901b5df0cc71d369a3e54ed6f3b69ebee3d1a13753ceb21a11d1a02f741eea78

Sharing

Copy URL Twitter E-mail

General

Target

901b5df0cc71d369a3e54ed6f3b69ebee3d1a13753ceb21a11d1a02f741eea78
Size

178KB
MD5

61437cb66b1a3da85486f9db43b57e60
SHA1

2e16cfa1c728d43961f10bc1a4d84920d8a37f88
SHA256

901b5df0cc71d369a3e54ed6f3b69ebee3d1a13753ceb21a11d1a02f741eea78
SHA512

7aef832cb589b913781dcfc857e537b9322dd4a83d616c61fff08871394db6f8b33748dde23be2011ca71c481efdc96331109137836bd49de5ad40f70214af9d
SSDEEP

3072:L/evcip9NmDlv1urelymXW+CcCQXrMmU0O41HsjmxLfP0iJ02BK:gb9N2lNurwhtBU/41LfPpJ02g

Score

N/A

Malware Config

Signatures

Files

901b5df0cc71d369a3e54ed6f3b69ebee3d1a13753ceb21a11d1a02f741eea78
.exe windows x86

b84e1e068d7bc6a8ea9d6e42a3b982dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
GetConsoleCP
SetFilePointer
IsProcessorFeaturePresent
HeapReAlloc
LCMapStringW
RtlUnwind
LoadLibraryW
QueryPerformanceCounter
HeapCreate
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
WriteFile
ExitProcess
GetFileType
GetStdHandle
SetHandleCount
MultiByteToWideChar
FlushFileBuffers
ReadFile
HeapSize
SetStdHandle
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetThreadTimes
CloseHandle
GetLastError
SetThreadPriority
GetCurrentProcessId
lstrlenW
IsBadReadPtr
GetTickCount
GetModuleHandleW
WaitForSingleObject
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetCurrentProcess
GetEnvironmentStringsW
HeapAlloc
HeapFree
GetTimeFormatA
GetDateFormatA
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetProcAddress
Sleep
WideCharToMultiByte
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetUserDefaultLCID
GetLocaleInfoW
CreateFileW

user32

UpdateLayeredWindow
GetWindowRect
GetParent
LoadIconA
IsWindowEnabled
FindWindowW
GetClientRect
SetFocus
SendMessageA
GetDC
SetWindowLongA
IntersectRect
GetWindowLongA
CreateWindowExA
ReleaseDC
GetDlgItem
CharUpperW
SetWindowLongW
GetSysColor
LoadStringW
ShowWindow
GetSysColorBrush
IsWindow
CreateWindowExW
GetSystemMetrics
SendMessageW
EnableWindow
LoadCursorA
InvalidateRect

gdi32

GetTextExtentPoint32W
GetTextMetricsW
SetTextColor
DeleteDC
CreateDIBSection
CreateFontIndirectW
SetBkColor
DeleteObject
SelectObject
CreateCompatibleDC
GetTextExtentPointW
GetStockObject
GetLayout

shell32

ord100

shlwapi

StrCpyNW

comctl32

ord410

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b84e1e068d7bc6a8ea9d6e42a3b982dc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

comctl32

Sections

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 63KB - Virtual size: 84KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 63KB - Virtual size: 84KB

.rsrc
Size: 19KB - Virtual size: 18KB