be61c2670eb237504df9d6cdd1980e3073b5ef6f3d54a0013f0673a56742dbdd

Sharing

Copy URL Twitter E-mail

General

Target

be61c2670eb237504df9d6cdd1980e3073b5ef6f3d54a0013f0673a56742dbdd
Size

431KB
MD5

4211e63846b2491ffd65dc676eadb670
SHA1

4d93aa6647a2562440f9d9ecb8cd2965a738fa40
SHA256

be61c2670eb237504df9d6cdd1980e3073b5ef6f3d54a0013f0673a56742dbdd
SHA512

53719187a0f803f97eaa18cbf37a21a50c23845ea80013e84e3945f9a19bb3f2bae6daeebf74c9276e6b32cdf9facabb35164807737133be7a571350948ce29c
SSDEEP

6144:PYIcGrVbBJbW1opqs9ylLPvVyIUUEWEYsqRAT1Li7slia9JzV8kWUfdRwX7:Qe4qpqsEloDU3e1v78kI

Score

N/A

Malware Config

Signatures

Files

be61c2670eb237504df9d6cdd1980e3073b5ef6f3d54a0013f0673a56742dbdd
.exe windows x86

31fa469190ce0dcdd2bf61b43a5d12c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
OpenSemaphoreA
TerminateThread
SwitchToThread
LocalUnlock
SetFileAttributesA
FindCloseChangeNotification
LocalHandle
GetSystemTimeAsFileTime
ReleaseActCtx
SizeofResource
GlobalAddAtomA
SetDefaultCommConfigA
SetThreadIdealProcessor
GetProcessShutdownParameters
VerifyVersionInfoA
SetCommTimeouts
GetProcAddress
GetModuleHandleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
ReadFile
GetProcessHeap
SetEndOfFile
GetStringTypeW
GetFirmwareEnvironmentVariableA
GetLocaleInfoA
HeapSize
LCMapStringW
LCMapStringA
GetTimeZoneInformation
CreateFileA
MultiByteToWideChar
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
GetFileType
SetHandleCount
InitializeCriticalSectionAndSpinCount
LoadLibraryA
InterlockedExchange
FreeLibrary
ClearCommBreak
WriteProfileSectionA
GlobalFindAtomA
GetVolumeNameForVolumeMountPointA
GetCommState
LocalAlloc
GetTempFileNameA
GetStringTypeA
FlushInstructionCache
HeapAlloc
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetModuleHandleW
Sleep
ExitProcess
RaiseException
GetCommandLineA
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
WriteFile
GetStdHandle
GetModuleFileNameA
CloseHandle
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetFullPathNameA
GetCurrentDirectoryA
CreateDirectoryA

user32

CharToOemA
SwitchDesktop
EnableMenuItem
CopyImage
DestroyIcon
GetMonitorInfoA
SetCaretPos
SwapMouseButton
GetKeyState
OpenClipboard
GetForegroundWindow
EnumDisplaySettingsA
RegisterClassA
UnhookWindowsHookEx
DrawEdge
EnableWindow
LoadMenuIndirectA
GetCursorPos
GetClassLongA
EnableScrollBar
GetMouseMovePointsEx
LookupIconIdFromDirectory
SetClassLongA
LockWorkStation
GetLastInputInfo
GetMenuItemCount
DrawTextExA
DrawFrameControl
GetWindowPlacement
GetParent
GetCaretPos
SetRectEmpty
IsRectEmpty
WaitMessage
LoadKeyboardLayoutA
CheckMenuRadioItem
OpenDesktopA
PaintDesktop
IsMenu
GetKeyboardLayout
GetMenu
FlashWindowEx
MsgWaitForMultipleObjectsEx
EqualRect
OpenWindowStationA
CheckMenuItem

advapi32

GetKernelObjectSecurity
DeregisterEventSource
CreatePrivateObjectSecurity
AddAccessDeniedObjectAce
IsTextUnicode
AccessCheckByTypeResultList
FindFirstFreeAce
ObjectPrivilegeAuditAlarmA

Sections

.text
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

31fa469190ce0dcdd2bf61b43a5d12c3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 293KB - Virtual size: 293KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 104KB - Virtual size: 112KB

.text
Size: 293KB - Virtual size: 293KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 104KB - Virtual size: 112KB