f3004449cb3597d15718aa593615c90545da033323720b6d84f2aaf702b7c4ff

Sharing

Copy URL Twitter E-mail

General

Target

f3004449cb3597d15718aa593615c90545da033323720b6d84f2aaf702b7c4ff
Size

357KB
MD5

6fa597691f4e59aaa209bba8341fe890
SHA1

bd2b1e57e3ac3c3d03b1ff0bd521e6ce42953167
SHA256

f3004449cb3597d15718aa593615c90545da033323720b6d84f2aaf702b7c4ff
SHA512

695fdfb6ac6e1dba21b367425a836d2fdfdcaccbc1b3c6f90821a7aba9a547bad04885eeb8c0f4fd5b5ff9050c3dad67bd3a2a80ced86567ee1af1412ba74a8a
SSDEEP

6144:SyN8f1pUqmWqpYTHpIb93Oh68L6xywQ1blRjXS7ytx2UvM:h6f1pUqmIHpyG6TitS0xS

Score

N/A

Malware Config

Signatures

Files

f3004449cb3597d15718aa593615c90545da033323720b6d84f2aaf702b7c4ff
.exe windows x86

96052393c90057716deccebf958d9c8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
GetProcAddress
GetCurrentThreadId
SetLastError
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
Sleep
GetStringTypeW
LoadLibraryW
ReadFile
SetStdHandle
WriteConsoleW
HeapReAlloc
HeapSize
FlushFileBuffers
GetVersionExA
GetCurrentProcess
CloseHandle
FindFirstFileA
FindNextFileA
FindClose
GetCommandLineW
GetLastError
HeapCreate
HeapAlloc
LocalAlloc
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateFileW
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsProcessorFeaturePresent
TerminateProcess
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DecodePointer
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineA
RaiseException
LocalFree
GetTickCount
GetModuleHandleA

user32

CloseClipboard
SetClipboardData
CopyImage
EmptyClipboard
EndDialog
OpenClipboard
EndPaint
BeginPaint
SetFocus
EnumDisplayMonitors
LoadImageA
SetWindowPos
CreateWindowExA
GetMenuState
GetSystemMenu
GetDCEx
GetWindowRect
GetWindowTextA
AppendMenuA
GetDesktopWindow
SetRect
UnregisterClassW
LoadAcceleratorsW
ShowWindow
CreateWindowExW
RegisterClassExW
OffsetRect
SendDlgItemMessageA
GetDlgItem
SendMessageA
GetForegroundWindow
GetDoubleClickTime
GetSystemMetrics
DrawFrameControl
GetDC
ReleaseDC
FillRect
GetWindowLongA
GetClientRect
SetWindowTextA
DefWindowProcA
GetKeyboardType
LoadCursorW
LoadIconW
LoadImageW

gdi32

CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
DeleteDC
CreateSolidBrush
DeleteObject
StartPage
EndPage
EndDoc
GetDeviceCaps
CreateDIBSection
GdiFlush
BitBlt
GetObjectA
SetTextColor
SetBkColor
GdiSetBatchLimit
CreateRectRgn
GetStockObject
PatBlt
CreateFontA

advapi32

AllocateAndInitializeSid
DeregisterEventSource
IsValidSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
RegEnumValueA
RegCloseKey
OpenProcessToken
GetTokenInformation
RegCreateKeyExA
GetUserNameW
IsValidSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
IsValidAcl
FreeSid
InitializeSecurityDescriptor

shell32

CommandLineToArgvW

ole32

OleInitialize
OleUninitialize
OleCreate
CoInitialize
CoGetObject
CoUninitialize
OleSetContainedObject

oleaut32

VariantClear
VariantChangeType

wininet

InternetGetLastResponseInfoA
InternetOpenA
FtpSetCurrentDirectoryA
FtpPutFileA

netapi32

NetSessionEnum
NetApiBufferFree
NetUserGetInfo

version

GetFileVersionInfoW

shlwapi

PathCompactPathA

comctl32

ord413
CreateToolbarEx
InitCommonControlsEx

gdiplus

GdipDrawLineI
GdipCreateFromHDC
GdipDeleteGraphics
GdipDeletePen
GdipCreatePen1
GdipDrawRectangleI
GdipAlloc
GdipDrawEllipseI
GdipFree
GdiplusStartup
GdiplusShutdown

wsnmp32

ord320

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96052393c90057716deccebf958d9c8f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wininet

netapi32

version

shlwapi

comctl32

gdiplus

wsnmp32

Sections

.text Size: 52KB - Virtual size: 52KB

.rdata Size: 228KB - Virtual size: 228KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 57KB - Virtual size: 56KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 52KB - Virtual size: 52KB

.rdata
Size: 228KB - Virtual size: 228KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 57KB - Virtual size: 56KB

.reloc
Size: 6KB - Virtual size: 6KB