5c85da10e11599042ca7c35e4ec014692a7c2e1469c1723d9496c399d99c9c4a

Sharing

Copy URL Twitter E-mail

General

Target

5c85da10e11599042ca7c35e4ec014692a7c2e1469c1723d9496c399d99c9c4a
Size

382KB
MD5

4d5a5e17fb235e185b469895a4a819c0
SHA1

954235a6aea1fe9d78dff1bbbc33a97329f24fe0
SHA256

5c85da10e11599042ca7c35e4ec014692a7c2e1469c1723d9496c399d99c9c4a
SHA512

2f2f77af11de69cb67c48ecc5093a08e17fe88221a456c12e0aa9837194311f363a364bacd57185209b4e849beb174bc693ac4374bd2b71a4f20b13f6fb35f41
SSDEEP

6144:LMILHesVU0bFYlUi4PyongwuDuXthUp6/pLdAbDNdyWZeNdnnF6:LF+s+lzryXthUoh6DPMy

Score

N/A

Malware Config

Signatures

Files

5c85da10e11599042ca7c35e4ec014692a7c2e1469c1723d9496c399d99c9c4a
.exe windows x86

f6e6514fc94bbbcb3e2cf6e22575ebd7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

Sleep
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
MultiByteToWideChar
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
HeapCreate
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
LCMapStringW
GetCurrentThreadId
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
TerminateProcess
DecodePointer
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
GetCommandLineA
RtlUnwind
HeapSize
IsProcessorFeaturePresent
GetModuleHandleA
EnumDateFormatsA
LoadLibraryA
GetProcAddress
SetLastError
GetLastError
LoadLibraryW
GetEnvironmentStrings
GetProcessHeap
GetTickCount
FreeEnvironmentStringsA
FreeLibrary
SetEvent
WaitForSingleObject
HeapFree
GetCurrentProcess
HeapAlloc
ExitProcess
HeapReAlloc

user32

EndPaint
GetNextDlgTabItem
DestroyWindow
RegisterClassA
OemKeyScan
DrawFrameControl
DialogBoxParamA
GetDlgItemTextA
LoadCursorA
FindWindowA
DestroyMenu
GetMessageA
BeginPaint
CallWindowProcA
SetClipboardData
UpdateWindow
MapWindowPoints
SendMessageW
LoadImageA
SetWindowTextA
InsertMenuA
CloseClipboard
SetWindowRgn
SetTimer
RegisterClassExA
IsIconic
KillTimer
SetForegroundWindow
DeleteMenu
CopyImage
GetParent
LoadIconA
FindWindowW
GetSystemMetrics
SetFocus
SendMessageA
CreateMenu
GetDC
TranslateMessage
SetDlgItemInt
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
PeekMessageA
ReleaseDC
EmptyClipboard
GetDlgItem
EndDialog
SendMessageTimeoutA
ShowWindow
SetMenu
CreatePopupMenu
CreateDialogParamW
DrawMenuBar
AppendMenuA
FindWindowExW
DispatchMessageA
DefDlgProcA
OpenClipboard

gdi32

GetCurrentObject
SetDIBColorTable
CreateBitmap
DeleteObject
CreateEllipticRgn
GetPaletteEntries
CreateDIBSection
CombineRgn
CreateCompatibleBitmap
SelectPalette
GetDIBColorTable
GetObjectA
GetStockObject
DeleteDC
CreateCompatibleDC
PatBlt
SelectObject
BitBlt

advapi32

FreeSid
AllocateAndInitializeSid
SetTokenInformation

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize

odbc32

ord1
ord2

crypt32

CryptSIPLoad

shlwapi

StrNCatA

comctl32

InitCommonControlsEx

pdh

PdhOpenQueryA
PdhAddCounterW
PdhAddCounterA
PdhCollectQueryData

gdiplus

GdiplusStartup

secur32

InitSecurityInterfaceA

dbghelp

EnumerateLoadedModules

eappcfg

EapHostPeerFreeErrorMemory
EapHostPeerInvokeInteractiveUI
EapHostPeerFreeMemory

dxva2

GetTimingReport

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6e6514fc94bbbcb3e2cf6e22575ebd7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

odbc32

crypt32

shlwapi

comctl32

pdh

gdiplus

secur32

dbghelp

eappcfg

dxva2

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 266KB - Virtual size: 265KB

.data Size: 20KB - Virtual size: 24KB

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 266KB - Virtual size: 265KB

.data
Size: 20KB - Virtual size: 24KB

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 8KB - Virtual size: 7KB