518480ade4ead37806213fc501456bc170bb49da6dec9a1e92935a4e1c179e2f

Sharing

Copy URL Twitter E-mail

General

Target

518480ade4ead37806213fc501456bc170bb49da6dec9a1e92935a4e1c179e2f
Size

232KB
MD5

72ca630cc84b91be8a9c2e437d60e1e0
SHA1

795c08cf0e6ed5a9fea7eeadebd1c79803be6baa
SHA256

518480ade4ead37806213fc501456bc170bb49da6dec9a1e92935a4e1c179e2f
SHA512

30df6f98318df9376582ba6cce179a7f77c90bfb97d84cc760ab99f28cbb016a3937a2d77ea65253910fafb3cc46fb6581bb1f211a42bcb0d90abcffe089576e
SSDEEP

3072:MUReMsDbvTX5jxE0EtNBwsYdxYR+L1lT8GK+0t9PS3cPEgcBCFEMf1IajhtHRbqZ:XrsvTpjy0EtELNm+0a3ZMSajXxA0U

Score

N/A

Malware Config

Signatures

Files

518480ade4ead37806213fc501456bc170bb49da6dec9a1e92935a4e1c179e2f
.exe windows x86

514abe493523b98438aa308edba3ffe5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetSystemTimeAsFileTime
GetCurrentProcessId
RtlUnwind
QueryPerformanceCounter
LocalAlloc
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LCMapStringW
GetStringTypeW
HeapReAlloc
HeapSize
CompareStringW
SetEnvironmentVariableA
SetFilePointer
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleW
GetSystemTime
LocalFree
CloseHandle
GetVersionExA
GetTickCount
GetLastError
SetThreadLocale
GlobalUnlock
lstrlenW
ReadFile
HeapCreate
Sleep
LoadLibraryW
GlobalAlloc
CreateFileA
WriteFile
GlobalLock
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapAlloc
lstrlenA
GetFileSize
DeleteCriticalSection
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetFileAttributesA
GetTimeZoneInformation
WideCharToMultiByte
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameW
CreateFileW

user32

LoadCursorA
CopyRect
ActivateKeyboardLayout
RegisterClassA
UpdateWindow
MapWindowPoints
GetSystemMetrics
EndPaint
SetCursor
GetWindowRect
PostQuitMessage
DrawTextA
SetForegroundWindow
GetParent
LoadIconA
wsprintfA
GetClientRect
SetFocus
SendMessageA
BeginPaint
GetClassInfoW
GetDC
SetDlgItemInt
MessageBoxA
InvalidateRect
UnregisterClassA
GetWindowLongA
GetClipboardData
CreateWindowExA
ReleaseDC
GetDlgItem
EndDialog
DefWindowProcA
ShowWindow
GetActiveWindow
GetClassInfoA
AdjustWindowRectEx
RegisterClassW

gdi32

CreateSolidBrush
MoveToEx
BitBlt
LineTo
SetWindowExtEx
SetTextColor
GetDeviceCaps
CreateFontIndirectA
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
Ellipse
SaveDC
GetTextExtentPointA
CreatePen
SetViewportExtEx
GetObjectA
TextOutW
GetStockObject
CloseMetaFile
RestoreDC
TextOutA

advapi32

CryptDestroyHash
RegQueryValueExA
CryptReleaseContext
CryptAcquireContextA
CryptGetUserKey
CryptDecrypt
CryptVerifySignatureA
CryptDestroyKey
CryptCreateHash
CryptImportKey
RegOpenKeyExA
CryptGetKeyParam

ole32

CreateBindCtx

oleaut32

OleTranslateColor

crypt32

CryptImportPublicKeyInfo
CryptDecodeObjectEx
CryptStringToBinaryA

shlwapi

StrDupA
PathFindFileNameW

msi

ord121
ord64
ord17
ord124
ord8
ord103

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

514abe493523b98438aa308edba3ffe5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

crypt32

shlwapi

msi

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 99KB - Virtual size: 98KB

.data Size: 42KB - Virtual size: 49KB

.rsrc Size: 33KB - Virtual size: 32KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 99KB - Virtual size: 98KB

.data
Size: 42KB - Virtual size: 49KB

.rsrc
Size: 33KB - Virtual size: 32KB