b142b6b2c9da1c9cd4fa2f31bb05f8b98d6b0823f53bc7f8931b87f80a46e387

Sharing

Copy URL Twitter E-mail

General

Target

b142b6b2c9da1c9cd4fa2f31bb05f8b98d6b0823f53bc7f8931b87f80a46e387
Size

225KB
MD5

6ca7e45e701cc155fd155bfe17c49090
SHA1

fc283067b5c535ab96f20b12507d052d14dcff67
SHA256

b142b6b2c9da1c9cd4fa2f31bb05f8b98d6b0823f53bc7f8931b87f80a46e387
SHA512

52f66fc2b4261a195452bc2ab60cee07c76b1cf544da25a77424e850eb96655c11b1b15d158b044c039e531201d51c9bb7a07776c101630ee69d06086b192364
SSDEEP

3072:NvyrfbfWEPzU7fNSa2h8iH43fSXV1S7D+zGJuut+NfCJIXgjSR:JGfbfWE4I4M1yD+zGJuCpIXg

Score

N/A

Malware Config

Signatures

Files

b142b6b2c9da1c9cd4fa2f31bb05f8b98d6b0823f53bc7f8931b87f80a46e387
.exe windows x86

312f29db9bc9d339030c606a79451eda

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
UnhandledExceptionFilter
LeaveCriticalSection
WaitForMultipleObjects
WaitForSingleObject
lstrcmpiW
lstrlenW
VirtualAlloc
LCMapStringW
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSectionAndSpinCount
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
SetUnhandledExceptionFilter
GetVersionExW
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeExW
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLastError
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
EnterCriticalSection
DuplicateHandle
DeleteCriticalSection
DebugBreak
CreateThread
CreateFileMappingW
CreateEventW
SetEvent
QueryPerformanceCounter
OpenFileMappingW
OpenEventW
MapViewOfFile
ChangeTimerQueueTimer
LocalFree
CloseHandle
UnmapViewOfFile

user32

GetSystemMetrics
CharNextW
OpenIcon
BeginPaint
GetClientRect
EndPaint
PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetMessageA
DispatchMessageA
GetSysColor
UpdateWindow
UnregisterClassW
TranslateMessage
ShowWindow
RegisterClassW
PostMessageW
PeekMessageW
MsgWaitForMultipleObjects
LoadIconW
LoadCursorW
GetSystemMenu
GetMessageW
DispatchMessageW
DestroyWindow
DeleteMenu
DefWindowProcW
CreateWindowExW
MsgWaitForMultipleObjectsEx

gdi32

MoveToEx
LineTo
DeleteEnhMetaFile
GetStockObject
CloseEnhMetaFile
Rectangle

advapi32

AccessCheck
AdjustTokenPrivileges
AllocateAndInitializeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
CopySid
DeregisterEventSource
FreeSid
GetAclInformation
GetLengthSid
GetSecurityDescriptorLength
GetTokenInformation
ImpersonateLoggedOnUser
InitializeAcl
InitializeSecurityDescriptor
MakeAbsoluteSD
MakeSelfRelativeSD
MapGenericMask
OpenProcessToken
OpenThreadToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDisablePredefinedCache
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegisterEventSourceW
ReportEventW
RevertToSelf
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetThreadToken
RegOpenKeyExA
AddAce

ole32

CoFreeUnusedLibrariesEx
CoGetCallContext
CoGetClassObject
CoGetInterfaceAndReleaseStream
CoImpersonateClient
CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoRegisterClassObject
CoRevertToSelf
CoRevokeClassObject
CoSwitchCallContext
CoUninitialize
StringFromGUID2
CoCreateGuid
CoMarshalInterThreadInterfaceInStream
CLSIDFromString

msvcrt

memset
memcpy

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

312f29db9bc9d339030c606a79451eda

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

msvcrt

Sections

.text Size: 122KB - Virtual size: 122KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 892B

.rsrc Size: 89KB - Virtual size: 89KB

.text
Size: 122KB - Virtual size: 122KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 892B

.rsrc
Size: 89KB - Virtual size: 89KB