2be464b24253c0c8e58ccca4412c20565d170a1c572c648f53bd81a5e45c6a92

Sharing

Copy URL Twitter E-mail

General

Target

2be464b24253c0c8e58ccca4412c20565d170a1c572c648f53bd81a5e45c6a92
Size

1.9MB
MD5

33ff99fb842a1ae3accb085c80117bf0
SHA1

68d4e3a8a070a6f0cf2b7b2193c5fb3dd02e9318
SHA256

2be464b24253c0c8e58ccca4412c20565d170a1c572c648f53bd81a5e45c6a92
SHA512

71b483dd89c2bfcf6ae646b7ffcef17c7f3ab094a6006b4f02af64f18a32cff2df8114f22710aceab07a722991f88d6e8ebf78ede31f8c39db47ce0c5bdc3d0d
SSDEEP

12288:GuvE6B8taUYXi5ozw2MaPjtYGeq5o6S3n9imvGNkHSlhWb/AkdPoNvMk17hBeZj6:GuvEttnaPijJHTrmhBew

Score

N/A

Malware Config

Signatures

Files

2be464b24253c0c8e58ccca4412c20565d170a1c572c648f53bd81a5e45c6a92
.exe windows x86

866214948062da4dff9990ed746c8987

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

PropertySheetW
CreatePropertySheetPageW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

GetSystemDirectoryW
ReadFile
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapSize
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
GetModuleHandleA
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetCommandLineW
WaitForSingleObject
ReleaseMutex
DeleteFileW
GetSystemWow64DirectoryW
FindFirstFileW
FindNextFileW
FindClose
RemoveDirectoryW
SetFileAttributesW
MoveFileExW
GetWindowsDirectoryW
CreateFileW
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
SetFilePointer
SetEndOfFile
CreateProcessW
GetExitCodeProcess
CloseHandle
GetCurrentThread
LocalAlloc
LocalFree
GetCurrentProcess
lstrcmpiW
lstrcmpA
WideCharToMultiByte
GetUserDefaultLCID
GetUserDefaultLangID
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetVersionExW
Sleep
lstrlenW
CreateMutexW
GetLastError
lstrcmpW
LoadLibraryW
OutputDebugStringW
MultiByteToWideChar
GetModuleHandleW
GetProcAddress
FreeLibrary
HeapCreate
HeapReAlloc
VirtualAlloc
VirtualFree
EnterCriticalSection
HeapAlloc
HeapFree
RtlUnwind
RaiseException
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection

user32

CheckRadioButton
SetWindowLongW
IsDlgButtonChecked
PostMessageW
FindWindowExW
IsWindowVisible
PostQuitMessage
PtInRect
MessageBoxW
SystemParametersInfoW
ReleaseDC
SendDlgItemMessageW
ExitWindowsEx
GetClassNameW
MapWindowPoints
MapDialogRect
InvalidateRect
CallWindowProcW
LoadImageW
DestroyWindow
SetWindowTextW
KillTimer
LoadStringW
GetClientRect
GetWindowRect
ScreenToClient
MoveWindow
DialogBoxParamW
EndDialog
SetTimer
IsWindow
GetDC
LoadCursorW
RegisterClassExW
CreateWindowExW
UpdateWindow
DefWindowProcW
BeginPaint
EndPaint
FindWindowW
EnumDisplaySettingsExW
GetSystemMetrics
ChangeDisplaySettingsW
IsWindowEnabled
ShowWindow
SendMessageW
GetDlgItem
EnableWindow
SetDlgItemTextW
CheckDlgButton
SetFocus
GetWindowLongW
GetParent
EnumDisplaySettingsW

gdi32

CreateFontW
GetDeviceCaps
GetObjectW
CreateBrushIndirect
PatBlt
GetPixel
CreateCompatibleDC
CreateBitmap
CreateCompatibleBitmap
SetStretchBltMode
StretchBlt
BitBlt
SetBkColor
GetStockObject
CreateFontIndirectW
SetBkMode
SelectObject
SetTextColor
GetTextExtentPoint32W
TextOutW
DeleteObject
CreateDCW
DeleteDC

advapi32

AddAccessAllowedAce
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegFlushKey
RegEnumKeyExW
RegLoadKeyW
RegUnLoadKeyW
RegDeleteKeyW
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
RegCloseKey
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
FreeSid
RegCreateKeyExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegSetValueExW

shell32

ShellExecuteW

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

866214948062da4dff9990ed746c8987

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 200KB - Virtual size: 199KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 11KB - Virtual size: 52KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 200KB - Virtual size: 199KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 11KB - Virtual size: 52KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.rmnet
Size: 56KB - Virtual size: 60KB