a068ee8080d35107c59560ee9bebcb434ef0e8a24536bf787783e75f915ea5aa

Sharing

Copy URL

Twitter E-mail

General

Target

a068ee8080d35107c59560ee9bebcb434ef0e8a24536bf787783e75f915ea5aa
Size

255KB
MD5

02167a5a8aa6b282b365d7724a19ac10
SHA1

a1757b39cd83f5ab3a4d31c810c7b56870619155
SHA256

a068ee8080d35107c59560ee9bebcb434ef0e8a24536bf787783e75f915ea5aa
SHA512

84ecc58dd8297088673c68854215738a7a89d9272f5c9e14be0164bd1f34ffc6c0b7deda63dcf92bbcfdf6dce26a7c4fa580f858fae843a7d0c2af6dfa06d109
SSDEEP

6144:2PeSqysuMoYWECoOeTgqO5i4hTChhhh5abgrwaSjWECoOeTgqO5i4hTChhhh5Gsm:2G2XhaHJ

Score

N/A

Malware Config

Signatures

Files

a068ee8080d35107c59560ee9bebcb434ef0e8a24536bf787783e75f915ea5aa
.exe windows x86

b9ae32f9e5404c5c0a9753ef7f6eea5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

TraceMessage
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
GetAclInformation
GetAce
SetSecurityInfo
InitializeAcl
AddAce
CopySid
IsValidSid
GetLengthSid
EqualSid
ConvertStringSidToSidW
LookupAccountNameW
ConvertSidToStringSidW
GetSecurityInfo

kernel32

GlobalAlloc
WaitForMultipleObjects
CreateEventW
lstrcmpW
MulDiv
SetLastError
GetVersionExW
GlobalLock
lstrcpynW
CompareStringW
Sleep
GetProcAddress
InterlockedCompareExchange
LoadLibraryA
GlobalUnlock
FormatMessageW
CreateThread
LocalFree
OpenEventW
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
MultiByteToWideChar
lstrcpynA
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
RtlUnwind
OutputDebugStringA
GetStartupInfoW
VirtualAlloc
VirtualFree
GetVersion
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
DelayLoadFailureHook
FindResourceW
FindResourceExW
CloseHandle
lstrlenW
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
GetLastError
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
WaitForSingleObject
RaiseException
SetEvent

gdi32

GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC
GetStockObject

user32

DestroyAcceleratorTable
SetFocus
GetFocus
IsWindow
CreatePopupMenu
TrackPopupMenuEx
AppendMenuW
GetMenuItemCount
RemoveMenu
GetMenuItemInfoW
LoadStringA
MessageBeep
PtInRect
CreateAcceleratorTableW
GetSystemMetrics
SetForegroundWindow
GetCursorPos
GetWindowLongW
ShowWindow
SetWindowPos
GetDlgItem
MapWindowPoints
GetClientRect
SystemParametersInfoW
GetWindowRect
GetWindow
GetParent
DispatchMessageW
EndPaint
GetDesktopWindow
PeekMessageW
CharNextW
DestroyWindow
CreateWindowExW
RegisterClassExW
LoadImageW
wsprintfW
LoadCursorW
IsChild
GetClassInfoExW
LoadAcceleratorsW
LoadMenuW
LoadStringW
PostMessageW
SetTimer
KillTimer
RegisterWindowMessageW
EnableMenuItem
SetMenuDefaultItem
DestroyMenu
GetMonitorInfoW
MonitorFromPoint
SendMessageW
TrackPopupMenu
GetSubMenu
DefWindowProcW
SetWindowTextW
GetWindowTextW
CallWindowProcW
FillRect
ReleaseCapture
GetMessageW
BeginPaint
TranslateMessage
GetClassNameW
GetWindowTextLengthW
PostQuitMessage
GetSysColor
MoveWindow
ClientToScreen
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
RedrawWindow
SetCapture
UnregisterClassA
SetWindowLongW

msvcrt

_controlfp
_onexit
_lock
__dllonexit
_unlock
realloc
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
calloc
_errno
__CxxFrameHandler
_purecall
memset
??_U@YAPAXI@Z
wcsncpy
malloc
??2@YAPAXI@Z
free
memcpy
??_V@YAXPAX@Z
??3@YAXPAX@Z
memmove
_CxxThrowException

ole32

StringFromIID
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

gdiplus

GdiplusShutdown
GdipCloneImage
GdipDrawImageRectI
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipGetImageGraphicsContext
GdipCreateHICONFromBitmap
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipSetPropertyItem
GdipGetAllPropertyItems
GdipGetPropertySize
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusStartup

shlwapi

SHCreateStreamOnFileW

secur32

GetUserNameExW

netapi32

NetApiBufferFree
NetGetJoinInformation

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b9ae32f9e5404c5c0a9753ef7f6eea5a

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

ole32

gdiplus

shlwapi

secur32

netapi32

Sections

.text Size: 94KB - Virtual size: 94KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 94KB - Virtual size: 96KB

.reloc Size: 7KB - Virtual size: 7KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 94KB - Virtual size: 94KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 94KB - Virtual size: 96KB

.reloc
Size: 7KB - Virtual size: 7KB

.rmnet
Size: 56KB - Virtual size: 60KB