0af9003d0b7c10b6b9768fa0af999d550583c2732fe75214caf8cc333cad36cf

Sharing

Copy URL Twitter E-mail

General

Target

0af9003d0b7c10b6b9768fa0af999d550583c2732fe75214caf8cc333cad36cf
Size

349KB
MD5

68e2b050b0aef292bb5c7fc47493d78b
SHA1

7272d29bdbc8361a4fc4c276507068a2b68707ec
SHA256

0af9003d0b7c10b6b9768fa0af999d550583c2732fe75214caf8cc333cad36cf
SHA512

a9fa1e61594c45a7050d2f13705ee71fb1caeb11b74e6c7820261c1344b3c7abb49a4c9b9f699f4c3808a89f2f1f99df94e7f6f4e8066972b9c55e25a33a6885
SSDEEP

6144:mcePvqZVhbAookbaGfwIUmpT+SEmxFiWBQ/HEoe7lu9FOjNgLbTuBTbSVPj:ov6cooYoI5rXmWBGEd7lEFO5STvP

Score

N/A

Malware Config

Signatures

Files

0af9003d0b7c10b6b9768fa0af999d550583c2732fe75214caf8cc333cad36cf
.exe windows x86

421b5d582b066367cbeea0dde851b34c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_vsnwprintf
RtlInitUnicodeStringEx
_chkstk
RtlUnwind
RtlUnicodeStringToAnsiString
memmove
RtlIsNameLegalDOS8Dot3
RtlAnsiStringToUnicodeString
NtQueryVirtualMemory
wcslen
_wcsicmp
RtlUnicodeToMultiByteSize

advapi32

RegOpenKeyExW
RegEnumValueW
RegCloseKey
RegQueryValueExA
RegQueryValueW
RegQueryValueExW
RegOpenKeyExA
RegSetValueExW

comctl32

ImageList_GetIconSize
CreateToolbarEx
ImageList_Destroy
PropertySheetW
ImageList_Draw
CreatePropertySheetPageW
InitCommonControlsEx

gdi32

MoveToEx
CreateDiscardableBitmap
SetWindowExtEx
GetDeviceCaps
CreateCompatibleDC
RealizePalette
CreatePen
TextOutW
CreateICW
CreateSolidBrush
GetTextExtentPointW
GetNearestColor
SetMapMode
GetObjectW
BitBlt
SelectClipRgn
LineTo
ExtTextOutW
CreateRectRgnIndirect
CreateCompatibleBitmap
SelectPalette
CreateFontW
CreateFontIndirectW
EnumFontFamiliesExW
TranslateCharsetInfo
GetWindowExtEx
SelectObject
SetViewportExtEx
ExcludeClipRect
SetBkColor
Rectangle
SetBkMode
GetTextCharsetInfo
GetViewportExtEx
CreateDIBitmap
GetMapMode
GetTextMetricsW
GetTextCharset
SetTextColor
PatBlt
DeleteObject
DeleteDC
GetCharWidth32W
CreateDCW
GetStockObject

user32

SetPropW
EnumChildWindows
GetKeyboardLayout
ReleaseDC
GetDialogBaseUnits
DlgDirListW
LoadAcceleratorsW
IsWindowVisible
SendDlgItemMessageW
GetWindow
GetDlgItemTextA
SetWindowPos
GetParent
GetDlgItemTextW
GetClientRect
GetSysColorBrush
GetSystemMenu
SetWindowLongW
LoadIconW
MapWindowPoints
RegisterWindowMessageW
CallNextHookEx
GetPropW
MessageBeep
PostMessageW
SetDlgItemTextA
GrayStringW
EqualRect
DispatchMessageW
GetWindowLongA
MsgWaitForMultipleObjects
CopyRect
RedrawWindow
ScreenToClient
SetWindowPlacement
DestroyWindow
IsDlgButtonChecked
SetFocus
DrawEdge
UnhookWindowsHookEx
GetLastActivePopup
DrawFocusRect
DefWindowProcW
GetDlgItem
CheckRadioButton
CharNextA
GetDC
SetDlgItemTextW
UpdateWindow
GetSystemMetrics
SetDlgItemInt
TranslateMessage
CreateDialogIndirectParamAorW
CreateWindowExW
GetWindowLongW
InvalidateRect
DialogBoxIndirectParamAorW
LockWindowUpdate
EnableWindow
DeleteMenu
FrameRect
GetWindowRect
PtInRect
CheckDlgButton
SetCursor
LoadImageW
SetTimer
GetDlgCtrlID
GetWindowPlacement
GetDlgItemInt
DrawTextW
ValidateRect
RemovePropW
IsWindow
BeginPaint
CreatePopupMenu
KillTimer
SetParent
BeginDeferWindowPos
MoveWindow
MessageBoxW
DialogBoxIndirectParamW
ChildWindowFromPoint
ClipCursor
DestroyMenu
CharLowerW
FillRect
IsWindowEnabled
ShowCursor
WinHelpW
SetCapture
RegisterWindowMessageA
CharPrevW
SendMessageW
GetKeyState
CharNextW
RegisterClipboardFormatW
EndDialog
SetWindowsHookExW
GetSysColor
CreateDialogIndirectParamW
LoadCursorW
LoadStringW
SetWindowTextW
EndPaint
InflateRect
IntersectRect
FindWindowExW
GetWindowTextW
CallWindowProcW
PeekMessageW
ShowWindow
DeferWindowPos
DrawIcon
GetFocus
EndDeferWindowPos
GetWindowTextLengthW
CreateDialogIndirectParamA
TranslateAcceleratorW

kernel32

InterlockedIncrement
GetFileAttributesW
CreateFileW
GetCurrentThreadId
lstrcmpiW
FindResourceExW
GetTickCount
LoadResource
GetLastError
SetErrorMode
SetEvent
FindResourceW
GetModuleHandleW
CloseHandle
MulDiv
InitializeCriticalSectionAndSpinCount
SetCurrentDirectoryW
SizeofResource
GetFullPathNameW
CreateThread
DelayLoadFailureHook
WideCharToMultiByte
GlobalFree
FreeLibraryAndExitThread
QueryPerformanceCounter
ResetEvent
TerminateProcess
InterlockedDecrement
GetVolumeInformationW
GetSystemDefaultUILanguage
TlsGetValue
LocalSize
FindClose
LocalAlloc
lstrcpynW
TlsAlloc
GetDriveTypeW
CreateEventW
FreeLibrary
DisableThreadLibraryCalls
GlobalAlloc
GetProfileStringW
MultiByteToWideChar
GetCurrentProcessId
GetACP
FreeResource
lstrcpyA
WaitForSingleObject
lstrcpyW
GetTempFileNameW
LockResource
FindNextFileW
SetUnhandledExceptionFilter
GetProcessVersion
DeleteFileW
FindResourceA
GetVersionExA
InterlockedCompareExchange
TlsSetValue
lstrlenA
LoadLibraryW
GlobalLock
SetLastError
GetCurrentDirectoryW
GetModuleFileNameW
GetProcAddress
GlobalUnlock
lstrlenW
FormatMessageW
GetSystemTimeAsFileTime
TlsFree
GetLocaleInfoW
LocalFree
GetCurrentProcess
UnhandledExceptionFilter
GetUserDefaultLCID
FindFirstFileW
VirtualAlloc
EnterCriticalSection
GlobalReAlloc
lstrcmpW
LeaveCriticalSection
DeleteCriticalSection
LocalReAlloc
GetModuleHandleA
LoadLibraryA
GetShortPathNameW
InterlockedExchange

ws2_32

WSASocketW
WSAIoctl
WSAStringToAddressA
WSAAddressToStringA
WSALookupServiceNextW
WSARecvFrom
getaddrinfo
getnameinfo
WSASendTo
freeaddrinfo
WSAAddressToStringW
WSAEventSelect
WSALookupServiceBeginW
WSALookupServiceEnd

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 301KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

421b5d582b066367cbeea0dde851b34c

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

advapi32

comctl32

gdi32

user32

kernel32

ws2_32

Sections

.text Size: 13KB - Virtual size: 13KB

.rsrc Size: 22KB - Virtual size: 21KB

.rdata Size: 11KB - Virtual size: 10KB

.reloc Size: 512B - Virtual size: 20B

.data Size: 301KB - Virtual size: 1.0MB

.text
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 22KB - Virtual size: 21KB

.rdata
Size: 11KB - Virtual size: 10KB

.reloc
Size: 512B - Virtual size: 20B

.data
Size: 301KB - Virtual size: 1.0MB