c5f88c5cfe63bd895a4ce39b771af42ae9933e4e29d3b0d59c9ec3678fa28c11

Sharing

Copy URL Twitter E-mail

General

Target

c5f88c5cfe63bd895a4ce39b771af42ae9933e4e29d3b0d59c9ec3678fa28c11
Size

314KB
MD5

41163a2319e33733e964ea39a2a06c8b
SHA1

c505b82bbd91be663dead9ad98b4b5d4f348c795
SHA256

c5f88c5cfe63bd895a4ce39b771af42ae9933e4e29d3b0d59c9ec3678fa28c11
SHA512

ac49c441b60a26da69bf32f9e08f36ca04b9993d0946fe6653f1bb083df41188fb826265d8bb277a0d2cd313c10ea631b8605adb9dcef2ce8791875659f6322d
SSDEEP

6144:8wTU5yzQvuAdda5qBGlPCD/DJT9V1rIII7eUdmfWBqEnu5lzEDG7K0hA4e:8wTCyzQGAddC+GlPsFT9VlHUxqEuKX0k

Score

N/A

Malware Config

Signatures

Files

c5f88c5cfe63bd895a4ce39b771af42ae9933e4e29d3b0d59c9ec3678fa28c11
.exe windows x86

d803c9240f93d6399fc9bd541b2a352d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetACP
GetCPInfo
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
GetOEMCP
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
FindResourceA
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetLastError
IsValidCodePage
RtlUnwind
LoadLibraryW
HeapSize
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
GetStringTypeW
SetFilePointer
WriteConsoleW
SetStdHandle
Sleep
TlsFree
HeapCreate
MultiByteToWideChar
LoadResource
SizeofResource
LockResource
GlobalLock
lstrlenA
GlobalUnlock
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
HeapAlloc
GetProcessHeap
OpenProcess
CloseHandle
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
HeapFree
IsDebuggerPresent
GetStartupInfoA
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
HeapSetInformation
GetCommandLineA
CreateFileW

user32

IsClipboardFormatAvailable
GetSysColor
SetWindowContextHelpId
GetDlgItem
LoadCursorA
LoadIconA
InflateRect
SendDlgItemMessageA
CreateWindowExA
SetTimer
KillTimer
DefWindowProcA
FindWindowA
GetWindowTextA
FindWindowExA
SetActiveWindow
GetLastActivePopup
AnyPopup
OffsetRect
IsIconic
InvalidateRect
GetSystemMetrics
EndPaint
GetWindowThreadProcessId
AttachThreadInput
BringWindowToTop
SetForegroundWindow
BeginPaint
MessageBoxA
OpenClipboard
GetClipboardData
CloseClipboard
GetParent
ModifyMenuA
GetMenu
GetSubMenu
SetMenuItemInfoA
CreatePopupMenu
InsertMenuItemA
SetWindowLongA
GetUserObjectSecurity
SetUserObjectSecurity
ShowWindow
GetForegroundWindow
SendMessageA
GetWindowWord
GetDC
GetClientRect

gdi32

CreateCompatibleDC
GetObjectA
SelectObject
SetTextColor
SetBkColor
BitBlt
DeleteObject
DeleteDC
MoveToEx
LineTo
SetBkMode
TextOutA
Rectangle
SaveDC
SetWindowExtEx
Ellipse
SetTextAlign
RestoreDC
CreateBitmap
StretchBlt
EnumFontsA
ChoosePixelFormat

comdlg32

GetSaveFileNameA

advapi32

GetSecurityDescriptorDacl
AddAccessAllowedAce
AddAce
GetAce
InitializeAcl
GetAclInformation
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

shell32

SHGetDesktopFolder

psapi

GetModuleFileNameExA

avifil32

AVIMakeCompressedStream
AVIStreamSetFormat
AVIStreamRelease

msacm32

acmStreamOpen
acmStreamPrepareHeader
acmStreamClose

winmm

mmioOpenA
mmioClose

comctl32

ord6
ord17

pdh

PdhUpdateLogA
PdhOpenLogA
PdhAddCounterA
PdhOpenQueryA

rpcrt4

UuidCreateSequential

tapi32

lineSetTollListA

Exports

Exports

In

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tor
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d803c9240f93d6399fc9bd541b2a352d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

psapi

avifil32

msacm32

winmm

comctl32

pdh

rpcrt4

tapi32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 240KB - Virtual size: 239KB

.data Size: 4KB - Virtual size: 11KB

.tor Size: 10KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 240KB - Virtual size: 239KB

.data
Size: 4KB - Virtual size: 11KB

.tor
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 1KB