2f502ba8f78fd95fcef28a945d6f22cdc01a9588b572344246180ae02e6708fb

Sharing

Copy URL Twitter E-mail

General

Target

2f502ba8f78fd95fcef28a945d6f22cdc01a9588b572344246180ae02e6708fb
Size

225KB
MD5

a40924b59a011269955b88a2368e6a49
SHA1

7533763db82d8a060f05b11b739b5d7f5015c9b1
SHA256

2f502ba8f78fd95fcef28a945d6f22cdc01a9588b572344246180ae02e6708fb
SHA512

403ba76eb804b6bc46ea68b56630e56743ab48846ed4d2d82a3c37b1411d8ee676398ba8b9f009a14ad697b8ad3d8d771c7211900deca41156c7c89e400c81c2
SSDEEP

3072:NvyrfbfWEPzU7fNSa2h8iH43fqXV1S7D+zGJuut+NfCJIXgjSR:JGfbfWE4I4k1yD+zGJuCpIXg

Score

N/A

Malware Config

Signatures

Files

2f502ba8f78fd95fcef28a945d6f22cdc01a9588b572344246180ae02e6708fb
.exe windows x86

312f29db9bc9d339030c606a79451eda

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
UnhandledExceptionFilter
LeaveCriticalSection
WaitForMultipleObjects
WaitForSingleObject
lstrcmpiW
lstrlenW
VirtualAlloc
LCMapStringW
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSectionAndSpinCount
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
SetUnhandledExceptionFilter
GetVersionExW
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeExW
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLastError
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
EnterCriticalSection
DuplicateHandle
DeleteCriticalSection
DebugBreak
CreateThread
CreateFileMappingW
CreateEventW
SetEvent
QueryPerformanceCounter
OpenFileMappingW
OpenEventW
MapViewOfFile
ChangeTimerQueueTimer
LocalFree
CloseHandle
UnmapViewOfFile

user32

GetSystemMetrics
CharNextW
OpenIcon
BeginPaint
GetClientRect
EndPaint
PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetMessageA
DispatchMessageA
GetSysColor
UpdateWindow
UnregisterClassW
TranslateMessage
ShowWindow
RegisterClassW
PostMessageW
PeekMessageW
MsgWaitForMultipleObjects
LoadIconW
LoadCursorW
GetSystemMenu
GetMessageW
DispatchMessageW
DestroyWindow
DeleteMenu
DefWindowProcW
CreateWindowExW
MsgWaitForMultipleObjectsEx

gdi32

MoveToEx
LineTo
DeleteEnhMetaFile
GetStockObject
CloseEnhMetaFile
Rectangle

advapi32

AccessCheck
AdjustTokenPrivileges
AllocateAndInitializeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
CopySid
DeregisterEventSource
FreeSid
GetAclInformation
GetLengthSid
GetSecurityDescriptorLength
GetTokenInformation
ImpersonateLoggedOnUser
InitializeAcl
InitializeSecurityDescriptor
MakeAbsoluteSD
MakeSelfRelativeSD
MapGenericMask
OpenProcessToken
OpenThreadToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDisablePredefinedCache
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegisterEventSourceW
ReportEventW
RevertToSelf
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetThreadToken
RegOpenKeyExA
AddAce

ole32

CoFreeUnusedLibrariesEx
CoGetCallContext
CoGetClassObject
CoGetInterfaceAndReleaseStream
CoImpersonateClient
CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoRegisterClassObject
CoRevertToSelf
CoRevokeClassObject
CoSwitchCallContext
CoUninitialize
StringFromGUID2
CoCreateGuid
CoMarshalInterThreadInterfaceInStream
CLSIDFromString

msvcrt

memset
memcpy

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

312f29db9bc9d339030c606a79451eda

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

msvcrt

Sections

.text Size: 122KB - Virtual size: 122KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 892B

.rsrc Size: 89KB - Virtual size: 89KB

.text
Size: 122KB - Virtual size: 122KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 892B

.rsrc
Size: 89KB - Virtual size: 89KB