33f06acda393a7092c330db81e8a02c2a09c6c86fc1c67a7793de24d1cfc7904

Sharing

Copy URL Twitter E-mail

General

Target

33f06acda393a7092c330db81e8a02c2a09c6c86fc1c67a7793de24d1cfc7904
Size

143KB
MD5

475334f64bb0dc74dcc9081142da20b0
SHA1

e066ec1985ef3e94ed2554fa0f8577b8286f3c47
SHA256

33f06acda393a7092c330db81e8a02c2a09c6c86fc1c67a7793de24d1cfc7904
SHA512

5da6381e95d3b07123ddc2644e5a32bdf052911950e76922ab9d881f3c4c8bea5dcb53bbb5097db6d8787a0a87883ce1d605d5c4333ce9b9355d1fb2f34906de
SSDEEP

3072:Nr0oNLQs1C2QKvmoo+BGfoFSxVKhGZg7CIzuGnmtWRmIJGJDJeJz8RwoBr:GoNLn/vmooIGwFY+xzuGnmEmIJGJDJey

Score

N/A

Malware Config

Signatures

Files

33f06acda393a7092c330db81e8a02c2a09c6c86fc1c67a7793de24d1cfc7904
.exe windows x86

75e54954934aa6085b9eb67c333ccdfb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

RtlUnwind
ReadFile
GetConsoleCP
SetFilePointer
Sleep
GetStringTypeW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
WriteFile
ExitProcess
CloseHandle
CreateFileW
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
IsProcessorFeaturePresent
HeapFree
MultiByteToWideChar
WriteConsoleW
WideCharToMultiByte
GetCurrentThreadId
SetLastError
GetModuleHandleW
TlsFree
DecodePointer
HeapSize
LoadLibraryW
HeapReAlloc
SetStdHandle
FillConsoleOutputAttribute
LoadLibraryExA
GetModuleFileNameA
BeginUpdateResourceA
GetConsoleScreenBufferInfo
LoadLibraryA
EnterCriticalSection
GetProcAddress
lstrcmpiA
GetLastError
GetStdHandle
SetConsoleCursorPosition
HeapCreate
LeaveCriticalSection
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
FlushFileBuffers
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsDebuggerPresent
GetVolumeInformationA
GetCurrentProcess
HeapAlloc
lstrlenA
lstrcmpA
FillConsoleOutputCharacterA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
LCMapStringW
GetCommandLineW
GetConsoleMode

user32

DialogBoxParamA
MapWindowPoints
CopyRect
DispatchMessageW
GetWindow
EnumDisplayDevicesA
EndPaint
ClientToScreen
SetCursor
GetClassNameA
GetSystemMenu
ScreenToClient
GetWindowRect
GetMessageW
IsIconic
FillRect
LoadBitmapA
GetParent
wsprintfA
GetClientRect
SendMessageA
RegisterWindowMessageA
BeginPaint
GetDC
TranslateMessage
SetRect
InvalidateRect
SetScrollPos
ReleaseDC
DefWindowProcA
GetDesktopWindow
CreatePopupMenu
GetSystemMetrics
IsWindowVisible
SetWindowTextA

gdi32

DeleteDC
SetWindowOrgEx
BitBlt
PatBlt
SetWindowExtEx
CreateSolidBrush
GetDeviceCaps
CreateFontIndirectA
SetBrushOrgEx
CreateMetaFileA
ExcludeClipRect
CreateDCA
CreateBitmap
DeleteObject
SelectObject
SelectClipRgn
CreateCompatibleDC
SetMapMode
CreateCompatibleBitmap
CreatePatternBrush

advapi32

AddAccessAllowedAce

shell32

CommandLineToArgvW

ole32

OleInitialize

ws2_32

WSCDeinstallProvider

psapi

GetModuleBaseNameA

avifil32

AVIFileOpenA
AVIFileInit

comctl32

ImageList_GetDragImage
ImageList_Destroy

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

imm32

ImmAssociateContext

setupapi

SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

ntdsapi

DsUnBindA

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.directo
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hidata
Size: 512B - Virtual size: 209B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75e54954934aa6085b9eb67c333ccdfb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

ws2_32

psapi

avifil32

comctl32

rpcrt4

imm32

setupapi

ntdsapi

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 4KB - Virtual size: 11KB

.directo Size: 14KB - Virtual size: 14KB

.hidata Size: 512B - Virtual size: 209B

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 4KB - Virtual size: 11KB

.directo
Size: 14KB - Virtual size: 14KB

.hidata
Size: 512B - Virtual size: 209B

.rsrc
Size: 31KB - Virtual size: 30KB