25e558fccb12d7ee4d1dac8ed382c85dae853108da7a773da8f5217448d4c890

Sharing

Copy URL

Twitter E-mail

General

Target

25e558fccb12d7ee4d1dac8ed382c85dae853108da7a773da8f5217448d4c890
Size

459KB
MD5

4094102f126ef11b043b800270141580
SHA1

ddf046bd998344e696d9156f01fa5304f6a77e6d
SHA256

25e558fccb12d7ee4d1dac8ed382c85dae853108da7a773da8f5217448d4c890
SHA512

797942814a080d0321b91a74eb0d874dfd855173d90f00b11f19b61e14f8422d9a5c596307ddaf75f18a3d962083c5abb2c1af823100c57d58bc266689d4e1d4
SSDEEP

12288:tAu/tdincdNd2/vMLukWtQTTsNlaq3x5CCiLwx2hPqR:nwjvKukbTTvix5XXSS

Score

N/A

Malware Config

Signatures

Files

25e558fccb12d7ee4d1dac8ed382c85dae853108da7a773da8f5217448d4c890
.exe windows x86

72fe81c4cfd8cf91fb327971869d39b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

gdi32

GetStockObject

dbghelp

SymSetOptions
SymInitialize
SymFromAddr

user32

FindWindowExW
LoadCursorW
RegisterClassW
CreateWindowExW
GetMessageW
TranslateMessage
SendMessageW
DefWindowProcW
RegisterDeviceNotificationW
UnregisterDeviceNotification
CharUpperA
CharLowerW
CharLowerA
UnregisterClassA
DispatchMessageW
CharUpperW

kernel32

GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
lstrlenA
lstrcmpiW
lstrcmpiA
lstrlenW
GetVersion
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetProcessHeap
GetTimeZoneInformation
GetLocaleInfoW
GetLastError
CreateEventW
SetEvent
GetOverlappedResult
ResetEvent
WaitForSingleObject
WaitForMultipleObjects
ReadFile
CloseHandle
FindClose
FlushFileBuffers
SetFilePointerEx
WriteFile
GetFileInformationByHandle
CreateFileW
GetFileAttributesW
SetEndOfFile
GetDiskFreeSpaceExW
DeleteFileW
CreateDirectoryW
RemoveDirectoryW
MoveFileW
SetLastError
FindNextFileW
FindFirstFileW
WideCharToMultiByte
MultiByteToWideChar
GetDriveTypeA
LeaveCriticalSection
EnterCriticalSection
CreateFileA
GetCurrentProcessId
InitializeCriticalSection
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetCurrentThreadId
GetLocalTime
LocalFree
FormatMessageW
DeviceIoControl
GetModuleFileNameA
ExpandEnvironmentStringsW
GetCurrentProcess
GetStdHandle
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
SetConsoleCtrlHandler
OutputDebugStringA
RtlUnwind
GetVersionExA
GetProcAddress
GetModuleHandleA
ExitProcess
HeapAlloc
HeapFree
ExitThread
CreateThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetCurrentThread
HeapReAlloc
HeapSize
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
FatalAppExitA
FreeLibrary
InterlockedExchange
LoadLibraryExA
VirtualAlloc
SetFilePointer
GetConsoleCP
GetConsoleMode
Sleep
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
VirtualProtect
GetSystemInfo
VirtualQuery

oleaut32

SysFreeString

Sections

.text
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

72fe81c4cfd8cf91fb327971869d39b2

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

dbghelp

user32

kernel32

oleaut32

Sections

.text Size: 324KB - Virtual size: 323KB

.rdata Size: 40KB - Virtual size: 40KB

.data Size: 6KB - Virtual size: 1.2MB

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 74KB - Virtual size: 76KB

.text
Size: 324KB - Virtual size: 323KB

.rdata
Size: 40KB - Virtual size: 40KB

.data
Size: 6KB - Virtual size: 1.2MB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 74KB - Virtual size: 76KB