97b9186181b7a5eb409dd7e241c2ed1974666f7aef98c549e088d977e544d931

Sharing

Copy URL Twitter E-mail

General

Target

97b9186181b7a5eb409dd7e241c2ed1974666f7aef98c549e088d977e544d931
Size

237KB
MD5

69161bde8f9382ac3ef83fc9b9fc70c0
SHA1

9b962cc86ff66b0951b066a4b79aced0b0b13f56
SHA256

97b9186181b7a5eb409dd7e241c2ed1974666f7aef98c549e088d977e544d931
SHA512

68e1dbfecb54bc53637bf4119773a251b5b795cd34f3370ae78eab61a7d3961141d1b4461409a1e0d6becf92a369696e00bfc50914cf185182cd02e917ac31fd
SSDEEP

6144:n3xUWzBqHyQ/5acHV4F/owhHg6kyaAzExR4bA97zYL:DNqSQ/PGtd1gQdzqkA97ML

Score

N/A

Malware Config

Signatures

Files

97b9186181b7a5eb409dd7e241c2ed1974666f7aef98c549e088d977e544d931
.exe windows x86

2f6b7f6583bc5575d32ec74e6d9d9ed4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ExtEscape
CreateDCA
DeleteDC
DdEntry25
DeleteObject
SetROP2
DeleteColorSpace
GdiGetPageCount
CLIPOBJ_bEnum
SetBkColor
GetMiterLimit
DdEntry38
CreateSolidBrush
EngUnicodeToMultiByteN
GetGlyphIndicesW
BRUSHOBJ_ulGetBrushColor
SetWinMetaFileBits
CreateCompatibleDC
DdEntry9
GetRegionData
DrawEscape
CreatePen
GetDCPenColor
STROBJ_bGetAdvanceWidths
GetEUDCTimeStamp
CreateDCW
RealizePalette
SetLayoutWidth
PolyBezier
GetViewportExtEx
SetMapperFlags
GetBoundsRect
GetStretchBltMode
GetTextExtentPointI
DdEntry28
DdEntry50
EudcUnloadLinkW
DdEntry12
EngCreateDeviceBitmap
GetStringBitmapA
GetTextExtentPointW
EngMultiByteToWideChar
ClearBrushAttributes
GetPath
cGetTTFFromFOT
StretchBlt
GetGlyphOutlineWow
CreateBitmap
RestoreDC
GetBrushAttributes
DdEntry43
DdEntry2
DdEntry40

msvcrt

_initterm
__CxxFrameHandler
malloc
free

kernel32

Sleep
ReleaseMutex
GetThreadPriorityBoost
ExpungeConsoleCommandHistoryA
GetEnvironmentStrings
GetPrivateProfileStructA
WaitForMultipleObjectsEx
GetSystemTime
RequestDeviceWakeup
GetWindowsDirectoryW
SetEnvironmentVariableA
FoldStringA
FindFirstFileW
LocalSize
CreateJobSet
IsDBCSLeadByte
DnsHostnameToComputerNameA
MoveFileExW
GetDevicePowerState
IsBadReadPtr
BuildCommDCBA
GetLocaleInfoA
EnumLanguageGroupLocalesA
SetConsoleCursorInfo
RtlMoveMemory
GetBinaryTypeW
GetLogicalDriveStringsA
WaitNamedPipeW
GetDriveTypeW
QueryMemoryResourceNotification
SetMessageWaitingIndicator
GetVolumePathNameA
GetConsoleTitleA
FindNextFileA
GetDiskFreeSpaceW
lstrcpynW
SetTapePosition
FreeLibrary
lstrcatA
GetConsoleSelectionInfo
lstrcpynA
SetTermsrvAppInstallMode
RemoveDirectoryA
GetConsoleInputExeNameA
BaseCleanupAppcompatCacheSupport
GetTapeStatus
FindVolumeClose
CreateDirectoryExA
CreateDirectoryW
CreateFileW
GlobalCompact
ReadFile
FindFirstFileExA
GetVolumePathNameW
VerifyVersionInfoA
LZCreateFileW
GetNamedPipeInfo
FindFirstChangeNotificationA
MapViewOfFile
OpenSemaphoreW
DelayLoadFailureHook
WritePrivateProfileSectionW
CreateEventW
SetConsoleInputExeNameA
FindResourceW
IsValidLanguageGroup
GetCalendarInfoA
Heap32Next
IsBadStringPtrA
FindFirstChangeNotificationW
WaitCommEvent
BuildCommDCBW
EnumDateFormatsA
CreateProcessW
LoadLibraryW
HeapValidate
FormatMessageW
DebugBreak
SetConsoleDisplayMode
GetFullPathNameW
WriteFileGather
GetBinaryTypeA
GlobalReAlloc
GetNumberOfConsoleMouseButtons
GetConsoleProcessList
LocalAlloc
SetCalendarInfoW
ShowConsoleCursor
SwitchToFiber
GetSystemWow64DirectoryW
GetConsoleOutputCP
TlsGetValue
CreateTimerQueue
WideCharToMultiByte
WritePrivateProfileStringA
GetConsoleScreenBufferInfo
GetNumaAvailableMemoryNode
lstrcmpiA
ExitThread
EraseTape
GetConsoleAliasA
SetFileShortNameW
VerSetConditionMask
LoadLibraryExW
GetConsoleDisplayMode
CreateNamedPipeW
CreateDirectoryA
GetStringTypeW
GetConsoleCursorInfo
GlobalUnlock
SetComputerNameA
GetConsoleTitleW
GetFileSizeEx
HeapQueryInformation
VirtualFreeEx
HeapAlloc
GetConsoleCharType
GetStringTypeExA
ReadFileEx
CloseHandle
DosPathToSessionPathW
Module32NextW
GetProfileIntA
InitAtomTable
SetFileShortNameA
WTSGetActiveConsoleSessionId
GetFileAttributesExW
GetHandleInformation
SystemTimeToFileTime
GetModuleHandleA
GetTickCount
LoadLibraryA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
lstrlenA

user32

AllowForegroundActivation
EnumPropsExW
TileWindows
EndMenu
SendNotifyMessageW
DdePostAdvise
DrawStateA
MapVirtualKeyA
SendDlgItemMessageW
ClientToScreen
IsCharLowerW
QuerySendMessage
IMPSetIMEA
CreateIcon
IsClipboardFormatAvailable
GetScrollInfo
SetWindowWord
SetLayeredWindowAttributes
User32InitializeImmEntryTable
UserLpkPSMTextOut
ChildWindowFromPoint
RegisterClipboardFormatA
DdeEnableCallback
InSendMessageEx
ResolveDesktopForWOW
CliImmSetHotKey
GetWinStationInfo
GetDlgCtrlID
GetCapture
UnregisterClassA
DisplayExitWindowsWarnings
SetMessageQueue
OpenIcon
SetDlgItemInt
GetWindowTextLengthA
TranslateAcceleratorA
SetWindowTextA
GetClientRect
OemToCharBuffA
GetWindow
wvsprintfA
TabbedTextOutW
GetClassWord
CreateDialogParamA
CallNextHookEx
SetTaskmanWindow
SetProgmanWindow
TranslateAccelerator
ScrollDC
FlashWindowEx
FreeDDElParam
SetKeyboardState
IsServerSideWindow
DrawTextExA
IsZoomed
GetIconInfo
DispatchMessageA
UserRegisterWowHandlers
LoadCursorW
SetDlgItemTextA
EnumChildWindows
PostThreadMessageA
CreateMDIWindowW
GetComboBoxInfo
CallMsgFilterA
GetDlgItemTextA
GetWindowTextA
SetTimer
SendMessageA
KillTimer
PostQuitMessage
DefWindowProcA
LoadMenuA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
UpdateWindow
GetMessageA
TranslateMessage

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CODE
Size: 4KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 157KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f6b7f6583bc5575d32ec74e6d9d9ed4

Headers

File Characteristics

Imports

gdi32

msvcrt

kernel32

user32

Sections

.text Size: 50KB - Virtual size: 50KB

.pdata Size: 2KB - Virtual size: 10KB

.rdata Size: 7KB - Virtual size: 7KB

CODE Size: 4KB - Virtual size: 71KB

.data Size: 157KB - Virtual size: 347KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 50KB - Virtual size: 50KB

.pdata
Size: 2KB - Virtual size: 10KB

.rdata
Size: 7KB - Virtual size: 7KB

CODE
Size: 4KB - Virtual size: 71KB

.data
Size: 157KB - Virtual size: 347KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB