659e2230ec6532edbdb07c4286dda568f31d8693760cefd1216f326fcbd663af

Sharing

Copy URL

Twitter E-mail

General

Target

659e2230ec6532edbdb07c4286dda568f31d8693760cefd1216f326fcbd663af
Size

368KB
MD5

67d6382ea5ca9b2639cdb23866f45c79
SHA1

4a94eb49084446cefb9db775ba7fa0452a3e4afe
SHA256

659e2230ec6532edbdb07c4286dda568f31d8693760cefd1216f326fcbd663af
SHA512

09eef1d438aee77854826e1fbd07f83b67e9620ca10a5af0d756456a822aa2a9c03a6d181c15f9ac511d87f0151643a83ec991438aba8878f2696acd751ff5ab
SSDEEP

6144:iHhS4AwWPUAEibLJl7UO7Sg9csjq41rNA3hyGMghRaoK4tyZg2ZLX/MAq+gMl7C:iBjANUAx3j7UV4/AxThooK0yZZ9/Lq+c

Score

N/A

Malware Config

Signatures

Files

659e2230ec6532edbdb07c4286dda568f31d8693760cefd1216f326fcbd663af
.exe windows x86

42867d24cbc78b1bc99c325531be77de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
IsValidCodePage
GetOEMCP
GetACP
CloseHandle
SetFilePointer
ReadFile
HeapSize
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetProcAddress
GetCurrentThreadId
GetSystemTimeAsFileTime
GetModuleHandleW
TlsFree
TlsSetValue
GetStringTypeW
GetLocaleInfoW
HeapReAlloc
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LoadLibraryW
WriteConsoleW
SetStdHandle
CreateFileA
CreateFileW
SetEndOfFile
GetStdHandle
GetConsoleScreenBufferInfo
FindResourceA
GetModuleFileNameA
FreeLibrary
GetVersion
ExitProcess
WaitForSingleObject
Sleep
HeapCreate
HeapAlloc
TlsGetValue
TlsAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LoadResource
GetModuleHandleA
GetProcessHeap
IsProcessorFeaturePresent
GetCPInfo
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
GetStartupInfoW
HeapSetInformation
GetCommandLineA
RtlUnwind
RaiseException
GetLastError
lstrcpynA
HeapFree
DecodePointer
SetLastError
LoadLibraryA
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement

user32

LoadMenuA
GetDC
wsprintfA
FillRect
IsIconic
GetSystemMetrics
ScreenToClient
PostMessageA
EnableMenuItem
GetWindowLongA
SendMessageA
LoadIconA
SetFocus
SendDlgItemMessageA
SetDlgItemTextA
SetWindowLongA
EndDialog
GetDlgItemTextA
IsDlgButtonChecked
GetDlgItem
LoadImageA
InvalidateRect
BeginPaint
SetRect
UnionRect
GetClientRect
EndPaint
DefWindowProcA
GetWindowDC
IsWindowEnabled
GetFocus
GetWindowRect
ClientToScreen
OffsetRect
ReleaseDC
MessageBoxA
SetWindowPos
DrawTextA
PostQuitMessage
DestroyIcon
CreatePopupMenu
InsertMenuItemA

gdi32

MoveToEx
GetObjectA
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
CreateRectRgn
ExcludeClipRect
CreateDCA
CreateCompatibleBitmap
CreatePen
GetStockObject
EnumFontsA
LineTo
SetBkColor
ExtTextOutA
DeleteObject
SaveDC
GetDeviceCaps
CreateFontA
TextOutA
RestoreDC
GetTextExtentPoint32A
CreateSolidBrush
SelectClipRgn

winspool.drv

FindClosePrinterChangeNotification
EnumPrintersA
ClosePrinter
GetPrinterA
OpenPrinterA
FindFirstPrinterChangeNotification
EnumJobsA

advapi32

RegCloseKey

shell32

Shell_NotifyIconA
SHGetFileInfoA

ole32

CoGetClassObject

ws2_32

inet_addr

msacm32

acmMetrics

winmm

timeGetTime

iphlpapi

SendARP

shlwapi

PathIsUNCW

comctl32

ImageList_ReplaceIcon

uxtheme

DrawThemeBackground

urlmon

CoInternetGetSession

dxva2

GetTimingReport
SetMonitorRedGreenOrBlueDrive

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nodata
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42867d24cbc78b1bc99c325531be77de

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

ws2_32

msacm32

winmm

iphlpapi

shlwapi

comctl32

uxtheme

urlmon

dxva2

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 15KB - Virtual size: 22KB

.nodata Size: 196KB - Virtual size: 196KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 15KB - Virtual size: 22KB

.nodata
Size: 196KB - Virtual size: 196KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 9KB - Virtual size: 9KB