1448bd127b63df5d8e18217d04224e59c3b4238816f585a7cfac62b7448faf04

Sharing

Copy URL Twitter E-mail

General

Target

1448bd127b63df5d8e18217d04224e59c3b4238816f585a7cfac62b7448faf04
Size

162KB
MD5

66c64a95148eff2d1854b91c6b6e7450
SHA1

1392f922482b3ab517f87c77820c49a8f72f718c
SHA256

1448bd127b63df5d8e18217d04224e59c3b4238816f585a7cfac62b7448faf04
SHA512

660880cb08b110a714511d6a4deae5f66eb916af5a6e94976191c0ad7e5148c2cfa952eb2ac32b408ff916c05220005a105c316701b454775f8fcd1badc5f780
SSDEEP

3072:Gy+8fAFiiId2Al/FnBRDiyqKIO/sIJKQD+5lvSJWF+BIUI:Gy+8fAFiD/FnniAJhC5lvSJWgBIU

Score

N/A

Malware Config

Signatures

Files

1448bd127b63df5d8e18217d04224e59c3b4238816f585a7cfac62b7448faf04
.exe windows x86

1969d8f9f77b8b504d4eb05fade63cd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcmpW
GetCurrentProcess
GetCurrentThreadId
CreateSemaphoreW
InterlockedExchange
GetProcAddress
SetThreadPriority
GetTickCount
IsProcessorFeaturePresent
DebugBreak
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
MulDiv
HeapAlloc
InterlockedCompareExchange
LoadLibraryA
CreateEventA
WideCharToMultiByte
OutputDebugStringA
GetLastError
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetVersion
GetVersionExA
LocalAlloc
DeviceIoControl
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetDiskFreeSpaceA
lstrcmpiA
GetSystemTime
SystemTimeToFileTime
GlobalMemoryStatus
LocalFree
GetLocalTime
GetConsoleTitleA
GetConsoleOutputCP
FindResourceA
GetConsoleCP
GetModuleHandleW
CreateThread
InterlockedIncrement
HeapFree
GetProcessHeap
WaitForSingleObject
SetEvent
CloseHandle
GetModuleHandleA
WaitForMultipleObjects
CreateEventW
GetVersionExW
DisableThreadLibraryCalls
lstrlenW
MultiByteToWideChar
lstrlenA
GetModuleFileNameA
FreeLibrary
LoadLibraryW
ResetEvent
RtlUnwind
ReleaseSemaphore

user32

GetMonitorInfoW
IsIconic
IntersectRect
EqualRect
EnumDisplayMonitors
ReleaseDC
FillRect
GetDC
GetDesktopWindow
EnumDisplaySettingsW
InvalidateRect
EnumDisplayDevicesW
MapWindowPoints
MonitorFromWindow
DefWindowProcW
PostQuitMessage
SetForegroundWindow
GetWindowLongW
SetWindowLongW
MonitorFromRect
GetSystemMetrics
GetForegroundWindow
GetAncestor
GetWindowRect
IsRectEmpty
RegisterClassW
CreateWindowExW
IsWindow
PeekMessageW
WaitMessage
TranslateMessage
DispatchMessageW
ChangeDisplaySettingsExW
PostMessageW

gdi32

DeleteDC
BitBlt
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteObject
CreateSolidBrush

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryValueExW
RegOpenKeyW
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemFree
PropVariantClear
PropVariantCopy
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
StringFromGUID2

msvcrt

_controlfp
__getmainargs
_cexit
_exit
_XcptFilter
exit
_initterm
_amsg_exit
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ

winmm

timeBeginPeriod
timeEndPeriod

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.INIT
Size: 66KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1969d8f9f77b8b504d4eb05fade63cd8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

msvcrt

winmm

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 2KB - Virtual size: 1.0MB

fdata Size: 4KB - Virtual size: 4KB

.INIT Size: 66KB - Virtual size: 64KB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 2KB - Virtual size: 1.0MB

fdata
Size: 4KB - Virtual size: 4KB

.INIT
Size: 66KB - Virtual size: 64KB

.rsrc
Size: 68KB - Virtual size: 66KB