32c7e7236c7f32b0c3065d3d2a4bd61abb66cb28e437e7496e33f60ba7f74621

Sharing

Copy URL Twitter E-mail

General

Target

32c7e7236c7f32b0c3065d3d2a4bd61abb66cb28e437e7496e33f60ba7f74621
Size

845KB
MD5

6131153a916b28b2c377f62e07834ce0
SHA1

cf04886a5a8cce5651fcd16189f51a82d160243b
SHA256

32c7e7236c7f32b0c3065d3d2a4bd61abb66cb28e437e7496e33f60ba7f74621
SHA512

3874f846cfd5611bead9a63a49097356199ff810e7e7b68b339d179e669803c443ecb8fd23b8bf99ce4173139d63133a15bd805704e4a7b0e5589294082b6c95
SSDEEP

24576:MJsEaWkldwA2CbF0n2nSyK0ag6gZFWmqskQaNo/8F59:MAZgA2C502U0mAW6kxe/8b9

Score

N/A

Malware Config

Signatures

Files

32c7e7236c7f32b0c3065d3d2a4bd61abb66cb28e437e7496e33f60ba7f74621
.exe windows x86

9831ddfc67a5e6bf58f9c8c4a8431784

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
GlobalSize
HeapFree
TlsFree
SetStdHandle
SetThreadPriority
InterlockedCompareExchange
GlobalLock
OutputDebugStringW
TlsSetValue
IsProcessorFeaturePresent
FreeLibrary
UnhandledExceptionFilter
CloseHandle
CreateFileW
HeapAlloc
RaiseException
GetCurrentThreadId
RemoveDirectoryW
CreateEventW
LockResource
GetFileTime
WriteFile
GetProcessAffinityMask
LeaveCriticalSection
GetCommandLineA
ReadFile
Sleep
DuplicateHandle
FindFirstFileW
GetFileAttributesExW
GetLastError
HeapSize
GetCurrentProcess
EnterCriticalSection
VirtualQuery
SetUnhandledExceptionFilter
GlobalUnlock
GetFileType
WideCharToMultiByte
DeleteFileW
GetFileAttributesW
HeapSetInformation
GetSystemTimeAsFileTime
GetACP
MulDiv
GetModuleFileNameA
CancelIo
InitializeCriticalSectionAndSpinCount
GetVersion
IsValidCodePage
FindClose
GetSystemDirectoryW
LCMapStringW
GetModuleFileNameW
GetConsoleCP
GetProcessVersion
SetEndOfFile
GetCurrentThread
ExitProcess
SleepEx
GetCommandLineW
MoveFileExW
ExitThread
GetConsoleMode
LoadLibraryW
SetFilePointer
ReadDirectoryChangesW
MultiByteToWideChar
SetErrorMode
TerminateProcess
LoadLibraryA
SetHandleCount
HeapCreate
SetConsoleCtrlHandler
QueryPerformanceFrequency
WriteConsoleW
RtlUnwind
WaitForSingleObject
GetCurrentProcessId
InterlockedIncrement
GetEnvironmentStringsW
CopyFileW
LocalFileTimeToFileTime
GetOverlappedResult
FileTimeToSystemTime
SetLastError
CreateThread
GetExitCodeThread
VirtualAlloc
GetProcessHeap
GetOEMCP
FileTimeToLocalFileTime
ResetEvent
GetVersionExW
GetCPInfo
FlushFileBuffers
LocalFree
HeapDestroy
FindNextFileW
GetSystemInfo
GetThreadPriority
GetStdHandle
VirtualFree
InterlockedDecrement
SizeofResource
GetProcessTimes
SetThreadExecutionState
SetEvent
LoadResource
GetFileInformationByHandle
FreeEnvironmentStringsW
GetStringTypeW
GlobalAlloc
FindResourceExW
GlobalFree
HeapReAlloc
lstrlenW
LocalAlloc
GetModuleHandleW
QueryPerformanceCounter
CreateMutexW
FlushInstructionCache
InitializeCriticalSection
InterlockedExchange
GetStartupInfoA
OutputDebugStringA
DeleteCriticalSection
GetProcAddress
WaitForMultipleObjects
HeapQueryInformation
GetFileSize
FindResourceW
VirtualProtect
TlsGetValue
TlsAlloc
GetTickCount
SystemTimeToFileTime
IsDebuggerPresent

user32

SetFocus
wsprintfW
TrackPopupMenu
EnumChildWindows
EndDialog
wsprintfA
IsWindowVisible
GetActiveWindow
IsClipboardFormatAvailable
RegisterWindowMessageW
CopyRect
MonitorFromRect
PeekMessageW
BeginPaint
DrawTextW
RegisterClassW
EnumThreadWindows
IsChild
LoadIconW
LoadCursorW
RegisterClassExW
RegisterShellHookWindow
TranslateAcceleratorW
SetWindowsHookExW
MapWindowPoints
GetMessageW
GetSystemMetrics
OffsetRect
GetClientRect
BeginDeferWindowPos
GetWindowDC
MapDialogRect
CheckMenuRadioItem
GetParent
GetMenu
SetMenuItemInfoW
PostQuitMessage
MapVirtualKeyW
UpdateWindow
CallWindowProcW
TrackPopupMenuEx
IsCharAlphaW
GetMenuItemCount
DispatchMessageW
AdjustWindowRect
DrawIconEx
GetScrollInfo
DialogBoxParamW
MessageBoxW
DestroyWindow
CreatePopupMenu
SendDlgItemMessageW
SendMessageW
GetKeyState
GetWindowTextW
LoadAcceleratorsW
DrawEdge
GetMessagePos
SetDlgItemTextW
MsgWaitForMultipleObjects
UnregisterHotKey
SetClipboardData
GetFocus
CharUpperW
SetCapture
EndDeferWindowPos
SetCursor
EndPaint
CharLowerW
MessageBeep
GetClassNameW
SetWindowTextW
RegisterHotKey
AppendMenuW
GetClassInfoExW
GetMenuItemInfoW
AdjustWindowRectEx
GetWindowThreadProcessId
EnumWindows
RegisterClipboardFormatW
MonitorFromPoint
CallNextHookEx
SetLayeredWindowAttributes
SetWindowLongW
EmptyClipboard
CreateWindowExW
SetTimer
SetWindowPos
ShowWindow
GetDC
IsIconic
DestroyIcon
WindowFromPoint
IsDialogMessageW
GetClipboardData
GetWindowPlacement
InvalidateRect
DeferWindowPos
AllowSetForegroundWindow
GetSysColor
ClientToScreen
ScreenToClient
EnableWindow
IntersectRect
LoadImageW
ReleaseDC
PostMessageW
IsWindowEnabled
FillRect
KillTimer
DestroyAcceleratorTable
GetDlgItem
GetComboBoxInfo
DestroyMenu
SetActiveWindow
GetWindowRect
OpenClipboard
TranslateMessage
GetWindowLongW
UnhookWindowsHookEx
SetForegroundWindow
CloseClipboard
CreateDialogParamW
MoveWindow
GetMonitorInfoW
RedrawWindow
DefWindowProcW
UnregisterClassW
DeregisterShellHookWindow
UnregisterClassA
GetDlgCtrlID

gdi32

GetDeviceCaps
ExtTextOutW
DeleteObject
SetWindowOrgEx
SelectObject
CreateCompatibleBitmap
GetObjectW
CreateCompatibleDC
SetDCBrushColor
SetTextColor
GetStockObject
OffsetWindowOrgEx
DeleteDC
SetBkMode
CreateFontIndirectW
SetBkColor
GetTextExtentPoint32W

advapi32

CryptCreateHash
CryptAcquireContextW
RegCreateKeyExW
RegCloseKey
CryptGetHashParam
RegOpenKeyExW
CryptHashData
RegEnumKeyExW
RegQueryValueExW
RegCreateKeyW
CryptDestroyKey
RegOpenKeyW
CryptImportKey
RegSetValueExW
CryptVerifySignatureW
CryptDestroyHash
RegDeleteValueW
RegQueryInfoKeyW
RegEnumValueW
CryptReleaseContext

ole32

CoTaskMemAlloc
OleSetClipboard
CreateStreamOnHGlobal
OleInitialize
CoInitialize
OleUninitialize
CoUninitialize
CoCreateGuid
CoCreateInstance
OleGetClipboard
ReleaseStgMedium
CoTaskMemFree

shlwapi

ColorHLSToRGB
StrCmpLogicalW
SHDeleteKeyW
SHAutoComplete

iphlpapi

AddIPAddress

secur32

EncryptMessage
ApplyControlToken
InitializeSecurityContextW
FreeCredentialsHandle
AcquireCredentialsHandleW
FreeContextBuffer
QueryContextAttributesW
DeleteSecurityContext
DecryptMessage

oledlg

ord6

wldap32

ord44

psapi

GetProcessMemoryInfo

Sections

.text
Size: 705KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9831ddfc67a5e6bf58f9c8c4a8431784

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

iphlpapi

secur32

oledlg

wldap32

psapi

Sections

.text Size: 705KB - Virtual size: 704KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 85KB - Virtual size: 134KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 705KB - Virtual size: 704KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 85KB - Virtual size: 134KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 4KB - Virtual size: 3KB