db5a5bf29a8fdf4afd31106545f68d38af3bfd0e5bb31acf7a8de7bb045f348b

Sharing

Copy URL Twitter E-mail

General

Target

db5a5bf29a8fdf4afd31106545f68d38af3bfd0e5bb31acf7a8de7bb045f348b
Size

457KB
MD5

68df9912da5f323d15bfc958f4583a35
SHA1

3d476334addb3aec78738e61295a93c0059bca08
SHA256

db5a5bf29a8fdf4afd31106545f68d38af3bfd0e5bb31acf7a8de7bb045f348b
SHA512

fb473991c772ac819e4501ec2235543715a78c685c7b800f91e42918751c3d7f3f78116558a1047e584f11f129f3382c4080f7da1270ddbcd0df48d3a6fd6e83
SSDEEP

12288:bLxcUCa5FzOPxEeF/hoLzcdPWP06QtK88EVMOnufu6g:bLBFp+yLzzQtKREVMOnu3g

Score

N/A

Malware Config

Signatures

Files

db5a5bf29a8fdf4afd31106545f68d38af3bfd0e5bb31acf7a8de7bb045f348b
.exe windows x86

f187570f7aab8aa88fff5ab6a1de6efd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM

Imports

kernel32

OutputDebugStringA
RaiseException
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LoadLibraryW
GetStringTypeW
SetFilePointer
SetStdHandle
FlushFileBuffers
CloseHandle
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
CreateFileW
SetEndOfFile
GetProcessHeap
GetLastError
HeapCreate
HeapAlloc
WriteConsoleW
lstrlenW
WideCharToMultiByte
CreateFileA
GetCommandLineA
FindFirstFileA
FindNextFileA
DeleteCriticalSection
IsBadReadPtr
HeapValidate
GetStdHandle
RtlUnwind
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
GetConsoleMode
GetConsoleCP
WriteFile
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
LCMapStringW
SetLastError
TlsFree
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetCPInfo
ReadFile
GetOEMCP
GetACP
GetModuleFileNameW
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetProfileStringA
OutputDebugStringW
GetStartupInfoW
HeapSetInformation
ExitProcess
GetModuleHandleW
GetProcAddress
FindClose
EnumDateFormatsA
DecodePointer
InterlockedDecrement
InterlockedIncrement

user32

SetWindowPos
InvalidateRect
SetScrollPos
MessageBoxW
PostQuitMessage
SetWindowRgn
FindWindowExA
SendMessageA
SetDlgItemInt
IsDlgButtonChecked
FindWindowA
GetDlgItemTextA
SendDlgItemMessageA
CheckDlgButton
GetClipCursor
LoadBitmapA
GetDesktopWindow
GetWindow
SetWindowTextA
SetWindowLongA
GetDlgItem
ShowWindow
GetWindowRect
GetParent
SetDlgItemTextA
MoveWindow
GetSystemMetrics
MessageBoxA
EndDialog
GetDC
ReleaseDC
GetIconInfo
DrawIcon
GetClientRect
SetScrollRange

gdi32

CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
CreateCompatibleBitmap
CreateSolidBrush
GetObjectA
BitBlt
CreateEllipticRgnIndirect
CreateMetaFileA
SetMapMode
SetWindowExtEx
SetWindowOrgEx
CreateFontIndirectA
ExtTextOutA
MoveToEx
LineTo
CloseMetaFile
DeleteMetaFile
CreateDCA
GetTextMetricsA

advapi32

RegCloseKey
RegOpenKeyExW
RegEnumKeyExA

shell32

ord727
SHGetFileInfoW
ExtractIconExA
SHGetFolderPathA
SHGetFolderPathW

ole32

CoInitialize
CoDosDateTimeToFileTime

oleaut32

OleCreatePictureIndirect

odbc32

ord75
ord24
ord39
ord7
ord72
ord19
ord12

ws2_32

WSAStartup
socket
bind
getsockopt
closesocket
WSACleanup
WSALookupServiceBeginA
WSAGetLastError
WSALookupServiceNextA
WSALookupServiceEnd
inet_addr

winmm

sndPlaySoundA

iphlpapi

SendARP

shlwapi

PathAppendA
PathUnquoteSpacesA
wnsprintfA
AssocCreate

comctl32

ImageList_ReplaceIcon
ImageList_Add
ImageList_Create

secur32

QuerySecurityPackageInfoA
FreeContextBuffer

Sections

.text
Size: 379KB - Virtual size: 378KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f187570f7aab8aa88fff5ab6a1de6efd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

odbc32

ws2_32

winmm

iphlpapi

shlwapi

comctl32

secur32

Sections

.text Size: 379KB - Virtual size: 378KB

.rdata Size: 51KB - Virtual size: 51KB

.data Size: 8KB - Virtual size: 16KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 379KB - Virtual size: 378KB

.rdata
Size: 51KB - Virtual size: 51KB

.data
Size: 8KB - Virtual size: 16KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 17KB - Virtual size: 16KB