3d212578c0d455b9b74c31bfe6bdbf5d29d01f0860da291648d09182ac366e4f

Sharing

Copy URL Twitter E-mail

General

Target

3d212578c0d455b9b74c31bfe6bdbf5d29d01f0860da291648d09182ac366e4f
Size

418KB
MD5

78dd66a6efb591e0455fe607a3b0d570
SHA1

e87066c240ab1099f8cf09c59030d5db09747118
SHA256

3d212578c0d455b9b74c31bfe6bdbf5d29d01f0860da291648d09182ac366e4f
SHA512

a541eb2307646f3a9c469384225202c75274a75b112505999e2c1ddfe71f6b1e6d094641c2daa046bb4a5a54f0e04274253a4032814734daec96634e356e7153
SSDEEP

12288:u8wJtCMVCwgLqTvHgBHHpVmPCQTrTjty7:fYgLqTvHgBHzmnTfjo

Score

N/A

Malware Config

Signatures

Files

3d212578c0d455b9b74c31bfe6bdbf5d29d01f0860da291648d09182ac366e4f
.exe windows x86

c0a653ebc3aca4b954d85dbf9b242be5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend

psapi

GetModuleFileNameExA
GetModuleBaseNameA

kernel32

GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
IsValidCodePage
GetOEMCP
GetACP
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
WriteConsoleW
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
HeapSize
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetProcAddress
GetModuleHandleW
GetCPInfo
LCMapStringW
LCMapStringA
RaiseException
RtlUnwind
HeapAlloc
GetStartupInfoA
GetCommandLineA
HeapFree
GetLastError
IsDebuggerPresent
SetStdHandle
CreateFileA
CreateFileW
GetLocaleInfoW
GetFileAttributesA
SetUnhandledExceptionFilter
GetCurrentDirectoryA
MulDiv
CloseHandle
OpenProcess
FindNextFileA
FindClose
FindFirstFileA
SetCurrentDirectoryA
GetCurrentProcess
SetEndOfFile
GetProcessHeap
ReadFile
UnhandledExceptionFilter
TerminateProcess
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection

user32

GetSystemMenu
SetRectEmpty
GetMonitorInfoA
GetMenuItemRect
SetWindowLongA
UnionRect
CreateWindowExA
MonitorFromWindow
IsWindowUnicode
SetWindowLongW
GetMenuItemCount
GetMessageA
TranslateMessage
DispatchMessageA
SystemParametersInfoA
GetAsyncKeyState
EnumChildWindows
UpdateLayeredWindow
DrawTextA
GetDC
ReleaseDC
LoadIconA
SendMessageA
GetIconInfo
DestroyIcon
GetClassLongA
GetClassNameA
GetWindowThreadProcessId
SetTimer
DestroyWindow
TrackPopupMenu
IsIconic
KillTimer
GetSubMenu
SetForegroundWindow
TrackMouseEvent
CreateMenu
RegisterWindowMessageA
EnumWindows
GetForegroundWindow
CheckMenuRadioItem
GetAncestor
SendMessageTimeoutA
GetCursorPos
GetMenuStringA
ShowWindow
AppendMenuA
IsWindow
PostMessageA
DeferWindowPos
BeginDeferWindowPos
IsWindowVisible
DestroyMenu
EndDeferWindowPos
SetCursor
GetWindowRect
SetActiveWindow
IsZoomed
GetParent
GetWindowLongA
DefWindowProcA
SetWindowPos
GetSystemMetrics
LoadCursorA
CheckMenuItem
RegisterClassA
FindWindowA
PostQuitMessage

gdi32

CreateFontIndirectA
GetStockObject
ExtTextOutA
SetTextColor
DeleteDC
CreateDIBSection
SetBkColor
SetBkMode
SelectObject
CreateCompatibleDC
CreateFontA
GetDeviceCaps
GetBitmapBits
DeleteObject
GetObjectA
GetTextExtentPoint32A

advapi32

RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

shell32

Shell_NotifyIconA

truetransparencyhook

_StartHook@8
_PauseHook@0
_StopHook@0

Sections

.text
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 69KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uvqqmhu
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c0a653ebc3aca4b954d85dbf9b242be5

Headers

DLL Characteristics

File Characteristics

Imports

msimg32

psapi

kernel32

user32

gdi32

advapi32

shell32

truetransparencyhook

Sections

.text Size: 265KB - Virtual size: 264KB

.rdata Size: 59KB - Virtual size: 58KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 69KB - Virtual size: 70KB

uvqqmhu Size: - Virtual size: 4KB

.text
Size: 265KB - Virtual size: 264KB

.rdata
Size: 59KB - Virtual size: 58KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 69KB - Virtual size: 70KB

uvqqmhu
Size: - Virtual size: 4KB