1bb74d93d0c3029f5c3c984dd78eebbaf7eef0c5bc072e7a04ed9ef9053e6bd9

Sharing

Copy URL Twitter E-mail

General

Target

1bb74d93d0c3029f5c3c984dd78eebbaf7eef0c5bc072e7a04ed9ef9053e6bd9
Size

381KB
MD5

57de253c207d1b3d092e0baba5461900
SHA1

32e4a7e3c1012f0711d46fcbcf27f1cc9a69b490
SHA256

1bb74d93d0c3029f5c3c984dd78eebbaf7eef0c5bc072e7a04ed9ef9053e6bd9
SHA512

6832b7c99a55002b2f3aefb909e9f60e45631e0667ea2d6414275e2269c36f8de82c93e198e1997eb81855122244e1d309572fcd770143af40a6e96a16ad7da9
SSDEEP

6144:+LunSmeHp7ZOv82LklmyHv72RfS155ONNXBuWoJBO9OMbHLkAqF7Ief9UmM7/uT:+ZmjuTHD2EB0NxDIBuOFe7/uT

Score

N/A

Malware Config

Signatures

Files

1bb74d93d0c3029f5c3c984dd78eebbaf7eef0c5bc072e7a04ed9ef9053e6bd9
.exe windows x86

0c8932413af3bc197c758886331fe9ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crt

ord33
ord133
ord77

kernel32

FlushInstructionCache
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpW
CreateProcessW
CloseHandle
GetModuleHandleW
GetProcAddress
FreeLibrary
lstrcmpiW
MultiByteToWideChar
LoadLibraryExW
CreateMutexW
SetUnhandledExceptionFilter
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation
Sleep
InterlockedExchange
DecodePointer
EncodePointer
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetCurrentProcessId
InterlockedIncrement
InterlockedDecrement
lstrlenW
GetCurrentProcess
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetTickCount
GetSystemTimeAsFileTime
GetLastError
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
RaiseException
SetLastError

user32

CallWindowProcW
InvalidateRect
UnregisterClassA
GetDC
DestroyWindow
IsWindow
SendMessageW
RegisterClassExW
LoadCursorW
DefWindowProcW
SetWindowLongW
GetWindowLongW
DestroyAcceleratorTable
GetDesktopWindow
CreateDialogParamW
FindWindowW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
ShowWindow
EndDialog
SetForegroundWindow
SetWindowRgn
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
GetWindowRect
PostQuitMessage
LoadIconW
IsDialogMessageW
InvalidateRgn
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
BeginPaint
EndPaint
IsChild
GetFocus
SetFocus
GetWindow
GetDlgItem
GetClassNameW
GetSysColor
CharNextW
SetWindowPos
RedrawWindow
GetClassInfoExW
CreateWindowExW
CreateAcceleratorTableW
ClientToScreen
GetParent
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
FillRect
GetClientRect
ReleaseDC

gdi32

CreateRoundRectRgn
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
BitBlt
DeleteDC
GetStockObject
GetObjectW
GetDeviceCaps

advapi32

RegSetValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW

ole32

OleUninitialize
CoTaskMemAlloc
StringFromGUID2
OleLockRunning
CreateStreamOnHGlobal
CoCreateInstance
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemFree
OleInitialize

oleaut32

VariantInit
OleCreateFontIndirect
VarUI4FromStr
SysAllocStringLen
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString
VariantClear
LoadRegTypeLi

shlwapi

PathAppendW

comctl32

InitCommonControlsEx

msvcr100

_lock
__dllonexit
_unlock
?terminate@@YAXXZ
memset
wcsstr
wcsncpy_s
_purecall
vswprintf_s
_vscwprintf
malloc
??_U@YAPAXI@Z
free
_recalloc
_wcsicmp
rand
srand
_wtol
wcschr
_onexit
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_configthreadlocale
__setusermatherr
_CxxThrowException
_commode
_fmode
__set_app_type
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_invoke_watson
_controlfp_s
_initterm_e
wmemcpy_s
memmove_s
swprintf_s
??_V@YAXPAX@Z
??2@YAPAXI@Z
memcpy_s
??3@YAXPAX@Z
__CxxFrameHandler3
_crt_debugger_hook

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.tc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0c8932413af3bc197c758886331fe9ca

Headers

DLL Characteristics

File Characteristics

Imports

crt

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

comctl32

msvcr100

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 50KB - Virtual size: 50KB

.reloc Size: 7KB - Virtual size: 7KB

.tc Size: 244KB - Virtual size: 244KB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 50KB - Virtual size: 50KB

.reloc
Size: 7KB - Virtual size: 7KB

.tc
Size: 244KB - Virtual size: 244KB