a0a247ab2e3d491d1e9269a1314901ed34583755ad0ff76bd7768d0ae04070f1

Sharing

Copy URL Twitter E-mail

General

Target

a0a247ab2e3d491d1e9269a1314901ed34583755ad0ff76bd7768d0ae04070f1
Size

487KB
MD5

62b3a03b3bcf0daddfdcce62a0026a80
SHA1

4c86db564e3e3129ca1a4682a535b512463cc254
SHA256

a0a247ab2e3d491d1e9269a1314901ed34583755ad0ff76bd7768d0ae04070f1
SHA512

07c87a130aa88c0ac9916306141ddbdde8e3784820fbb017120a7381a63e6428d606909ef09232f43070aa1fae75631cf5a6916ef732a4c7bb71d1a66e821011
SSDEEP

6144:XAGKmFu4mw6VSULIZBAKoSQD61EawDaOwGZKDxYcGAn6h+g0IYi5gOkjGjPDO:XAGKk9n6SU8RteDZwYlA6h+K5VkjGzy

Score

N/A

Malware Config

Signatures

Files

a0a247ab2e3d491d1e9269a1314901ed34583755ad0ff76bd7768d0ae04070f1
.exe windows x86

f172e5eacee398c116cae80a772537dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

LoadLibraryW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
SetFilePointer
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
CreateFileW
GetConsoleCP
WideCharToMultiByte
WriteFile
RtlUnwind
ExitProcess
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
IsBadReadPtr
HeapValidate
SetLastError
GetModuleHandleW
GetVolumeInformationA
GetStringTypeW
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
EncodePointer
DecodePointer
LCMapStringW
IsProcessorFeaturePresent
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
FlushFileBuffers
SetStdHandle
SetEndOfFile
GetProcessHeap
CloseHandle
CreateToolhelp32Snapshot
GetModuleHandleA
Process32Next
GetLastError
GlobalUnlock
ReadFile
HeapCreate
GlobalAlloc
GlobalLock
Process32First
CreateFileA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetConsoleMode
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
TlsFree
Sleep
HeapAlloc
GetFileSize
GetProcAddress
RaiseException

user32

EndDeferWindowPos
FindWindowA
CallWindowProcA
MoveWindow
LoadCursorA
SendMessageA
SetClipboardData
SetWindowTextA
BeginDeferWindowPos
DeferWindowPos
OpenClipboard
CheckRadioButton
EndPaint
CloseClipboard
ScreenToClient
GetWindowRect
CreateDialogParamA
InsertMenuItemA
RegisterClassExA
SendDlgItemMessageA
CopyImage
LoadIconA
GetClientRect
GetMenuCheckMarkDimensions
SetFocus
GetDC
GetMenu
GetWindowTextA
GetWindowLongA
CreateWindowExA
ReleaseDC
EmptyClipboard
GetDlgItem
EndDialog
DefWindowProcA
GetDesktopWindow
ShowWindow

gdi32

CreateCompatibleDC
PatBlt
SetViewportOrgEx
SetWindowExtEx
DeleteDC
Polygon
CreateFontIndirectA
DeleteObject
SelectObject
CreateSolidBrush
SetMapMode
CreateCompatibleBitmap
Ellipse
CreatePen
SetViewportExtEx
GetStockObject

advapi32

RegQueryValueExA
RegOpenKeyExA

ole32

CreateStreamOnHGlobal
CoInitialize
CoTaskMemAlloc
CoCreateInstance

oleaut32

OleLoadPicture
OleSavePictureFile

odbc32

ord1
ord2

comctl32

CreateToolbarEx
InitCommonControlsEx

pdh

PdhUpdateLogFileCatalog
PdhSetCounterScaleFactor

imm32

ImmGetDefaultIMEWnd

msi

ord204

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f172e5eacee398c116cae80a772537dd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

odbc32

comctl32

pdh

imm32

msi

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 106KB - Virtual size: 105KB

.data Size: 146KB - Virtual size: 153KB

.rsrc Size: 86KB - Virtual size: 86KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 106KB - Virtual size: 105KB

.data
Size: 146KB - Virtual size: 153KB

.rsrc
Size: 86KB - Virtual size: 86KB

.reloc
Size: 15KB - Virtual size: 15KB