a5be46858bdc1829f9b99edd31261213d4e1c1fdf660a7810e0bc3fc4940bcff

Sharing

Copy URL

Twitter E-mail

General

Target

a5be46858bdc1829f9b99edd31261213d4e1c1fdf660a7810e0bc3fc4940bcff
Size

131KB
MD5

4633c8fe12b07741a618209f70a1d1f0
SHA1

5a785068817d2912f70ced041d3a52bbd15d3142
SHA256

a5be46858bdc1829f9b99edd31261213d4e1c1fdf660a7810e0bc3fc4940bcff
SHA512

8037430f97e40c352c34db66ab64a5b850eaa395aae87866991b11603454733e17cf6b333f407128784f1eddb8d332b2800a31097028858c7f7dfb316f3a2f4b
SSDEEP

3072:JQkzUD/q1iB1x5Ydux/ky4lUAOA64focq6A2/IZgQ2:JpzU7LB1x5Yduxs1Rgcq6AKI2

Score

N/A

Malware Config

Signatures

Files

a5be46858bdc1829f9b99edd31261213d4e1c1fdf660a7810e0bc3fc4940bcff
.dll windows x86

944a92be41c32c18f2f0424380b037f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
DeleteCriticalSection
InitializeCriticalSection
FindClose
FindNextFileA
GetProcessHeap
HeapFree
Sleep
FormatMessageW
LeaveCriticalSection
lstrcpyW
LocalFree
CreateThread
lstrlenA
InterlockedCompareExchange
lstrcmpW
InterlockedExchange
EnterCriticalSection
DisableThreadLibraryCalls
GetVersionExA
InterlockedIncrement
TerminateProcess
VirtualAlloc
SetUnhandledExceptionFilter
GetCurrentProcess
GetCurrentThreadId
UnhandledExceptionFilter
CloseHandle
lstrlenW
GetCommandLineW
LockResource
FindResourceExW
LoadResource
GetCommandLineA
VirtualProtect
VirtualFree
FreeLibrary

user32

ShowWindow
SetForegroundWindow
GetLastActivePopup
FindWindowW
wsprintfW
LoadStringW
wvsprintfW
EndDialog
SendMessageW
GetDlgItem
GetSystemMetrics
SetCursor
LoadCursorW
GetWindowRect
IsWindowEnabled
EnableWindow
SetWindowLongW
GetWindowLongW
MessageBoxW
GetSysColor
LoadImageW
GetDC
ReleaseDC
DialogBoxIndirectParamW
ScreenToClient
CreateWindowExW
SetWindowPos

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
UnregisterTraceGuids
GetTokenInformation
OpenProcessToken
GetSidSubAuthorityCount
GetSidSubAuthority
IsValidSid
RegCloseKey

gdi32

GetDeviceCaps
DeleteObject
CreateFontIndirectW
LineDDA
LineTo
MoveToEx
CreatePen
SetBkColor
SetTextColor
SelectObject

ole32

CoTaskMemFree
CoCreateInstance
StringFromCLSID

msvcr71

_adjust_fdiv
_wtoi
_onexit
wcsstr
free
_callnewh
malloc
memcpy
_wfsopen
_fsopen
_strerror
fclose
wcsncat
wcsrchr
_wcsicmp
mbstowcs
wcslen
wcstombs
wcsncpy
sprintf
swprintf
wcscat
_amsg_exit
_CxxThrowException
__CppXcptFilter
__dllonexit
_initterm
memset
_vsnwprintf
_except_handler3

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

944a92be41c32c18f2f0424380b037f9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 36KB - Virtual size: 69KB

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 36KB - Virtual size: 69KB

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 4KB - Virtual size: 3KB