a247ecac097c896bd096323ce8511c36f05d38a39920c0ca9b8104cdaf5ed2f5

Sharing

Copy URL Twitter E-mail

General

Target

a247ecac097c896bd096323ce8511c36f05d38a39920c0ca9b8104cdaf5ed2f5
Size

310KB
MD5

746e8c31ef496d7ae149c6ba601b5450
SHA1

2aefaf8b5d6ac96b8798bb4611476b718470af47
SHA256

a247ecac097c896bd096323ce8511c36f05d38a39920c0ca9b8104cdaf5ed2f5
SHA512

a7e51fc102008d1b7c289fa9da0f0ae0fe0b0d645d9764bca164491ee1b40a82ab779745e9f96519b5584534b4d2deead4bdb989ba711b6bc2a93b1b08ca5ede
SSDEEP

6144:5bYT8lWSKq32cmbxj2V35bOtAmoE4C3MzBfYSNy:dlW/Q2cmVj2VhOtRojC3iVYSNy

Score

N/A

Malware Config

Signatures

Files

a247ecac097c896bd096323ce8511c36f05d38a39920c0ca9b8104cdaf5ed2f5
.exe windows x86

a60dfe46bb2757d4f4538eae7fc17eb8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
QueryPerformanceCounter
SetStdHandle
WriteConsoleW
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetModuleFileNameW
LoadLibraryW
GetStringTypeW
LCMapStringW
MultiByteToWideChar
HeapSize
lstrlenW
GetCurrentProcessId
CreateFileA
GetFileSize
lstrcpyA
GetProcessTimes
GetProcessHeaps
LocalAlloc
GetProcAddress
GetSystemTimeAsFileTime
GetCurrentProcess
HeapReAlloc
WideCharToMultiByte
CreateEventA
SetEvent
GetModuleFileNameA
GlobalAlloc
GlobalFree
CloseHandle
WaitForSingleObject
GetLastError
GetTickCount
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
WriteFile
ExitProcess
IsValidCodePage
GetOEMCP
CreateFileW
GetACP
GetCPInfo
HeapCreate
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
Sleep
LoadLibraryA
RaiseException
RtlUnwind
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
IsProcessorFeaturePresent
EncodePointer
DecodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
UnhandledExceptionFilter

user32

SendMessageA
EndDialog
InvalidateRect
SetDlgItemInt
SetActiveWindow
SetDlgItemTextA
WinHelpW
SetTimer
SetCapture
ShowWindow
MessageBoxA
DrawTextA
LoadIconW
MessageBoxW
wsprintfA
GetDlgItem
GetSysColor
GetDC
WindowFromDC
GetClientRect
SetRect
FillRect

gdi32

CreateSolidBrush
SetBkMode
SetBkColor
DeleteObject
EnumFontFamiliesA
SetTextColor

comdlg32

GetFileTitleW
ReplaceTextW

advapi32

GetTokenInformation
FreeSid
OpenSCManagerW
OpenProcessToken
DuplicateTokenEx
AllocateAndInitializeSid
EqualSid
LookupAccountSidA

shell32

SHGetFileInfoW
SHGetFileInfoA
SHGetFolderPathW

ole32

CoInitialize
CoGetObject
CoUninitialize

oleaut32

VariantClear
VariantChangeType
OleTranslateColor

psapi

GetProcessMemoryInfo

userenv

CreateEnvironmentBlock

shlwapi

StrDupA

wtsapi32

WTSQueryUserToken
WTSEnumerateSessionsA

authz

AuthzFreeResourceManager
AuthzInitializeResourceManager

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a60dfe46bb2757d4f4538eae7fc17eb8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

psapi

userenv

shlwapi

wtsapi32

authz

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 111KB - Virtual size: 118KB

.rsrc Size: 79KB - Virtual size: 79KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 111KB - Virtual size: 118KB

.rsrc
Size: 79KB - Virtual size: 79KB