a4e6e41f43f59536038306f5b6ef05979a3854fc6d8b63d642f254ce5c484a03

Sharing

Copy URL Twitter E-mail

General

Target

a4e6e41f43f59536038306f5b6ef05979a3854fc6d8b63d642f254ce5c484a03
Size

409KB
MD5

686e9367585ad81cf6128100d12325a9
SHA1

5cd2bf2ebedc13ece42614ac47893594cb918d10
SHA256

a4e6e41f43f59536038306f5b6ef05979a3854fc6d8b63d642f254ce5c484a03
SHA512

78d8ddb00ae8181dc7ea8ea40439da0a930022c763536d696a0126bbd478be401c8f456135f394ff804a0d80ecd29360f849678543e086c0366508326d58a029
SSDEEP

12288:uFr6E5VXruaazSj0dadFm070MZVkX2J5asdNAVun:u35ViaaWQda/NwmVk05asvcun

Score

N/A

Malware Config

Signatures

Files

a4e6e41f43f59536038306f5b6ef05979a3854fc6d8b63d642f254ce5c484a03
.exe windows x86

c1b0ebea1bab42e620186be23ae77a97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
LCMapStringW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LoadLibraryW
GetFileType
SetHandleCount
GetStdHandle
SetLastError
TlsFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsBadReadPtr
HeapValidate
InitializeCriticalSectionAndSpinCount
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineA
MultiByteToWideChar
ExitProcess
GetModuleHandleW
GetProcAddress
DecodePointer
RtlUnwind
RaiseException
LeaveCriticalSection
SetStdHandle
CreateDirectoryA
CreateNamedPipeA
CloseHandle
ConnectNamedPipe
LocalAlloc
LocalFree
GetProcessHeap
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
GetModuleFileNameA
GetModuleFileNameW
lstrcpyW
GetPrivateProfileSectionW
GetPrivateProfileIntW
lstrcmpiA
SetProcessAffinityMask
lstrlenW
lstrcatW
FindFirstFileW
FindNextFileW
FindClose
GetLastError
WriteFile
SetFilePointer
HeapCreate
GetCurrentProcess
GetWindowsDirectoryA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileInformationByHandle
HeapAlloc
FormatMessageA
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
CreateEventA
FileTimeToLocalFileTime
FileTimeToSystemTime
EnumResourceLanguagesA
LoadResource
GetModuleHandleA
TlsGetValue
CreateFileW

user32

SetWindowTextA
LookupIconIdFromDirectory
SendMessageA
GetMenuItemID
GetMenuItemCount
AppendMenuA
CreatePopupMenu
LoadMenuA
ScreenToClient
SetCursorPos
ChildWindowFromPoint
FindWindowA
GetWindowLongA
GetDC
GetClientRect
GetScrollPos
GetScrollRange
SetScrollPos
ScrollWindow
UpdateWindow
GetDialogBaseUnits
GetDlgItem
SetFocus
BeginPaint
EndPaint
MoveWindow
ReleaseDC
DefWindowProcA
LoadStringA
LoadStringW
GetParent
SendNotifyMessageA
DestroyAcceleratorTable
GetDlgItemTextW
LoadBitmapA
GetSystemMetrics
InvalidateRect
SetCursor
wsprintfW
GetWindowRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
ShowWindow
DialogBoxParamA
LoadIconA
LoadCursorA
SystemParametersInfoA
DestroyWindow
FillRect
TrackPopupMenu
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
OpenClipboard
EndDialog
EmptyClipboard
CopyImage
SetClipboardData
CloseClipboard
EnableWindow
CreateDialogParamA
SetDlgItemTextA

gdi32

SetTextColor
Rectangle
GetTextExtentPoint32A
CreateDCA
GetDeviceCaps
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
GetDIBColorTable
DeleteObject
GetBitmapBits
CreateCompatibleBitmap
GetDIBits
CreateFontIndirectA
CreateSolidBrush
GetStockObject
PatBlt
StartDocA
StartPage
TextOutA
EndPage
EndDoc
SetAbortProc
GetTextMetricsA
EnumFontsA
DeleteDC

comdlg32

ReplaceTextA

advapi32

AllocateAndInitializeSid
SetEntriesInAclA
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
RegCloseKey
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
ExtractIconExA

ole32

CreateStreamOnHGlobal
CoTaskMemFree

oleaut32

OleLoadPicture
OleSavePictureFile

userenv

CreateEnvironmentBlock

avicap32

capGetDriverDescriptionA

shlwapi

PathFindFileNameA
StrChrA
PathFindExtensionA
PathFindExtensionW
AssocCreate
PathStripToRootA
ord12

comctl32

InitCommonControlsEx
CreateToolbarEx
ImageList_Create
ImageList_ReplaceIcon

wtsapi32

WTSEnumerateProcessesA
WTSFreeMemory

uxtheme

IsThemeActive
GetThemeDocumentationProperty
EnableTheming

dxva2

SetVCPFeature

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1b0ebea1bab42e620186be23ae77a97

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

userenv

avicap32

shlwapi

comctl32

wtsapi32

uxtheme

dxva2

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 240KB - Virtual size: 240KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 240KB - Virtual size: 240KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 31KB - Virtual size: 31KB