90a1bec17b41cb72b48bb17b167b0a3e5ce781b425ede7fcba09ac258c339fe7

Sharing

Copy URL Twitter E-mail

General

Target

90a1bec17b41cb72b48bb17b167b0a3e5ce781b425ede7fcba09ac258c339fe7
Size

1.2MB
MD5

704d8a6094b58f004da4f91a551cecee
SHA1

bac519716948f7b572113c863644269211bd8fc4
SHA256

90a1bec17b41cb72b48bb17b167b0a3e5ce781b425ede7fcba09ac258c339fe7
SHA512

fc9b226cf5be2c753c16dcfb001d0ecc718693dfd802f903dfd54f5498ce8c42023cf0e321720f4a2733632721017bb742dd86766626dda2ddd7761f78e7f1ce
SSDEEP

24576:vgDRPzOP709BZs+k7kEJLRMiA7kCPyNEDU12ZjdhOf0r:vgBXaXnwI6hFj

Score

N/A

Malware Config

Signatures

Files

90a1bec17b41cb72b48bb17b167b0a3e5ce781b425ede7fcba09ac258c339fe7
.exe windows x86

5ced221a78a725ea7fde6e97a6e78aec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

CreateBitmap
Rectangle
CreateCompatibleBitmap
PatBlt

ole32

CoTaskMemFree
CoUninitialize
StringFromGUID2
CLSIDFromString

msvcrt

mktime
wcslen
calloc
_wcsnicmp
wcsstr
__p__commode
_purecall
fwrite
fread
fflush
time
_vsnwprintf
__set_app_type
exit
_tzset
__p__fmode
_initterm
swscanf
wcschr
free
wcsrchr

advapi32

RegCloseKey
RegQueryValueExA
GetTokenInformation
CloseEncryptedFileRaw
DeleteAce

kernel32

CreateMutexA
ReadFile
FileTimeToSystemTime
ReleaseMutex
GetCurrentProcess
VirtualAlloc
GetCurrentProcessId
GetExitCodeThread
LoadResource
DeleteCriticalSection
GetCurrentDirectoryA
LocalFileTimeToFileTime
Sleep
CloseHandle
ExitThread
GetVersion
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
OpenMutexA
TerminateProcess
GetLastError
WriteTapemark
FindVolumeMountPointClose
BackupRead
SetTapeParameters
QueryPerformanceCounter
GetProcessHeap
FreeLibrary
HeapQueryInformation
GetFileInformationByHandle

user32

CopyRect
DefWindowProcA
MapDialogRect
KillTimer
UpdateWindow
GetMessageA
PostQuitMessage
SetActiveWindow
CreateWindowExA
DestroyWindow
SendMessageA
DestroyIcon
InflateRect
GetParent
DispatchMessageA
GetSysColor
GetMenuItemID
TranslateMessage
ShowWindow
RegisterClassExA
ChildWindowFromPoint
ScreenToClient
IsWindowVisible
GetDesktopWindow
SetTimer
GetNextDlgGroupItem
FlashWindow
InvalidateRgn
EnableMenuItem
GetCapture

netapi32

NetApiBufferFree
NetApiBufferSize

shell32

SHGetSpecialFolderLocation
SHGetMalloc

syssetup

AsrFreeContext

ntdll

NtQueryQuotaInformationFile
NtSetQuotaInformationFile
towupper
iswctype
_aulldvrm

Sections

.text
Size: 831KB - Virtual size: 831KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ced221a78a725ea7fde6e97a6e78aec

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

ole32

msvcrt

advapi32

kernel32

user32

netapi32

shell32

syssetup

ntdll

Sections

.text Size: 831KB - Virtual size: 831KB

.data Size: 336KB - Virtual size: 336KB

.rsrc Size: 22KB - Virtual size: 3.1MB

.text
Size: 831KB - Virtual size: 831KB

.data
Size: 336KB - Virtual size: 336KB

.rsrc
Size: 22KB - Virtual size: 3.1MB