cec8960741377aa0ee61eb66ef8bfdd16a8f1160ef44e0b372957b613fb5d479

Sharing

Copy URL

Twitter E-mail

General

Target

cec8960741377aa0ee61eb66ef8bfdd16a8f1160ef44e0b372957b613fb5d479
Size

466KB
MD5

6af17e74bc05e1780e7e21c96f508c3f
SHA1

ad691618c705867c8d77da814d94e748cbf83220
SHA256

cec8960741377aa0ee61eb66ef8bfdd16a8f1160ef44e0b372957b613fb5d479
SHA512

2771d1c64a1997a8de8cf5f4aed9cf3812a9020df589b856b0106a5e0608642594d86b97c01929afbe4d2626d948c86f856894d79b868f714b38164c93ee5d3d
SSDEEP

12288:bZsOp1DhDL4JrSLL4vSuRKJolUM9pw+Vw1z4RJFlfrhY:bZPnDhVLcvSuMIUMzV0cflfrS

Score

N/A

Malware Config

Signatures

Files

cec8960741377aa0ee61eb66ef8bfdd16a8f1160ef44e0b372957b613fb5d479
.exe windows x86

6653fdfee90fecbe99403fad8104cc4d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

SetEndOfFile
WriteConsoleW
SetFilePointer
ReadFile
HeapReAlloc
HeapSize
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
LoadLibraryW
Sleep
GetStringTypeW
LCMapStringW
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetStdHandle
WriteFile
lstrlenW
GetLastError
LocalAlloc
CloseHandle
GetProcessHeap
HeapCreate
lstrlenA
GetProcAddress
FormatMessageA
HeapAlloc
HeapFree
CreateFileA
DeviceIoControl
lstrcmpiA
lstrcpyA
CreateProcessA
SetEvent
WaitForSingleObject
WaitForMultipleObjects
SetLastError
GetModuleHandleA
LoadLibraryA
ExitProcess
LeaveCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentThreadId
GetModuleHandleW
TlsFree
DecodePointer
TlsSetValue
TlsGetValue
CreateFileW
TlsAlloc
EncodePointer
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetStartupInfoW
HeapSetInformation
GetCommandLineA
MultiByteToWideChar

user32

GetMenuItemCount
SendInput
InsertMenuItemA
GetMenuItemInfoA
SetMenuItemInfoA
DrawTextA
wsprintfA
GetDialogBaseUnits
DefWindowProcA
PostQuitMessage
GetMenuStringA
InvalidateRgn
EndPaint
BeginPaint
GetDC
GetWindowRect
GetDesktopWindow
GetSystemMetrics
SystemParametersInfoA
GetMenu
SetCapture
ReleaseDC
GetSubMenu
DestroyWindow
InvalidateRect
UpdateWindow
MessageBoxA
GetClientRect
ClientToScreen
OffsetRect
GetMenuItemID
DrawIcon
GetIconInfo
DispatchMessageA
TranslateMessage
PeekMessageA
SendMessageA
GetDlgItem
LoadBitmapA
SetRect

gdi32

CreateCompatibleBitmap
BitBlt
GetPixel
DeleteDC
CreateFontIndirectA
DeleteObject
GetStockObject
GetObjectA
GetTextMetricsA
SetTextColor
TextOutA
Rectangle
SelectObject
CreateCompatibleDC

comdlg32

GetOpenFileNameA
ChooseFontA

advapi32

RegSetValueExW
RegCloseKey
GetAclInformation
RegCreateKeyExW

ole32

OleUninitialize
OleFlushClipboard
GetHGlobalFromStream
CoMarshalInterface
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleSetClipboard
OleInitialize
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoMarshalInterThreadInterfaceInStream

wininet

HttpQueryInfoA
InternetSetOptionA
InternetGetLastResponseInfoA

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

shlwapi

StrToIntExA
PathFindFileNameW

gdiplus

GdipDeleteBrush
GdipCreatePen1
GdipDeletePen
GdipCreateStringFormat
GdipFillPath
GdipGraphicsClear
GdipDrawPath
GdipSetSmoothingMode
GdipCreateFromHDC
GdipAddPathString
GdipCreateSolidFill
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteGraphics
GdipDeletePath
GdipCreatePath
GdipDeleteStringFormat
GdiplusStartup

snmpapi

SnmpUtilOidCpy
SnmpUtilOidFree

Sections

.text
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.next
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.port
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6653fdfee90fecbe99403fad8104cc4d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

wininet

userenv

shlwapi

gdiplus

snmpapi

Sections

.text Size: 261KB - Virtual size: 261KB

.rdata Size: 79KB - Virtual size: 78KB

.data Size: 6KB - Virtual size: 13KB

.next Size: 3KB - Virtual size: 3KB

.port Size: 7KB - Virtual size: 6KB

.rsrc Size: 99KB - Virtual size: 98KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 261KB - Virtual size: 261KB

.rdata
Size: 79KB - Virtual size: 78KB

.data
Size: 6KB - Virtual size: 13KB

.next
Size: 3KB - Virtual size: 3KB

.port
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 99KB - Virtual size: 98KB

.reloc
Size: 9KB - Virtual size: 9KB