948af02dbfa71f6264fc7dfd6dd02a41160084d8e20ae8d4fbdb1cd6922e0c38

Sharing

Copy URL Twitter E-mail

General

Target

948af02dbfa71f6264fc7dfd6dd02a41160084d8e20ae8d4fbdb1cd6922e0c38
Size

132KB
MD5

722025df06abca6d3d4bcddd2f704210
SHA1

6b2f312f862588580edea41fae8ee3b56d3d97ba
SHA256

948af02dbfa71f6264fc7dfd6dd02a41160084d8e20ae8d4fbdb1cd6922e0c38
SHA512

68370845caf11589798342530375cf9c344d10e457dd19a7c01a540a26058eb8e33b64818864d834162312c40ff83788ed6a39f72ed35131cc3fe35958be2a63
SSDEEP

3072:R0qvuYXSdsxOse4xwUa5aH8iIeAjG3wW5vhK:6fmqeeh/zYh

Score

N/A

Malware Config

Signatures

Files

948af02dbfa71f6264fc7dfd6dd02a41160084d8e20ae8d4fbdb1cd6922e0c38
.exe windows x86

d9c948f0568abc8842a4d3f592e17106

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
SetHandleCount
TlsAlloc
MultiByteToWideChar
FreeEnvironmentStringsA
GetCurrentThreadId
GetLastError
SetThreadPriority
LeaveCriticalSection
UnmapViewOfFile
GetFileAttributesExW
QueryPerformanceCounter
CreateEventW
SetFilePointerEx
SystemTimeToFileTime
GetThreadLocale
GetExitCodeProcess
WriteFile
RemoveDirectoryW
QueryPerformanceFrequency
FindFirstFileA
GetStringTypeA
GetACP
GetVersionExW
GetSystemDirectoryA
ReleaseSemaphore
WriteConsoleA
CreateSemaphoreW
HeapDestroy
RaiseException
InitializeCriticalSection
LCMapStringA
InterlockedExchange
GlobalMemoryStatus
GetLocaleInfoW
GetVolumeInformationW
GetCurrentDirectoryA
GetTimeZoneInformation
LocalFree
GetConsoleCP
DeleteFileW
GetOEMCP
FlushFileBuffers
WriteConsoleW
GetVersionExA
DeleteCriticalSection
ReadFile
GetCurrentThread
GetConsoleOutputCP
GetStdHandle
GetProcessTimes
VirtualFree
GetStartupInfoA
GetNumberOfConsoleInputEvents
HeapAlloc
PeekConsoleInputA
lstrcmpW
GetUserDefaultLCID
CompareStringW
HeapReAlloc
WaitForSingleObject
GetCommandLineA
WideCharToMultiByte
InterlockedDecrement
CreateFileMappingW
FlushConsoleInputBuffer
ExitThread
SetEvent
GetSystemTimeAsFileTime
GetStringTypeW
FreeEnvironmentStringsW
PeekNamedPipe
GetTickCount
CreateFileA
UnhandledExceptionFilter
GetEnvironmentStrings
OutputDebugStringW
IsValidLocale
GetCurrentProcess
GetCPInfo
ResetEvent
GetFileType
LoadLibraryA
SetUnhandledExceptionFilter
SetFileAttributesW
GetConsoleMode
lstrlenW
HeapSize
lstrlenA
EnumSystemLocalesA
InterlockedCompareExchange
FreeLibrary
GetLocaleInfoA
ResumeThread
TlsGetValue
VirtualAlloc
CreateMutexW
GetModuleHandleW
Sleep
GetFullPathNameA
GetFileAttributesW
LocalAlloc
lstrcmpiW
CompareStringA
ReleaseMutex
ReadConsoleInputA
CopyFileW
TlsSetValue
InterlockedIncrement
SetFilePointer
MapViewOfFile
FindFirstFileW
TlsFree
SetEnvironmentVariableA
GetModuleHandleA
SetEnvironmentVariableW
OpenMutexW
HeapFree
LCMapStringW
GetCurrentProcessId
CreateThread
SetStdHandle
FormatMessageA
EnterCriticalSection
SetLastError
GetTempPathW
FileTimeToLocalFileTime
HeapCreate
SetConsoleMode
FindNextFileW
IsValidCodePage
GetVersion
GetProcAddress
SleepEx
OpenFileMappingW
ExitProcess
CreateFileW
IsDebuggerPresent
GetDriveTypeA
CreateProcessW
FormatMessageW
SetEndOfFile
CreateDirectoryW
WaitForMultipleObjects
MoveFileW
ExpandEnvironmentStringsA
SetConsoleCtrlHandler
CloseHandle
GetFileInformationByHandle
FileTimeToSystemTime
TerminateProcess
GetModuleFileNameW
FindClose
GetProcessHeap
GetEnvironmentStringsW
GetSystemTime
GetSystemDefaultLangID
GetUserDefaultLangID
LoadLibraryW
VirtualProtectEx
OutputDebugStringA
RtlUnwind
GetModuleFileNameA

user32

wsprintfW
GetDesktopWindow
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxA

comdlg32

GetOpenFileNameA

ole32

CoCreateGuid
CoCreateInstance
StringFromGUID2
CoInitialize
CoUninitialize

winhttp

WinHttpOpenRequest
WinHttpQueryDataAvailable
WinHttpAddRequestHeaders
WinHttpQueryHeaders
WinHttpSendRequest
WinHttpReadData
WinHttpCloseHandle
WinHttpOpen
WinHttpCrackUrl
WinHttpConnect
WinHttpReceiveResponse
WinHttpSetOption

psapi

GetProcessMemoryInfo
GetModuleBaseNameA

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat_0
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9c948f0568abc8842a4d3f592e17106

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

winhttp

psapi

Sections

.text Size: 107KB - Virtual size: 107KB

.itext Size: 6KB - Virtual size: 5KB

.data Size: - Virtual size: 72KB

.rsrc Size: 16KB - Virtual size: 15KB

.idat_0 Size: 1KB - Virtual size: 1KB

.text
Size: 107KB - Virtual size: 107KB

.itext
Size: 6KB - Virtual size: 5KB

.data
Size: - Virtual size: 72KB

.rsrc
Size: 16KB - Virtual size: 15KB

.idat_0
Size: 1KB - Virtual size: 1KB