69ad4c13be942fe9fcbd8633f733405c1fd387e74e34d18de02b3b3871757086

Sharing

Copy URL Twitter E-mail

General

Target

69ad4c13be942fe9fcbd8633f733405c1fd387e74e34d18de02b3b3871757086
Size

173KB
MD5

6baf70b199039e828a08a1ced8fca094
SHA1

14a9fb81804fb5dad81bf5d0ca59ed26c27b9d29
SHA256

69ad4c13be942fe9fcbd8633f733405c1fd387e74e34d18de02b3b3871757086
SHA512

fd73691bbd1c57f564d4aa660909b44d12ada129a896ce21a71d35833541d14b4a2443b13ab7f9bf351bc340980f56c6649bef315d29951ce9b7c12ebc618407
SSDEEP

3072:JOTxNtU+5+KZz4z9WMkLupdUST1gQo5HJ+UFHGfTIkIVWohsQGR3JyiZ:w5j0az4NkLQUST1DMQzUXVW/QGR3JtZ

Score

N/A

Malware Config

Signatures

Files

69ad4c13be942fe9fcbd8633f733405c1fd387e74e34d18de02b3b3871757086
.exe windows x86

156c008baaeb61c9fa3244a1fb86a62d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextW
LoadImageW
MsgWaitForMultipleObjects
GetWindow
DispatchMessageW
CharLowerW
SendMessageTimeoutW
LoadCursorW
GetSystemMetrics
PostMessageW
EndDialog
GetDesktopWindow
GetMessageW
GetTopWindow
SetTimer
PeekMessageW
SetCursor
SendDlgItemMessageW
DialogBoxParamW
DestroyIcon
KillTimer
TranslateMessage
LoadStringW
GetClassNameA

setupapi

SetupCloseInfFile
SetupGetIntField
SetupGetBinaryField
SetupFindNextLine
SetupGetLineTextW
SetupGetStringFieldW
SetupOpenInfFileW
SetupFindFirstLineW

avifil32

AVIClearClipboard

ole32

CoTaskMemRealloc
StringFromGUID2
CoUninitialize
CoTaskMemAlloc
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CoGetComCatalog
CoCreateGuid

advapi32

LookupPrivilegeNameW
RegQueryInfoKeyW
RevertToSelf
AllocateAndInitializeSid
CopySid
RegOpenKeyExA
FreeSid
LookupPrivilegeValueW
RegCloseKey
RegEnumValueW
RegOpenKeyExW
RegSaveKeyW
CreateProcessAsUserW
InitializeSecurityDescriptor
SetFileSecurityW
EnumServicesStatusExW
AdjustTokenPrivileges
DuplicateTokenEx
RegDeleteValueW
OpenSCManagerW
RegQueryValueExW
ImpersonateLoggedOnUser
GetTokenInformation
RegCreateKeyExW
SetSecurityDescriptorOwner
RegSetValueExW
RegEnumKeyExW
ConvertStringSidToSidW
OpenProcessToken
RegQueryValueExA
CloseServiceHandle
RegEnumKeyW
GetLengthSid

kernel32

lstrlenW
CreateThread
VirtualAlloc
GetFileAttributesExW
GlobalFree
FindClose
GetVersionExW
GetVersion
UnmapViewOfFile
lstrlenA
DeleteCriticalSection
InterlockedCompareExchange
OpenEventW
LocalReAlloc
WritePrivateProfileStringW
EnumUILanguagesW
LoadLibraryW
RemoveDirectoryW
FlushFileBuffers
LocalAlloc
MultiByteToWideChar
GetLocalTime
GetProcAddress
SetFilePointer
LocalFree
GetModuleHandleW
GetVersionExA
LeaveCriticalSection
ExpandEnvironmentStringsW
MoveFileW
GetCurrentThreadId
GetUserDefaultUILanguage
lstrcmpiA
IsDBCSLeadByte
HeapAlloc
GetCurrentProcessId
FindFirstFileW
GetExitCodeThread
SetUnhandledExceptionFilter
CompareStringA
GetWindowsDirectoryW
FindNextFileW
DeleteFileW
WaitForSingleObject
WideCharToMultiByte
GetSystemDirectoryW
UnhandledExceptionFilter
FindResourceExW
CloseHandle
TerminateProcess
ReadFile
OutputDebugStringA
LoadLibraryExW
LoadResource
GetPrivateProfileStringA
DecodePointer
InterlockedDecrement
DisableThreadLibraryCalls
HeapFree
GetSystemDefaultUILanguage
InitializeCriticalSectionAndSpinCount
MoveFileExW
FindResourceW
GetComputerNameW
QueryPerformanceCounter
SearchPathW
lstrcmpW
GetPrivateProfileStringW
CreateFileW
FreeLibrary
CreateDirectoryW
OutputDebugStringW
GetModuleFileNameW
GetFileSize
GetTickCount
GetCurrentProcess
DelayLoadFailureHook
SetLastError
RtlUnwind
GetLocaleInfoW
ResumeThread
CopyFileW
GetFileAttributesW
GetLastError
FileTimeToSystemTime
CreateFileMappingW
LockResource
SizeofResource
GetPrivateProfileSectionW
LoadLibraryA
Sleep
SetFileAttributesW
InterlockedExchange
GetSystemTimeAsFileTime
MapViewOfFile
GetPrivateProfileIntW
WriteFile
GetProcessHeap
EnterCriticalSection
GetSystemInfo

Sections

.text
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

156c008baaeb61c9fa3244a1fb86a62d

Headers

DLL Characteristics

File Characteristics

Imports

user32

setupapi

avifil32

ole32

advapi32

kernel32

Sections

.text Size: 512B - Virtual size: 388B

.data Size: 52KB - Virtual size: 848KB

.reloc Size: 512B - Virtual size: 24B

.rsrc Size: 91KB - Virtual size: 91KB

.rdata Size: 22KB - Virtual size: 21KB

.idata Size: 5KB - Virtual size: 4KB

.text
Size: 512B - Virtual size: 388B

.data
Size: 52KB - Virtual size: 848KB

.reloc
Size: 512B - Virtual size: 24B

.rsrc
Size: 91KB - Virtual size: 91KB

.rdata
Size: 22KB - Virtual size: 21KB

.idata
Size: 5KB - Virtual size: 4KB