da1a98c59f35e74b65c5c343dfcf65450b9995bd63837e8387fc46cfaeec9cda

Sharing

Copy URL Twitter E-mail

General

Target

da1a98c59f35e74b65c5c343dfcf65450b9995bd63837e8387fc46cfaeec9cda
Size

547KB
MD5

762c65a8bbe234c14fb4c4d3215c7f48
SHA1

58dd2cfe18b562e37f490f1e5ad642ada64657eb
SHA256

da1a98c59f35e74b65c5c343dfcf65450b9995bd63837e8387fc46cfaeec9cda
SHA512

80a97fa25318b7f4508c4f0c7105e356720052655178d8550151d6d49f65d68f220ee77ca32b9ca3a0aa9002d6cdb8587e7d24aa3451421d9d8e14199198df12
SSDEEP

12288:dYhPnr2k7vSueOVkJAY7g/evaSqEbmUQRcVUnb70:dYh/feOVkJqGlm/c670

Score

N/A

Malware Config

Signatures

Files

da1a98c59f35e74b65c5c343dfcf65450b9995bd63837e8387fc46cfaeec9cda
.exe windows x86

48f072a608161ce8b5a64e0ea0f579a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

GetEnvironmentStringsW
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetLocaleInfoW
SetFilePointer
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetHandleCount
LoadLibraryW
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
SetLastError
GetStringTypeW
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
SetStdHandle
CreateFileW
SetEndOfFile
GlobalAlloc
CreateFileA
CloseHandle
WriteFile
GetLastError
CreatePipe
IsValidCodePage
GetOEMCP
GetACP
HeapFree
HeapQueryInformation
WaitForMultipleObjects
GetFullPathNameA
lstrlenA
WaitForSingleObject
HeapSize
HeapReAlloc
GetModuleFileNameA
HeapAlloc
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
GetCPInfo
HeapCreate
lstrcpyA
GetSystemTime
GetProcAddress
Sleep
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
GetStartupInfoW
HeapSetInformation
GetModuleHandleA
TlsFree
LoadLibraryA
GetCommandLineA
ExitProcess
GetModuleHandleW
RtlUnwind
RaiseException
GetModuleFileNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsBadReadPtr
HeapValidate
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
GetProcessHeap

user32

ReleaseDC
MessageBoxA
RegisterClassW
LoadIconW
SetRect
IntersectRect
EnumWindowStationsW
DeleteMenu
GetWindowTextLengthA
GetScrollInfo
BeginPaint
LoadCursorW
SetCursor
LoadCursorA
TrackPopupMenu
GetCursorPos
CreatePopupMenu
GetDlgItemTextW
DestroyAcceleratorTable
DefWindowProcA
UpdateWindow
ScrollWindow
SetScrollInfo
SystemParametersInfoA
GetDC
InvalidateRect
GetClientRect
PostQuitMessage
WindowFromDC
CharLowerBuffA
SendMessageA
GetWindowTextA
InsertMenuItemA
CreateMenu
EndPaint

gdi32

CreateFontIndirectA
DeleteDC
GetCharWidth32A
DeleteObject
GetCurrentObject
GetObjectA
GetTextMetricsA
TextOutA
SetTextAlign
StartDocA
StartPage
EndPage
EndDoc

winspool.drv

EnumPrintersA
OpenPrinterA
ClosePrinter
GetPrinterA
EnumJobsA

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyW

ole32

OleInitialize
StgCreateDocfile
CoUnmarshalInterface
OleIsCurrentClipboard
CoGetMalloc

ws2_32

WSCEnumProtocols

avifil32

AVIFileRelease
AVIFileInfoA
AVIFileOpenA
AVIFileInit

msacm32

acmDriverOpen
acmMetrics

winmm

PlaySoundA

iphlpapi

IcmpCloseHandle
IcmpCreateFile

rpcrt4

RpcStringFreeA
UuidCreate
UuidToStringA

opengl32

wglGetCurrentDC

Sections

.text
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 211KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48f072a608161ce8b5a64e0ea0f579a9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

ws2_32

avifil32

msacm32

winmm

iphlpapi

rpcrt4

opengl32

Sections

.text Size: 207KB - Virtual size: 206KB

.rdata Size: 87KB - Virtual size: 86KB

.data Size: 211KB - Virtual size: 219KB

.rsrc Size: 41KB - Virtual size: 40KB

.text
Size: 207KB - Virtual size: 206KB

.rdata
Size: 87KB - Virtual size: 86KB

.data
Size: 211KB - Virtual size: 219KB

.rsrc
Size: 41KB - Virtual size: 40KB