa42565722fab60e075fb3e711d6
SSDEEP

12288:xOl1jzbauAdVf3kUZu4CxpPcpsidoKyU3y:xOKVDPo/xxU7hyU3

Score

N/A

Malware Config

Signatures

Files

a0232357638587a0187f588c9693af17918a7f39a6d657e637994dd585b9716c
.exe windows x86

224469272e68953cf14187af9cb6fe7a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

mpr

WNetAddConnection2A
WNetCancelConnection2A

kernel32

GetCurrentProcess
WideCharToMultiByte
GetVersion
GetModuleFileNameA
lstrlenA
GetProcAddress
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetComputerNameA
LoadLibraryExA
FormatMessageA
GetStdHandle
WriteFile
FreeLibrary
CreateFileA
CloseHandle
GetTickCount
Sleep
SetLastError
GetLastError
LocalAlloc
LoadLibraryA
LocalFree
GetModuleHandleA
SetFilePointer
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapSize
HeapAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
ExitProcess
GetCommandLineA
GetVersionExA
GetProcessHeap
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
LCMapStringA
MultiByteToWideChar
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
SetHandleCount
GetFileSize
GetStartupInfoA
GetConsoleCP
RtlUnwind
FlushFileBuffers
InitializeCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

SetWindowTextA
LoadCursorA
EndDialog
InflateRect
SendMessageA
GetSysColorBrush
GetDlgItem
DialogBoxIndirectParamA
wsprintfA
SetCursor

gdi32

GetDeviceCaps
StartDocA
StartPage
EndPage
EndDoc
SetMapMode

comdlg32

PrintDlgA

advapi32

MapGenericMask
EnumDependentServicesA
ChangeServiceConfigA
QueryServiceConfigA
QueryServiceObjectSecurity
GetSecurityDescriptorDacl
GetAce
LookupAccountSidA
EnumServicesStatusA
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
ControlService
OpenSCManagerA
OpenServiceA
StartServiceA
QueryServiceStatus
CloseServiceHandle
RegCreateKeyA
IsTextUnicode
RegSetValueExA
RegCloseKey

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj5
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj50
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj51
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj52
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj53
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj54
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj55
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj56
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj57
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj58
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj59
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1231
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAKS
Size: 512B - Virtual size: 134B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GAHS
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

224469272e68953cf14187af9cb6fe7a

Headers

DLL Characteristics

File Characteristics

Imports

version

mpr

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 2KB

.fhj5 Size: 512B - Virtual size: 180B

.fhj50 Size: 512B - Virtual size: 202B

.fhj51 Size: 512B - Virtual size: 176B

.fhj52 Size: 199KB - Virtual size: 199KB

.fhj53 Size: 199KB - Virtual size: 199KB

.fhj54 Size: 512B - Virtual size: 222B

.fhj55 Size: 512B - Virtual size: 222B

.fhj56 Size: 512B - Virtual size: 222B

.fhj57 Size: 512B - Virtual size: 222B

.fhj58 Size: 512B - Virtual size: 222B

.fhj59 Size: 512B - Virtual size: 222B

.1231 Size: 512B - Virtual size: 244B

.JAKS Size: 512B - Virtual size: 134B

.GAHS Size: 512B - Virtual size: 194B

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 512B - Virtual size: 290B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 2KB

.fhj5
Size: 512B - Virtual size: 180B

.fhj50
Size: 512B - Virtual size: 202B

.fhj51
Size: 512B - Virtual size: 176B

.fhj52
Size: 199KB - Virtual size: 199KB

.fhj53
Size: 199KB - Virtual size: 199KB

.fhj54
Size: 512B - Virtual size: 222B

.fhj55
Size: 512B - Virtual size: 222B

.fhj56
Size: 512B - Virtual size: 222B

.fhj57
Size: 512B - Virtual size: 222B

.fhj58
Size: 512B - Virtual size: 222B

.fhj59
Size: 512B - Virtual size: 222B

.1231
Size: 512B - Virtual size: 244B

.JAKS
Size: 512B - Virtual size: 134B

.GAHS
Size: 512B - Virtual size: 194B

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 512B - Virtual size: 290B