f32f1e2eaee5eb35e8c3489c2e8561b66db0d2e0fd2da52c428dc385010eb8f2

Sharing

Copy URL Twitter E-mail

General

Target

f32f1e2eaee5eb35e8c3489c2e8561b66db0d2e0fd2da52c428dc385010eb8f2
Size

131KB
MD5

5eb2019cda753745fdc8b57f1c6a7c21
SHA1

a4f1a39fd171af492af5e6cb19acebb27d86c4e1
SHA256

f32f1e2eaee5eb35e8c3489c2e8561b66db0d2e0fd2da52c428dc385010eb8f2
SHA512

d05ede54895e9d8b50621dc5df0a5ce767968abd99e9f07af608c0563d18958f7ce45677882326026568d4a27251f1aeee8c9e053f678abcf002bcf0d6bb4a66
SSDEEP

3072:XrECa8nQY9hbRmIKzbt9dheY3/goaK+mn99Ja:7Ed8nQQbRknjdgi139

Score

N/A

Malware Config

Signatures

Files

f32f1e2eaee5eb35e8c3489c2e8561b66db0d2e0fd2da52c428dc385010eb8f2
.exe windows x86

42d55c011bb884eaa31c1aee664680ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
EnterCriticalSection
GetSystemTimeAsFileTime
InterlockedIncrement
OutputDebugStringW
UnhandledExceptionFilter
lstrcmpiW
CreateMutexW
WideCharToMultiByte
WaitForSingleObject
VirtualFree
GetModuleFileNameW
TerminateProcess
HeapFree
CreateThread
IsDebuggerPresent
SetLastError
SizeofResource
LoadLibraryExW
ReleaseMutex
InterlockedExchange
BuildCommDCBA
SetEvent
FlushInstructionCache
WaitForMultipleObjects
MultiByteToWideChar
CreateEventW
VirtualAlloc
FreeLibrary
GetCurrentProcess
InterlockedCompareExchange
TerminateThread
DeleteCriticalSection
Sleep
lstrlenW
FormatMessageW
LocalFree
GetCurrentThreadId
GetCurrentProcessId
FindResourceW
QueryPerformanceCounter
SetUnhandledExceptionFilter
LoadResource
GetProcessHeap
LoadLibraryA
ResetEvent
LeaveCriticalSection
GetProcAddress
CloseHandle
GetModuleHandleW
GetPriorityClass
InitializeCriticalSection
ExitProcess
GetVersionExW
InterlockedDecrement
IsProcessorFeaturePresent
RaiseException
GetStartupInfoW
LoadLibraryW
GetVersion
VirtualProtect
GetLastError
GetTickCount
lstrlenA
WaitNamedPipeW

user32

CallWindowProcW
SetMenuItemInfoW
GetSysColorBrush
SetMenuDefaultItem
LoadImageW
DestroyMenu
RegisterWindowMessageW
GetMenuItemCount
SetTimer
PostMessageW
FillRect
TrackPopupMenu
GetClassInfoExW
KillTimer
CreateWindowExW
PostQuitMessage
DestroyIcon
GetSysColor
GetSubMenu
GetSystemMetrics
AppendMenuW
DefWindowProcW
LoadStringW
DispatchMessageW
SystemParametersInfoW
DrawIconEx
IsWindow
DrawTextW
GetMenuItemInfoW
ReleaseDC
SetForegroundWindow
FindWindowW
LoadCursorW
GetDoubleClickTime
GetDC
SetWindowLongW
CreatePopupMenu
TranslateMessage
RegisterClassExW
UnregisterClassA
GetWindowLongW
GetCursorPos
LoadMenuW
GetMessageW
CharNextW
DeleteMenu
DestroyWindow
IsMenu

gdi32

SetBkColor
SelectObject
CreateFontIndirectW
SetTextColor
DeleteObject

advapi32

RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegNotifyChangeKeyValue
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
GetUserNameA
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc
CoUninitialize
CoInitialize

oleaut32

VarUI4FromStr

wldap32

ord197

avifil32

EditStreamSetInfoA

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42d55c011bb884eaa31c1aee664680ed

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

wldap32

avifil32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 35KB - Virtual size: 114KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 35KB - Virtual size: 114KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 1KB - Virtual size: 1KB