f174021d13d4402bddfe0f2e96ca22d09500055746c468d0782d72bb013b1c53

Sharing

Copy URL Twitter E-mail

General

Target

f174021d13d4402bddfe0f2e96ca22d09500055746c468d0782d72bb013b1c53
Size

350KB
MD5

6b4419edf145824f53de39016ff8bfcb
SHA1

f60907d6cc7a936884072cc409984708cd4fb059
SHA256

f174021d13d4402bddfe0f2e96ca22d09500055746c468d0782d72bb013b1c53
SHA512

60275bc8348cd3a1ad5adcbea578b8ae72ebef9f24bcc2c4a5f0aa9b5d0ee8e15af2179b23518a0ae1912056ff99e595a62688c959c9aab1b3a83b52c8ec31c0
SSDEEP

6144:Lehw8eDKEO72pFqg6UYUvJKnnYHFrtGaD2oqqr1TIIdrerohKN+ST:L1GELN6UYUvJonAFJGaDRqqhyIA+c

Score

N/A

Malware Config

Signatures

Files

f174021d13d4402bddfe0f2e96ca22d09500055746c468d0782d72bb013b1c53
.exe windows x86

3619ebe02faecc6ace4ab5246c45217f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

LoadLibraryW
TlsAlloc
TlsGetValue
GetConsoleCP
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
HeapSize
GetConsoleMode
HeapReAlloc
FlushFileBuffers
LCMapStringW
GetStringTypeW
LoadLibraryA
SetStdHandle
WriteConsoleW
GetLastError
lstrlenA
MultiByteToWideChar
GlobalAlloc
SetErrorMode
GetVolumeInformationA
ExitProcess
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
HeapCreate
GetProcAddress
SetLastError
GlobalMemoryStatusEx
CreateFileW
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleA
SetFilePointer
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
GetStartupInfoW
GetModuleHandleW
DecodePointer
HeapAlloc
GetCommandLineA
HeapSetInformation
CloseHandle

user32

wsprintfA
SendDlgItemMessageA
AdjustWindowRect
GetWindowLongA
SetRect
GetWindowDC
DdeInitializeA
DdeCreateStringHandleW
SendMessageA
CreateWindowExA
ShowWindow
UpdateWindow
DestroyWindow
PostQuitMessage
DispatchMessageA
GetClientRect
MapWindowPoints
GetCursorPos
PtInRect
WindowFromPoint
KillTimer
PostMessageA
GetDC
ReleaseDC
PeekMessageA
TranslateMessage
SetCapture
ClientToScreen
SetCursorPos
BeginPaint
EndPaint
ReleaseCapture
DefWindowProcA
MonitorFromWindow
GetMonitorInfoA
GetWindowInfo
InvalidateRect
CopyImage
GetIconInfo
DrawIconEx
DestroyIcon
LoadImageW
EqualRect
SetWindowTextA
LoadMenuA

gdi32

CreateDIBSection
GetObjectA
CreateCompatibleDC
SelectObject
SetStretchBltMode
StretchBlt
DeleteDC
SetDCPenColor
Rectangle
MoveToEx
LineTo
GetStockObject
GetCurrentObject
GetPaletteEntries
SetDIBColorTable
BitBlt
DeleteObject
GetDIBColorTable
CreateBitmap
SelectPalette
GetTextMetricsA
GetObjectW
PatBlt
GetNearestColor
CreateSolidBrush
GetClipBox
EnumFontsA
RealizePalette
CreateFontIndirectA
TextOutA
StartDocA

advapi32

CryptImportKey
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptEncrypt
CryptReleaseContext
CryptDestroyKey
CryptSetKeyParam
CryptAcquireContextA
LookupAccountSidA
GetTokenInformation
LookupPrivilegeNameA
AllocateAndInitializeSid
IsValidSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
IsValidAcl
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
CryptGetHashParam

ole32

CreateBindCtx
CoInitialize
CoCreateInstance

oleaut32

SysAllocStringLen

psapi

GetPerformanceInfo

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_Destroy
ImageList_DragEnter
ImageList_BeginDrag
ImageList_Add

rpcrt4

RpcServerListen
RpcServerRegisterIfEx
RpcServerUseProtseqEpA

dxva2

RestoreMonitorFactoryDefaults
SetMonitorDisplayAreaPosition

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3619ebe02faecc6ace4ab5246c45217f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

psapi

comctl32

rpcrt4

dxva2

Sections

.text Size: 155KB - Virtual size: 154KB

.rdata Size: 137KB - Virtual size: 137KB

.data Size: 3KB - Virtual size: 11KB

.rsrc Size: 53KB - Virtual size: 52KB

.text
Size: 155KB - Virtual size: 154KB

.rdata
Size: 137KB - Virtual size: 137KB

.data
Size: 3KB - Virtual size: 11KB

.rsrc
Size: 53KB - Virtual size: 52KB