dbe4cb232aafb8da47dc0bd3dee9445fdfaa5919dc62b4b7c27493768fe4e876

Sharing

Copy URL Twitter E-mail

General

Target

dbe4cb232aafb8da47dc0bd3dee9445fdfaa5919dc62b4b7c27493768fe4e876
Size

540KB
MD5

6a2f32a27a88ec8ffe236126b1eeb740
SHA1

745a4fd9ce5e3371224bf9950d9f8746c784987a
SHA256

dbe4cb232aafb8da47dc0bd3dee9445fdfaa5919dc62b4b7c27493768fe4e876
SHA512

d9fb69574ee8e54caa90b738ab992865c50b302e4abde57cc45feb0032640cfab06d749da4847e44efff66772f1971d2ef66b8cafadffadf4af4b8422198d177
SSDEEP

12288:+w1uyO9l+swQlSlKCBHRLrGsmllRyDvdK5+sou33pBCi63ZEA7Hg96pTzo:+w1Gl+swGSNnLrIlHqA5+sou35BCi6pQ

Score

N/A

Malware Config

Signatures

Files

dbe4cb232aafb8da47dc0bd3dee9445fdfaa5919dc62b4b7c27493768fe4e876
.exe windows x86

368912c9d75b753feb1afbb66764752a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

Imports

kernel32

LoadLibraryA
SetConsoleWindowInfo
CloseHandle
GetCurrentProcessId
CompareStringW
CreateFileW
FlushFileBuffers
SetStdHandle
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
LCMapStringW
GetStringTypeW
GetProcAddress
FreeEnvironmentStringsW
GetModuleFileNameA
QueryPerformanceCounter
GetTimeZoneInformation
LoadLibraryW
ExitProcess
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
SetFilePointer
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
WriteFile
RtlUnwind
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
IsBadReadPtr
HeapValidate
GetLastError
GetStdHandle
GlobalUnlock
SetConsoleTitleA
ReadFile
HeapCreate
GetConsoleWindow
Sleep
GlobalAlloc
GetConsoleTitleA
GetTickCount
SetConsoleScreenBufferSize
GlobalLock
HeapAlloc
FreeLibrary
GetFileSize
CreateFileA
GetEnvironmentStringsW
GetCommandLineW
SetLastError
GetModuleHandleW
TlsFree
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
SetEnvironmentVariableA
GetCPInfo
GetOEMCP
GetACP
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
GetModuleFileNameW
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
DecodePointer
MultiByteToWideChar
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection

user32

LoadCursorA
FindWindowA
ShowWindow
GetDesktopWindow
CreateWindowExA
GetWindowLongA
GetDialogBaseUnits
SetWindowPos
SetWindowRgn
ScreenToClient
GetWindowRect
RegisterClassExA
SendDlgItemMessageA
GetWindowDC
LoadStringA
FillRect
GetFocus
LoadIconA
IsWindowEnabled
wsprintfA
GetClientRect
GetWindowTextLengthA
SendMessageA
BeginPaint
EnumWindows
GetWindowTextA
SetRect
SetWindowLongA

gdi32

LineTo
DeleteDC
StretchBlt
ExcludeClipRect
DeleteObject
SelectObject
SelectClipRgn
CreateCompatibleDC
CreateRectRgnIndirect
Rectangle
SaveDC
SetDCPenColor
CreateBitmapIndirect
CreateICA
GetObjectA
GetStockObject
CreateSolidBrush
MoveToEx

shell32

CommandLineToArgvW
SHGetPathFromIDListA
SHBrowseForFolderA

ole32

CoInitialize
CreateStreamOnHGlobal

oleaut32

OleLoadPicture
OleSavePictureFile

winmm

timeGetTime
timeBeginPeriod

gdiplus

GdipCreateBitmapFromFile
GdiplusStartup
GdipDisposeImage

setupapi

SetupDiGetClassDevsA

powrprof

GetPwrDiskSpindownRange

Sections

.text
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fly
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

368912c9d75b753feb1afbb66764752a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

winmm

gdiplus

setupapi

powrprof

Sections

.text Size: 356KB - Virtual size: 356KB

.rdata Size: 40KB - Virtual size: 40KB

.data Size: 4KB - Virtual size: 12KB

.fly Size: 21KB - Virtual size: 21KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 99KB - Virtual size: 98KB

.reloc Size: 17KB - Virtual size: 16KB

.text
Size: 356KB - Virtual size: 356KB

.rdata
Size: 40KB - Virtual size: 40KB

.data
Size: 4KB - Virtual size: 12KB

.fly
Size: 21KB - Virtual size: 21KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 99KB - Virtual size: 98KB

.reloc
Size: 17KB - Virtual size: 16KB