f8c8794eafa21c8b0907f1023eebae231a89d16df5f203c6bbe044dd93b7f2d3

Sharing

Copy URL Twitter E-mail

General

Target

f8c8794eafa21c8b0907f1023eebae231a89d16df5f203c6bbe044dd93b7f2d3
Size

874KB
MD5

1213a1fe37c39d83cd062e6c30f3ca70
SHA1

747741df9f0f81f6176a261062db0eef30bf1873
SHA256

f8c8794eafa21c8b0907f1023eebae231a89d16df5f203c6bbe044dd93b7f2d3
SHA512

88a79487dd665da119ecf43a3846cf89f5626a11531cbc6308f382f6251da7c9eb4577b35517ba9742e515247a6b96917e8600e2a476daffc7127cdd46f5ff47
SSDEEP

12288:lFdDjoJq/5kjZ59F7JYBTqLOvUo+jOPLTC9O0IvomiIvomiNG6RrAuM:VjXKjZ59FJYsMUzgTC9O0IHiIHiNK

Score

N/A

Malware Config

Signatures

Files

f8c8794eafa21c8b0907f1023eebae231a89d16df5f203c6bbe044dd93b7f2d3
.exe windows x86

da39e96e7dea1b79d3778201e9baccee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExW

netapi32

NetUserGetInfo
NetApiBufferFree

kernel32

GetWindowsDirectoryW
OpenProcess
LoadLibraryW
GetProcAddress
GetLogicalDriveStringsW
QueryDosDeviceW
FreeLibrary
SetFileAttributesW
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
DeleteCriticalSection
GetCommandLineW
LocalFree
CreateSemaphoreW
GetLastError
OutputDebugStringW
CreateFileA
GetTickCount
GetDriveTypeA
SetEnvironmentVariableA
CompareStringW
CompareStringA
OpenEventW
CreateEventW
Sleep
CloseHandle
GetModuleHandleW
InitializeCriticalSection
GetConsoleCP
GetConsoleMode
LCMapStringA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCurrentDirectoryA
GetFullPathNameW
LCMapStringW
RtlUnwind
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetTimeZoneInformation
GetProcessHeap
SetEndOfFile
SetFilePointer
SetStdHandle
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetSystemDirectoryW
SetEvent
GetCurrentThreadId
FindFirstFileW
FindClose
LocalAlloc
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
WriteFile
CreateFileW
CreateMutexW
WaitForSingleObject
OpenMutexW
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
FindResourceW
LoadResource
SizeofResource
ReadFile
GetFileSizeEx
LockResource
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
GlobalHandle
WideCharToMultiByte
MultiByteToWideChar
CreateDirectoryW
FileTimeToSystemTime
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
FileTimeToLocalFileTime
GetDriveTypeW
ExitThread
CreateThread
ExitProcess
GetFileType
HeapReAlloc
ResumeThread
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetModuleHandleA
HeapSize
GetStdHandle
GetModuleFileNameA
HeapCreate
VirtualFree
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter

user32

TranslateMessage
PeekMessageW
PostQuitMessage
PostMessageW
DispatchMessageW
BeginPaint
DefWindowProcW
DestroyWindow
EndDialog
FindWindowW
SetTimer
ShowWindow
GetSystemMetrics
EndPaint
ReleaseDC
GetDC
KillTimer
SetFocus
GetClientRect
MonitorFromRect
GetMonitorInfoW
GetWindowTextW
SubtractRect
MonitorFromPoint
IsRectEmpty
CallWindowProcW
GetPropW
SendMessageW
IsWindowVisible
CreateWindowExW
IsWindow
RedrawWindow
SetWindowLongW
UnionRect
LoadIconW
RegisterClassExW
SetPropW
GetClassInfoExW
SetRectEmpty
IsWindowEnabled
LoadCursorW
RemovePropW
SetCursor
MsgWaitForMultipleObjectsEx
InflateRect
DrawTextW
FillRect
LoadImageW
UpdateLayeredWindow
ReleaseCapture
SetCapture
GetCursorPos
ClientToScreen
PtInRect
OffsetRect
ScreenToClient
WindowFromPoint
GetWindowThreadProcessId
GetForegroundWindow
SystemParametersInfoW
GetWindowLongW
BringWindowToTop
GetWindowRect
IntersectRect
SetWindowPos

gdi32

SetTextColor
LineTo
GetTextExtentPoint32W
MoveToEx
GetStockObject
CreateSolidBrush
StretchBlt
BitBlt
GetObjectW
CreatePen
DeleteObject
CreateFontW
DeleteDC
SelectObject
CreateDIBSection
CreateCompatibleDC
SetBkMode

advapi32

AddAccessAllowedAceEx
RegOpenKeyExW
GetUserNameW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
GetSidLengthRequired
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW

ole32

CoInitialize
CoUninitialize

imm32

ImmDisableIME

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

msimg32

AlphaBlend

comctl32

_TrackMouseEvent

Sections

.text
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 91KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da39e96e7dea1b79d3778201e9baccee

Headers

DLL Characteristics

File Characteristics

Imports

psapi

netapi32

kernel32

user32

gdi32

advapi32

shell32

ole32

imm32

version

msimg32

comctl32

Sections

.text Size: 404KB - Virtual size: 403KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 7KB - Virtual size: 15KB

.rsrc Size: 295KB - Virtual size: 294KB

.reloc Size: 91KB - Virtual size: 92KB

.text
Size: 404KB - Virtual size: 403KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 7KB - Virtual size: 15KB

.rsrc
Size: 295KB - Virtual size: 294KB

.reloc
Size: 91KB - Virtual size: 92KB