bd0dba7ad8e7addc62a6223be513e312ff2db85cb956943566a62aee0bad3d2a

Sharing

Copy URL Twitter E-mail

General

Target

bd0dba7ad8e7addc62a6223be513e312ff2db85cb956943566a62aee0bad3d2a
Size

134KB
MD5

ea89897052ced7cd0976657341690abb
SHA1

2a95b4d9f94ad00c9cdfa6d98b1e8e3aaedb9dc9
SHA256

bd0dba7ad8e7addc62a6223be513e312ff2db85cb956943566a62aee0bad3d2a
SHA512

ac957b925e92f2a1011507cd0ba7395fdaf787cba4b4f7d499b16b7e2a95effb3e4beecfd6c418e0dff687a1b392d3e02e946dd082ab7981544a9122e6a3b927
SSDEEP

3072:4W9dc/SfZh3Z4dOBZYj3WoGPyvX/4dmuX+E/HRbTtAMp:4W9dhfTZXBGr73vX/4bJxbTtAMp

Score

N/A

Malware Config

Signatures

Files

bd0dba7ad8e7addc62a6223be513e312ff2db85cb956943566a62aee0bad3d2a
.exe windows x86

abbc2f83094ea1a9d7bc63bf6996715a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
GetCurrentThreadId
GetTempFileNameW
DeleteCriticalSection
GetModuleHandleA
GetProcessVersion
LocalAlloc
GetProfileStringW
GetSystemDefaultUILanguage
FindResourceW
InterlockedIncrement
DisableThreadLibraryCalls
DelayLoadFailureHook
VirtualAlloc
SizeofResource
EnterCriticalSection
GetShortPathNameW
WaitForSingleObject
FormatMessageW
GetSystemTimeAsFileTime
UnhandledExceptionFilter
LoadLibraryW
GetDriveTypeW
GlobalUnlock
SetErrorMode
GetACP
LeaveCriticalSection
GetFileAttributesW
LocalFree
FindResourceExW
MultiByteToWideChar
LoadLibraryA
GetTickCount
lstrcpyA
MulDiv
TerminateProcess
TlsFree
GetModuleFileNameW
GlobalAlloc
InterlockedCompareExchange
FindClose
FreeLibrary
LocalReAlloc
GetVolumeInformationW
SetLastError
TlsGetValue
GlobalReAlloc
WideCharToMultiByte
CreateThread
InterlockedDecrement
LoadResource
FindFirstFileW
ResetEvent
FindResourceA
InitializeCriticalSectionAndSpinCount
FreeResource
GetModuleHandleW
FindNextFileW
GetCurrentProcess
GetLastError
lstrcpyW
CreateEventW
InterlockedExchange
GetFullPathNameW
GetCurrentDirectoryW
LocalSize
GetUserDefaultLCID
SetUnhandledExceptionFilter
GetVersionExA
SetCurrentDirectoryW
CreateFileW
ExpandEnvironmentStringsW
lstrlenW
DeleteFileW
TlsSetValue
FreeLibraryAndExitThread
GetProcAddress
SetEvent
lstrlenA
GlobalFree
lstrcmpW
lstrcpynW
CloseHandle
GetCurrentProcessId
TlsAlloc
QueryPerformanceCounter
lstrcmpiW
GetLocaleInfoW

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
RegQueryValueW
RegEnumValueW
RegQueryValueExA
RegCloseKey

ws2_32

WSALookupServiceNextW
WSASendTo
freeaddrinfo
WSAStringToAddressA
getaddrinfo
WSARecvFrom
WSALookupServiceEnd
WSAAddressToStringA
WSAAddressToStringW
getnameinfo
WSASocketW
WSALookupServiceBeginW
WSAIoctl
WSAEventSelect

user32

DestroyWindow
GetSystemMenu
IsWindow
InflateRect
CreateDialogIndirectParamW
EqualRect
GetWindowLongW
CharLowerW
GrayStringW
GetWindowPlacement
GetWindowRect
ChildWindowFromPoint
ScreenToClient
KillTimer
GetDlgItemTextA
GetDlgItemInt
LoadImageW
IntersectRect
GetClientRect
EnumChildWindows
GetSysColor
EndPaint
MsgWaitForMultipleObjects
GetWindow
GetSysColorBrush
ClipCursor
DefWindowProcW
GetDC
TranslateAcceleratorW
MessageBeep
SetWindowsHookExW
DeleteMenu
SetWindowPos
DrawFocusRect
GetPropW
CreateDialogIndirectParamA
ReleaseDC
SetDlgItemTextA
MapWindowPoints
SetWindowPlacement
DrawEdge
ValidateRect
DialogBoxIndirectParamW
WinHelpW
DrawIcon
CreateDialogIndirectParamAorW
RegisterWindowMessageA
DialogBoxIndirectParamAorW
RegisterWindowMessageW
FrameRect
PostMessageW
LoadCursorW
SetPropW
GetKeyboardLayout
DestroyMenu
CheckDlgButton
CharPrevW
CallNextHookEx
CallWindowProcW
DrawTextW
IsWindowEnabled
SetCapture
LockWindowUpdate
SendDlgItemMessageW
UnhookWindowsHookEx
PeekMessageW
RemovePropW
GetDialogBaseUnits
SetParent
IsWindowVisible
EnableWindow
DispatchMessageW
GetFocus
SendMessageW
CopyRect
BeginPaint
ShowCursor
GetDlgItem
MessageBoxW
EndDialog
GetParent
CreatePopupMenu
TranslateMessage
SetTimer
SetWindowTextW
PtInRect
LoadStringW
GetWindowLongA
RedrawWindow
SetCursor
InvalidateRect
CreateWindowExW
GetDlgCtrlID
SetWindowLongW
FindWindowExW
CheckRadioButton
LoadAcceleratorsW
EndDeferWindowPos
BeginDeferWindowPos
GetWindowTextW
GetWindowTextLengthW
UpdateWindow
DlgDirListW
IsDlgButtonChecked
SetDlgItemTextW
ShowWindow
CharNextA
LoadIconW
GetKeyState
GetDlgItemTextW
SetFocus
GetSystemMetrics
GetLastActivePopup
SetDlgItemInt
DeferWindowPos
CharNextW
MoveWindow
FillRect
RegisterClipboardFormatW

gdi32

CreateDIBitmap
CreateFontW
CreateCompatibleDC
ExtTextOutW
RealizePalette
TextOutW
SetTextColor
CreateDCW
GetViewportExtEx
SelectObject
DeleteObject
SetBkColor
GetTextExtentPointW
TranslateCharsetInfo
LineTo
GetMapMode
CreateRectRgnIndirect
GetWindowExtEx
PatBlt
CreatePen
SetBkMode
GetCharWidth32W
GetTextMetricsW
CreateFontIndirectW
SelectClipRgn
CreateICW
BitBlt
GetNearestColor
GetDeviceCaps
Rectangle
SetWindowExtEx
DeleteDC
SetMapMode
EnumFontFamiliesExW
SelectPalette
MoveToEx
GetStockObject
SetViewportExtEx
GetTextCharset
GetTextCharsetInfo
ExcludeClipRect
CreateSolidBrush
CreateCompatibleBitmap
CreateDiscardableBitmap
GetObjectW

dnsapi

DnsReplaceRecordSetW

ntdll

memmove
_wcsicmp
NtQueryVirtualMemory
RtlIsNameLegalDOS8Dot3
_chkstk
_vsnwprintf
RtlUnicodeToMultiByteSize
RtlInitUnicodeStringEx
RtlUnwind
RtlUnicodeStringToAnsiString
wcslen
RtlAnsiStringToUnicodeString

comctl32

PropertySheetW
InitCommonControlsEx
CreatePropertySheetPageW
ImageList_Draw
CreateToolbarEx
ImageList_Destroy
ImageList_GetIconSize

ole32

CoInitializeEx
CoCreateInstance
CoTaskMemFree
CoUninitialize

mswsock

GetAcceptExSockaddrs
AcceptEx

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 94KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

abbc2f83094ea1a9d7bc63bf6996715a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ws2_32

user32

gdi32

dnsapi

ntdll

comctl32

ole32

mswsock

Sections

.text Size: 5KB - Virtual size: 4KB

.rsrc Size: 25KB - Virtual size: 24KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 94KB - Virtual size: 200KB

.text
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 25KB - Virtual size: 24KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 94KB - Virtual size: 200KB