ad85c7006624d89d7813c02ae3e87a08dadf506204deac039f21a728c3222aa7

Sharing

Copy URL Twitter E-mail

General

Target

ad85c7006624d89d7813c02ae3e87a08dadf506204deac039f21a728c3222aa7
Size

538KB
MD5

5b5a13c3a9cfc515bf14be34f199f4ad
SHA1

2fa4ee228f68dd4dad6ae7c70fd6921e4b046fb5
SHA256

ad85c7006624d89d7813c02ae3e87a08dadf506204deac039f21a728c3222aa7
SHA512

710fd77315001d3abd51816d81aee205e08fd5b79919fdb76ddad4821272f592bc4471675726d7ecb9215eb5b1eec4b9dece8b6596d29910b2ae34f0d1d4da13
SSDEEP

12288:7skV5PKVEAyQWC3hzddbEIMlhyygzS6MKRjLI9IypHf6Z1ET+0GvcOOQ7:J5PKNyTCxZylhBgzqeyty4G1L

Score

N/A

Malware Config

Signatures

Files

ad85c7006624d89d7813c02ae3e87a08dadf506204deac039f21a728c3222aa7
.exe windows x86

24d98cdee96c7d87c2a06f718873b6b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

Imports

kernel32

GetTimeZoneInformation
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
LeaveCriticalSection
WaitForSingleObject
GetStringTypeW
GetOEMCP
GetACP
GetCPInfo
GetModuleHandleA
GetCurrentThreadId
LoadLibraryW
HeapSize
LCMapStringW
MultiByteToWideChar
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
WriteConsoleW
SetStdHandle
CompareStringW
SetEnvironmentVariableA
HeapCreate
lstrcpynA
SetLastError
InterlockedIncrement
GetProcAddress
CreateEventA
CreateThread
CloseHandle
GetSystemInfo
CreateFileA
GetFileSize
CreateFileMappingA
TlsFree
TlsSetValue
CreateFileW
TlsGetValue
TlsAlloc
GetModuleFileNameW
GetStdHandle
IsValidCodePage
SetEvent
MapViewOfFile
EnterCriticalSection
GetLastError
WriteFile
ExitProcess
GetModuleHandleW
GetCurrentProcess
TerminateProcess
DecodePointer
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InterlockedDecrement
LoadLibraryA
HeapFree
HeapAlloc
RaiseException
RtlUnwind
GetCommandLineA
HeapSetInformation

user32

GetMessageA
LoadAcceleratorsA
UpdateWindow
ShowWindow
GetMenu
FindWindowW
GetCursorPos
IsDialogMessageA
RegisterClassW
LoadIconW
LoadCursorW
wsprintfA
PostMessageA
SetTimer
GetSysColorBrush
SendMessageW
BeginPaint
CreateWindowExA
KillTimer
SendMessageA
MapVirtualKeyA
GetKeyNameTextA
RegisterHotKey
GetDlgItem
InvalidateRect
GetClientRect
CreateWindowExW
SetWindowTextW
GetDC
ReleaseDC
MoveWindow
DestroyWindow
EndPaint
CreatePopupMenu
EnableMenuItem
PostQuitMessage
DefWindowProcA
SetRect
FillRect
DestroyIcon
GetSystemMetrics
GetWindowRect
SetWindowPos
DrawFrameControl
LoadCursorA

gdi32

CreatePalette
CreateFontIndirectA
GetStockObject
GetObjectA
CreatePen
CreateSolidBrush
Ellipse
FillRgn
GetSystemPaletteEntries
CreateCompatibleDC
SetViewportOrgEx
CreateCompatibleBitmap
DeleteDC
SaveDC
GetDeviceCaps
CreateFontA
TextOutA
RestoreDC
GetTextExtentPoint32A
CreateFontIndirectW
DeleteObject
SelectObject

winspool.drv

OpenPrinterW

comdlg32

ChooseFontA
FindTextW
FindTextA

advapi32

GetOldestEventLogRecord
OpenEventLogW
ReadEventLogA

shell32

Shell_NotifyIconA

ole32

CreateAntiMoniker

ws2_32

WSAGetLastError
WSACreateEvent

iphlpapi

NotifyRouteChange

comctl32

InitCommonControlsEx
ord6

gdiplus

GdipCreateHBITMAPFromBitmap
GdiplusStartup
GdipCreateBitmapFromFile
GdipDisposeImage

winhttp

WinHttpGetIEProxyConfigForCurrentUser

msi

ord108

aclui

ord1

Sections

.text
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hera
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kedata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bidata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24d98cdee96c7d87c2a06f718873b6b4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

ws2_32

iphlpapi

comctl32

gdiplus

winhttp

msi

aclui

Sections

.text Size: 424KB - Virtual size: 423KB

.rdata Size: 71KB - Virtual size: 71KB

.data Size: 6KB - Virtual size: 13KB

.hera Size: 3KB - Virtual size: 3KB

.kedata Size: 3KB - Virtual size: 3KB

.bidata Size: 7KB - Virtual size: 7KB

.rsrc Size: 21KB - Virtual size: 21KB

.text
Size: 424KB - Virtual size: 423KB

.rdata
Size: 71KB - Virtual size: 71KB

.data
Size: 6KB - Virtual size: 13KB

.hera
Size: 3KB - Virtual size: 3KB

.kedata
Size: 3KB - Virtual size: 3KB

.bidata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 21KB - Virtual size: 21KB