295a9bbda4bf42c7ff93001b7f3f5d9e346931b0092b3133468df348f8efe3c7

Sharing

Copy URL

Twitter E-mail

General

Target

295a9bbda4bf42c7ff93001b7f3f5d9e346931b0092b3133468df348f8efe3c7
Size

282KB
MD5

38d5ee6f7e7c11bb2765f3ab22248720
SHA1

d04ca57a4ccc231fcfa82b5592b801183fb63259
SHA256

295a9bbda4bf42c7ff93001b7f3f5d9e346931b0092b3133468df348f8efe3c7
SHA512

03bf54248f49222ee9dcaafd132f7ec43ad9f6184ef278889b7989c1b92ab5374b7c7cb72ae1955ca36ce146722df95f268c614880aeaced5d3cdb7389089dfe
SSDEEP

6144:bze6eOWxZvOewqe9tBIexqbjFOtXBRRM24yRZt0jPIM:bS6lofwf3ZEfA5nRt4yRUv

Score

N/A

Malware Config

Signatures

Files

295a9bbda4bf42c7ff93001b7f3f5d9e346931b0092b3133468df348f8efe3c7
.exe windows x86

76ffa3827874cc4ce23a39ba17540d35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__CxxFrameHandler
wcslen
sscanf
wcstombs
_wtoi64
_ui64tow
_i64tow
wcscmp
_purecall
wcschr
swscanf
wcsncpy
iswspace
printf
_CxxThrowException
free
_initterm
malloc
_vsnwprintf
__dllonexit
_onexit
?terminate@@YAXXZ
wcstoul
memmove

kernel32

ExpandEnvironmentStringsW
GetFileAttributesW
CreateDirectoryW
CreateMutexA
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
lstrlenW
LeaveCriticalSection
DebugBreak
DeleteCriticalSection
LCMapStringW
InitializeCriticalSection
EnterCriticalSection
lstrcpynW
FormatMessageW
LocalFree
GetLastError
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CloseHandle
GetSystemDirectoryW
DeleteFileW
GetSystemPowerStatus
GetCommandLineW
ReadFile
SetFilePointer
GetStdHandle
GetCommConfig
MultiByteToWideChar
PrepareTape
GetCPInfoExW
SetVolumeMountPointA
CmdBatNotification
HeapSize
RemoveLocalAlternateComputerNameW
InvalidateConsoleDIBits
SetHandleContext
FatalExit
GetEnvironmentStringsW
QueryMemoryResourceNotification
GetBinaryTypeW
Toolhelp32ReadProcessMemory
SetFirmwareEnvironmentVariableW
OutputDebugStringA
TzSpecificLocalTimeToSystemTime
OpenProcess
IsBadReadPtr
EnumDateFormatsExW
WriteFileGather
MoveFileWithProgressW
SetConsoleCursorInfo
LocalLock
FindClose
MoveFileExW
TlsAlloc
VerifyConsoleIoHandle
BackupRead
GetModuleHandleExW
IsBadHugeReadPtr
IsBadWritePtr
FindNextChangeNotification
Module32Next
CreateWaitableTimerW
GetProfileStringW
FindActCtxSectionStringA
GetSystemDefaultUILanguage
TryEnterCriticalSection
GetConsoleMode
GetLongPathNameA
BuildCommDCBA
lstrcpynA
GetConsoleCommandHistoryW
GetCPInfoExA
LoadResource
VDMConsoleOperation
DisconnectNamedPipe
ConnectNamedPipe
SetComputerNameExW
DuplicateConsoleHandle
InterlockedPushEntrySList
QueryActCtxW
CreateProcessInternalA
InitializeSListHead
SetFilePointerEx
AttachConsole
EscapeCommFunction
OutputDebugStringW
FileTimeToSystemTime
GetDiskFreeSpaceExW
GetHandleContext
GetConsoleFontInfo
GetFileType
GlobalFree
VerifyVersionInfoA
SetFileShortNameW
DeleteTimerQueueEx
GetNumaHighestNodeNumber
lstrcmp
VirtualAlloc
GlobalMemoryStatusEx
GetBinaryTypeA
VerLanguageNameA
SetConsoleKeyShortcuts
SearchPathW
DeactivateActCtx
CancelWaitableTimer
ReleaseMutex
SetUserGeoID
GetNamedPipeInfo
GetConsoleAliasExesLengthW
GetProcessVersion
TlsSetValue
SetConsoleNlsMode
ZombifyActCtx
FileTimeToDosDateTime
GetNumberOfConsoleInputEvents
CreateFileMappingA
ConvertThreadToFiber
GetLongPathNameW
SetThreadExecutionState
DebugActiveProcessStop
CreateEventA
SetProcessWorkingSetSize
VirtualProtect
UnlockFileEx
LZCloseFile
GetProfileIntA
SetConsoleCtrlHandler
VirtualQuery
FreeEnvironmentStringsA
GetProfileIntW
GetModuleHandleA
CreateThread
CreateNamedPipeW
GetSystemInfo
GetConsoleTitleA
ReadDirectoryChangesW
CopyLZFile
FindFirstChangeNotificationW
GetFileInformationByHandle
lstrcpyA
GetPrivateProfileSectionA
GetCommState
NlsGetCacheUpdateCount
GetProcessPriorityBoost
GetHandleInformation
GetUserDefaultUILanguage
WritePrivateProfileSectionA
FoldStringA
IsValidLanguageGroup
GetConsoleHardwareState
GetThreadContext
OpenJobObjectW
GetDateFormatA
ScrollConsoleScreenBufferA
GetPrivateProfileStructA
FreeEnvironmentStringsW
CreateRemoteThread
GetShortPathNameA
GlobalDeleteAtom
GetConsoleCharType
GetCommModemStatus
OpenJobObjectA
SetWaitableTimer
FindFirstVolumeW
CreateFileA
EnumResourceLanguagesA
ExitThread
CopyFileExA
FillConsoleOutputCharacterW
GetExitCodeThread
ExpandEnvironmentStringsA
GetEnvironmentStrings
PulseEvent
WriteConsoleInputA
EnumDateFormatsW
GetSystemWow64DirectoryA
SetConsoleInputExeNameW
DuplicateHandle
HeapLock
GetACP
FatalAppExitW
GlobalAddAtomW
ContinueDebugEvent
BaseCleanupAppcompatCacheSupport
ReleaseActCtx
GetTapePosition
UpdateResourceA
RegisterWaitForSingleObjectEx
GetConsoleAliasW
BackupWrite
IsProcessInJob
AddLocalAlternateComputerNameW
WaitForSingleObject
Heap32ListNext
RaiseException
LoadLibraryW
ReadFileEx
EnumCalendarInfoW
GetExitCodeProcess
IsSystemResumeAutomatic
PurgeComm
FindAtomA
LZOpenFileW
SetMailslotInfo
CreatePipe
GetThreadTimes
FreeLibraryAndExitThread
lstrcmpi
SetNamedPipeHandleState
GetVolumePathNameA
RegisterConsoleVDM
CreateSocketHandle
LZInit
GetVersionExA
RegisterWowExec
OpenMutexW
Module32FirstW
IsBadHugeWritePtr
CreateProcessW
GetVolumeInformationA
UTRegister
LocalFlags
EnumResourceTypesA
PrivCopyFileExW
OpenWaitableTimerW
SetLocalTime
GetPrivateProfileStringA
OpenFile
WideCharToMultiByte
RequestWakeupLatency
SystemTimeToFileTime
Process32FirstW
WritePrivateProfileStructA
FreeLibrary
GetEnvironmentVariableW
QueryDosDeviceA
SetEnvironmentVariableW
CloseProfileUserMapping
EnumSystemLocalesW
lstrlen
SetMessageWaitingIndicator
SetCriticalSectionSpinCount
SetThreadAffinityMask
GlobalLock
GetTimeZoneInformation
DeviceIoControl
CommConfigDialogA
CreateActCtxW
SetCommConfig
HeapSetInformation
DebugSetProcessKillOnExit
LZCreateFileW
EnumSystemLanguageGroupsA
GetConsoleDisplayMode
GetShortPathNameW
SetConsoleNumberOfCommandsW
GetConsoleCursorInfo
FindVolumeClose
CloseConsoleHandle
RtlCaptureContext
CreateIoCompletionPort
GetCalendarInfoA
DosPathToSessionPathA
GetUserDefaultLangID
DeleteAtom
GetCurrencyFormatA
EnumResourceLanguagesW
GetConsoleKeyboardLayoutNameW
EndUpdateResourceA
ReplaceFile
ReleaseSemaphore
SetConsoleFont
LockResource
CreateJobSet
QueryDosDeviceW
UnlockFile
LocalSize
GetNumaNodeProcessorMask
GetBinaryType
SetSystemTime
GetConsoleNlsMode
GlobalFix
FindFirstChangeNotificationA
GetNumaAvailableMemoryNode
DeleteFileA
HeapUnlock
DeleteTimerQueueTimer
SetCommMask
RtlMoveMemory
PostQueuedCompletionStatus
GetCommandLineA
BindIoCompletionCallback
GetDiskFreeSpaceA
VerSetConditionMask
WaitForMultipleObjectsEx
GetDefaultCommConfigA
GetLogicalDriveStringsW
GetLocaleInfoW
IsBadCodePtr
LocalAlloc
EnumTimeFormatsW
EnumLanguageGroupLocalesW
OpenThread
ProcessIdToSessionId
Module32NextW
FillConsoleOutputCharacterA
WaitForMultipleObjects
BaseInitAppcompatCacheSupport
GlobalCompact
lstrlenA
FindNextFileW
GetUserGeoID
GetDiskFreeSpaceW
SetEnvironmentVariableA
SetComputerNameA
GetFileAttributesA
SetProcessShutdownParameters
GetCurrentActCtx
RtlCaptureStackBackTrace
HeapSummary
MapUserPhysicalPages
BuildCommDCBAndTimeoutsW
InterlockedFlushSList
SetConsoleActiveScreenBuffer
UpdateResourceW
GetTempPathA
SetInformationJobObject
SetConsoleTitleW
GetComputerNameExA
GetModuleFileNameA
LoadLibraryA
BaseCheckAppcompatCache
MapViewOfFile
SetConsoleWindowInfo
FoldStringW
GetConsoleAliasA
ExitProcess
GetSystemTime
SetProcessPriorityBoost
EnumCalendarInfoA
GetVolumeInformationW
IsBadStringPtrW
FindNextVolumeW
SetVolumeLabelA
SetVolumeLabelW
GetFullPathNameA
GetLogicalDriveStringsA
GetCompressedFileSizeW
GetConsoleAliasExesA
WriteConsoleOutputCharacterW
FindResourceA
CreateDirectoryA
LocalUnlock
GetPrivateProfileIntA
GetCommProperties
AssignProcessToJobObject
ReadConsoleInputW
CreateFiberEx
WritePrivateProfileStringA
SetConsoleScreenBufferSize
BuildCommDCBAndTimeoutsA
SetCalendarInfoW
FindActCtxSectionStringW
ResetWriteWatch
RequestDeviceWakeup
Heap32Next
SetConsoleCursor
FreeResource
GetTapeStatus
BaseFlushAppcompatCache
EnumDateFormatsA
EnumCalendarInfoExA
RemoveLocalAlternateComputerNameA
OpenSemaphoreA
InterlockedExchangeAdd
GetConsoleTitleW
CreateNamedPipeA
EnumSystemCodePagesW
GetNamedPipeHandleStateW
GetConsoleCommandHistoryLengthW
CompareFileTime
SearchPathA
DefineDosDeviceW
GlobalHandle
WriteConsoleA
GetAtomNameW
OpenEventA
EnumCalendarInfoExW
FindFirstVolumeMountPointW
GetSystemWow64DirectoryW
FillConsoleOutputAttribute
GetStringTypeA
HeapValidate
lstrcmpA
GetPrivateProfileSectionNamesA
GetProfileStringA
GetOEMCP
Thread32First
SetConsolePalette
SetSystemPowerState
GlobalAddAtomA
WaitNamedPipeW
GlobalUnfix
SetLocaleInfoW
GetMailslotInfo
CompareStringW
ReadConsoleW
SetThreadPriority
WritePrivateProfileStructW
SetCommState
GetProcessTimes
SetHandleCount
Process32Next
ConvertDefaultLocale
InterlockedExchange
CreateTimerQueueTimer
LZSeek
GetConsoleAliasExesW
IsProcessorFeaturePresent
GetVolumePathNameW
BuildCommDCBW
GetProcessShutdownParameters
FindFirstFileExA
RtlZeroMemory
GetConsoleWindow
CreateProcessA
GetProcessWorkingSetSize
ReplaceFileA
FindFirstFileA
ReadConsoleOutputW
EnumSystemLanguageGroupsW
EnumLanguageGroupLocalesA
SetEvent
ResetEvent
FindNextFileA

advapi32

RegQueryValueExW
RegCreateKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
RegOpenKeyW
RegDeleteKeyW
RegCreateKeyW
RegSetValueExW

user32

LoadStringW
LoadStringA
LoadBitmapA

ole32

CoCreateFreeThreadedMarshaler
StringFromGUID2
CoCreateInstance

gdi32

GetBitmapBits
ScaleViewportExtEx
SelectPalette
EndPath
GetTextCharset
GdiEntry14
RectInRegion
EngPaint
ExtEscape
SetWinMetaFileBits
GetEnhMetaFileDescriptionA
CloseEnhMetaFile
GdiEntry9
GetEUDCTimeStampExW
ModifyWorldTransform
LineDDA
PolylineTo
GdiGetCodePage
DdEntry28
GetPixel
GetTextExtentPointI
CreatePolygonRgn
ExtFloodFill
MaskBlt
CloseFigure
CreateRectRgn
SetDIBitsToDevice
GdiEntry10
DdEntry11
CreateColorSpaceA
GdiGetLocalDC
PlgBlt
GetROP2
CreateDiscardableBitmap
CLIPOBJ_bEnum
gdiPlaySpoolStream
GdiConsoleTextOut
PtVisible
GetEnhMetaFileBits
GetCharABCWidthsW
Rectangle
PolyBezier
EngUnicodeToMultiByteN
CheckColorsInGamut
EngGradientFill
IntersectClipRect
GdiConvertDC
SetFontEnumeration
PathToRegion
EudcUnloadLinkW
MirrorRgn

Sections

CODE
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

DATA
Size: 12KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76ffa3827874cc4ce23a39ba17540d35

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

ole32

gdi32

Sections

CODE Size: 96KB - Virtual size: 96KB

.idata Size: 7KB - Virtual size: 61KB

.idata Size: 1KB - Virtual size: 30KB

.rdata Size: 15KB - Virtual size: 14KB

.pdata Size: 3KB - Virtual size: 84KB

DATA Size: 12KB - Virtual size: 206KB

.rsrc Size: 141KB - Virtual size: 140KB

CODE
Size: 96KB - Virtual size: 96KB

.idata
Size: 7KB - Virtual size: 61KB

.idata
Size: 1KB - Virtual size: 30KB

.rdata
Size: 15KB - Virtual size: 14KB

.pdata
Size: 3KB - Virtual size: 84KB

DATA
Size: 12KB - Virtual size: 206KB

.rsrc
Size: 141KB - Virtual size: 140KB