d73147ba6d1a6e5c84d780317292295423910acbba6933cc461eafb42884d978

Sharing

Copy URL

Twitter E-mail

General

Target

d73147ba6d1a6e5c84d780317292295423910acbba6933cc461eafb42884d978
Size

514KB
MD5

319f12fcd78758399c1ac7522bcf4f00
SHA1

8468d4094b1088fc4636848983499ea2847e8b2c
SHA256

d73147ba6d1a6e5c84d780317292295423910acbba6933cc461eafb42884d978
SHA512

111ac20e93e7ec4d9d4dbeed536edbcda14e6a81f4851e01bb50fc86e2eab7e458b230df7f28985d1ecefaff5f0190f726eee6210a69a6eda00237b3d0be9ea0
SSDEEP

6144:BmFGX4uirKOPce1ppMClDG2818jKgwYBdbMJblECKCqoBBcJUP1kstoCDeJe/JGV:BfXYj/d8uXVBdRhxJG1htoCDlGem

Score

N/A

Malware Config

Signatures

Files

d73147ba6d1a6e5c84d780317292295423910acbba6933cc461eafb42884d978
.exe windows x86

eec7e54e5360067bbf6931d1cb084b1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc100u

ord3436
ord5846
ord5824
ord2755
ord3361
ord11494
ord4512
ord7006
ord7005
ord6872
ord12878
ord980
ord5652
ord3628
ord5563
ord422
ord6869
ord1292
ord890
ord6140
ord9328
ord5118
ord11845
ord11209
ord11240
ord9498
ord7391
ord11236
ord11228
ord5261
ord3416
ord13568
ord13571
ord13569
ord13572
ord13567
ord13570
ord7179
ord11469
ord13267
ord10976
ord14162
ord2617
ord7126
ord11864
ord3625
ord3684
ord8530
ord13387
ord7108
ord13381
ord11477
ord11476
ord2164
ord4744
ord13854
ord11784
ord7548
ord7624
ord4086
ord1895
ord381
ord5828
ord11163
ord10058
ord8179
ord948
ord3397
ord6711
ord1645
ord1905
ord10081
ord1212
ord788
ord13392
ord7932
ord8599
ord5800
ord280
ord5799
ord13052
ord4802
ord6870
ord7901
ord3749
ord2748
ord8266
ord5809
ord3746
ord2746
ord8264
ord5802
ord2064
ord2068
ord3978
ord970
ord942
ord917
ord921
ord1934
ord13047
ord9525
ord12745
ord6842
ord13305
ord9493
ord8118
ord10064
ord3261
ord3380
ord812
ord2942
ord2833
ord11210
ord5468
ord8346
ord6109
ord897
ord1298
ord10906
ord12573
ord4805
ord12951
ord8181
ord10935
ord10934
ord10936
ord10933
ord10199
ord9621
ord10352
ord10265
ord11123
ord10412
ord3627
ord2981
ord2980
ord2756
ord5556
ord12606
ord2417
ord11206
ord10043
ord8393
ord2665
ord8347
ord1253
ord1229
ord6603
ord12948
ord4355
ord2185
ord5855
ord3446
ord4290
ord1987
ord5862
ord9551
ord4360
ord6843
ord1232
ord822
ord2251
ord3643
ord2825
ord5558
ord12610
ord2887
ord2884
ord7385
ord2418
ord14146
ord14148
ord14147
ord14145
ord14149
ord14132
ord14059
ord14060
ord8277
ord11081
ord3402
ord10937
ord13380
ord8112
ord11207
ord6247
ord10045
ord8390
ord2853
ord12724
ord11246
ord11244
ord1501
ord1508
ord1514
ord1512
ord1519
ord4388
ord4425
ord4396
ord4408
ord4404
ord4400
ord4430
ord4421
ord4392
ord4434
ord4413
ord4379
ord4383
ord4416
ord3999
ord14067
ord3992
ord2664
ord13382
ord7109
ord13388
ord6156
ord10725
ord12557
ord5276
ord2339
ord11116
ord3491
ord2952
ord2951
ord2852
ord11159
ord4642
ord4923
ord5115
ord8483
ord4901
ord5143
ord4645
ord4794
ord4623
ord6931
ord6932
ord6922
ord4792
ord7393
ord9333
ord8362
ord6604
ord296
ord1312
ord11838
ord1479
ord1450
ord2614
ord5229
ord4478
ord1310
ord286
ord902
ord1739
ord1300
ord2089

msvcr100

_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_fmode
__CxxFrameHandler3
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_time64
wcsftime
swscanf
_itow
_wtol
_wtoi
_localtime64_s
_mktime64
memset
memcpy
?_type_info_dtor_internal_method@type_info@@QAEXXZ

kernel32

GetStartupInfoW
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
FindResourceW
SizeofResource
LoadResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
EncodePointer
GetCommandLineW
lstrcatW
CreateDirectoryW
FreeLibrary
lstrcmpW
LoadLibraryW
DecodePointer
SetUnhandledExceptionFilter
QueryPerformanceCounter
lstrcpyW
lstrlenW
GetModuleFileNameW
GetTickCount
GetProcAddress
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW

user32

GetDC
EnableWindow
SendMessageW
LoadStringW
CopyRect
SetRect
SetRectEmpty
PostMessageW
GetWindowRect
DrawTextW
OffsetRect
FindWindowW
AppendMenuW
CreatePopupMenu
PtInRect
DrawIcon
ReleaseDC
UpdateWindow
SetTimer
KillTimer
SetCapture
LoadIconW
GetSystemMetrics
ReleaseCapture
TrackPopupMenu
SetWindowLongW
GetWindowLongW
ClientToScreen
InvalidateRect
GetParent
WindowFromPoint
GetCursorPos
wsprintfW
GetClientRect
LoadBitmapW
GetSysColor
IsIconic
LoadImageW
DestroyMenu

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateFontIndirectW
GetTextExtentPoint32W
SetBkMode
SetTextColor
GetStockObject
DeleteDC
GetObjectW
DeleteObject
SelectObject

shell32

SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoInitialize
CoUninitialize
CreateStreamOnHGlobal

gdiplus

GdipDrawImagePointsI
GdipFree
GdipAlloc
GdipDeleteMatrix
GdipDeleteBrush
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateMatrix
GdipTranslateMatrix
GdipCreateTexture
GdipCreateFromHDC
GdipSetWorldTransform
GdipGraphicsClear
GdipFillRectangleI
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateMatrix2
GdipRotateMatrix
GdipTransformMatrixPoints
GdipDrawImagePoints
GdiplusShutdown
GdiplusStartup
GdipLoadImageFromStream
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipDeleteFont
GdipCreateSolidFill
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetTextRenderingHint
GdipDrawString
GdipTransformMatrixPointsI
GdipCreateFont

winmm

PlaySoundW

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eec7e54e5360067bbf6931d1cb084b1f

Headers

DLL Characteristics

File Characteristics

Imports

mfc100u

msvcr100

kernel32

user32

gdi32

shell32

ole32

gdiplus

winmm

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 331KB - Virtual size: 330KB

.reloc Size: 109KB - Virtual size: 112KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 331KB - Virtual size: 330KB

.reloc
Size: 109KB - Virtual size: 112KB