5a68f1f3c3b0612e301f6951e5b12a7a766627327f4989379ea3fff222b02723

Sharing

Copy URL Twitter E-mail

General

Target

5a68f1f3c3b0612e301f6951e5b12a7a766627327f4989379ea3fff222b02723
Size

390KB
MD5

00f23c9931e3feaba97faa5eb265e054
SHA1

8383221393fc6595c60241bd9750bf132a855de3
SHA256

5a68f1f3c3b0612e301f6951e5b12a7a766627327f4989379ea3fff222b02723
SHA512

37d3d666938b7b5cef2814c5ec5c28f5cc049f0758b6040a158813c936ebcf241ede4c1698010f0a4b98b617487dd34046e41414f73fddfe287a26495832530e
SSDEEP

6144:F+4OozXfRaCmwszesDGcH1APejYP5vObVq7kD4FVZbdux6hjGw:F+4OozewszesDGaOmZD490xeV

Score

N/A

Malware Config

Signatures

Files

5a68f1f3c3b0612e301f6951e5b12a7a766627327f4989379ea3fff222b02723
.exe windows x86

e1388f5ee2c2170d512b114c86870acd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
malloc
_initterm
free
_ftol
memmove

kernel32

SetUnhandledExceptionFilter
InterlockedExchange
RaiseException
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetUserDefaultLCID
GetProfileIntA
LeaveCriticalSection
GetSystemDefaultLCID
MultiByteToWideChar
WideCharToMultiByte
LocalLock
Sleep
GetTickCount
IsBadReadPtr
FreeLibrary
GetProcAddress
GetLocaleInfoW
LocalFree
lstrcmpiA
lstrlenA
FormatMessageA
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
GetSystemDefaultLangID
FindAtomA
GetCurrentThreadId
IsBadWritePtr
GetLastError
ReadFile
WriteFile
CloseHandle
SetFilePointer
IsValidCodePage
GetThreadLocale
GlobalAlloc
GlobalFree
GlobalFlags
GlobalReAlloc
GlobalSize
GlobalLock
GlobalHandle
GlobalUnlock
MulDiv
GetVersionExA
lstrcmpiW
GetACP
LocalAlloc
LocalReAlloc
GetModuleHandleA
GetStringTypeExA
FindAtomW
GetStringTypeExW
CreateFileA
CreateFileW
CompareStringA
CompareStringW
GetProfileSectionA
GetProfileSectionW
LoadLibraryA
LoadLibraryW
GetModuleFileNameA
GetModuleFileNameW
EnterCriticalSection

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExW
RegEnumKeyExA
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExA

user32

SetTimer
KillTimer
ScrollWindowEx
SetForegroundWindow
SetScrollInfo
GetWindow
IsWindow
GetDesktopWindow
SystemParametersInfoW
WindowFromPoint
GetForegroundWindow
IsChild
IsWindowEnabled
GetCapture
GetCaretPos
IsClipboardFormatAvailable
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetClipboardOwner
GetClipboardData
CharUpperW
MessageBoxA
UnregisterClassA
SetCaretPos
EnableScrollBar
wvsprintfA
DefWindowProcA
DefWindowProcW
GetWindowLongA
GetWindowLongW
GetClassLongA
GetClassLongW
LoadBitmapA
LoadBitmapW
LoadCursorA
LoadCursorW
SetWindowLongA
SetWindowLongW
PostMessageA
PostMessageW
PeekMessageA
PeekMessageW
RegisterWindowMessageA
PostQuitMessage
MessageBoxW
GetKeyboardLayout
SendMessageA
FindWindowA
SystemParametersInfoA
GetKeyboardLayoutList
CharLowerA
CharLowerBuffW
CharUpperA
CharUpperBuffW
SendMessageW
UnregisterClassW
RegisterClassA
RegisterClassW
GetDoubleClickTime
ShowCaret
HideCaret
CreateCaret
SetScrollPos
SetScrollRange
IsWindowVisible
MapWindowPoints
GetDlgItem
GetFocus
IsIconic
DestroyCaret
WindowFromDC
DestroyMenu
MessageBeep
RegisterClipboardFormatA
GetParent
TrackPopupMenu
SetCapture
GetAsyncKeyState
ReleaseCapture
GetMessageTime
GetMessagePos
IntersectRect
OffsetRect
InvertRect
CopyRect
ActivateKeyboardLayout
IsWindowUnicode
EnableWindow
GetDC
ReleaseDC
CreateWindowExW
CreateWindowExA
SetParent
ClientToScreen
MoveWindow
BeginPaint
FillRect
EndPaint
InflateRect
ShowWindow
InvalidateRect
SetWindowPos
UpdateWindow
GetClientRect
DrawFocusRect
GetCursorPos
ScreenToClient
GetWindowRect
PtInRect
GetKeyState
GetSysColor
DrawFrameControl
GetSystemMetrics
SetCursor
GetCursor
DestroyWindow
ShowScrollBar
SetFocus

gdi32

GetTextMetricsA
CreateFontIndirectW
CreateFontIndirectA
GetCharWidthA
GetCharWidthW
EnumFontFamiliesExW
LPtoDP
GetMapMode
CreatePalette
GetObjectType
Escape
CreatePatternBrush
CreateMetaFileA
CloseMetaFile
EnumMetaFile
SetViewportOrgEx
GetMetaFileBitsEx
CreateBitmap
SetMetaFileBitsEx
CreateSolidBrush
ExtTextOutA
CreateCompatibleBitmap
SetMapMode
GetObjectA
DPtoLP
GetBkMode
TranslateCharsetInfo
GetOutlineTextMetricsA
GetTextCharsetInfo
GetTextMetricsW
CreatePen
MoveToEx
LineTo
BitBlt
SetWindowOrgEx
SetWindowExtEx
GetPixel
ExtTextOutW
GetDeviceCaps
SetTextAlign
DeleteObject
CreateCompatibleDC
StretchBlt
DeleteDC
CreateDIBSection
SetROP2
GetStockObject
Rectangle
GetCurrentObject
SelectObject
SelectPalette
RealizePalette
SaveDC
RestoreDC
SetBkMode
PatBlt
SetBkColor
SetTextColor
IntersectClipRect
GetObjectW
CreateICA
CreateICW
GetTextFaceA
GetTextFaceW
DeleteMetaFile

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj5
Size: 2KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj50
Size: 2KB - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj51
Size: 2KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj52
Size: 150KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj53
Size: 150KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj54
Size: 2KB - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj55
Size: 2KB - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj56
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj57
Size: 2KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj58
Size: 2KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj59
Size: 2KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1231
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAKS
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GAHS
Size: 2KB - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HAJS
Size: 2KB - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HnJS
Size: 2KB - Virtual size: 198B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SKALS
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SKAkS
Size: 2KB - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SfAkS
Size: 2KB - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8AUqj
Size: 2KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8AUq8
Size: 2KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAHQK
Size: 2KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAHSK
Size: 2KB - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAHQJ
Size: 2KB - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1388f5ee2c2170d512b114c86870acd

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

gdi32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 10KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 3KB

.fhj5 Size: 2KB - Virtual size: 192B

.fhj50 Size: 2KB - Virtual size: 194B

.fhj51 Size: 2KB - Virtual size: 228B

.fhj52 Size: 150KB - Virtual size: 148KB

.fhj53 Size: 150KB - Virtual size: 148KB

.fhj54 Size: 2KB - Virtual size: 196B

.fhj55 Size: 2KB - Virtual size: 204B

.fhj56 Size: 2KB - Virtual size: 208B

.fhj57 Size: 2KB - Virtual size: 202B

.fhj58 Size: 2KB - Virtual size: 228B

.fhj59 Size: 2KB - Virtual size: 206B

.1231 Size: 2KB - Virtual size: 208B

.JAKS Size: 2KB - Virtual size: 208B

.GAHS Size: 2KB - Virtual size: 204B

.HAJS Size: 2KB - Virtual size: 588B

.HnJS Size: 2KB - Virtual size: 198B

.SKALS Size: 2KB - Virtual size: 208B

.SKAkS Size: 2KB - Virtual size: 216B

.SfAkS Size: 2KB - Virtual size: 236B

.8AUqj Size: 2KB - Virtual size: 202B

.8AUq8 Size: 2KB - Virtual size: 202B

.JAHQK Size: 2KB - Virtual size: 160B

.JAHSK Size: 2KB - Virtual size: 162B

.JAHQJ Size: 2KB - Virtual size: 126B

.rsrc Size: 18KB - Virtual size: 16KB

.reloc Size: 2KB - Virtual size: 248KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 10KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 3KB

.fhj5
Size: 2KB - Virtual size: 192B

.fhj50
Size: 2KB - Virtual size: 194B

.fhj51
Size: 2KB - Virtual size: 228B

.fhj52
Size: 150KB - Virtual size: 148KB

.fhj53
Size: 150KB - Virtual size: 148KB

.fhj54
Size: 2KB - Virtual size: 196B

.fhj55
Size: 2KB - Virtual size: 204B

.fhj56
Size: 2KB - Virtual size: 208B

.fhj57
Size: 2KB - Virtual size: 202B

.fhj58
Size: 2KB - Virtual size: 228B

.fhj59
Size: 2KB - Virtual size: 206B

.1231
Size: 2KB - Virtual size: 208B

.JAKS
Size: 2KB - Virtual size: 208B

.GAHS
Size: 2KB - Virtual size: 204B

.HAJS
Size: 2KB - Virtual size: 588B

.HnJS
Size: 2KB - Virtual size: 198B

.SKALS
Size: 2KB - Virtual size: 208B

.SKAkS
Size: 2KB - Virtual size: 216B

.SfAkS
Size: 2KB - Virtual size: 236B

.8AUqj
Size: 2KB - Virtual size: 202B

.8AUq8
Size: 2KB - Virtual size: 202B

.JAHQK
Size: 2KB - Virtual size: 160B

.JAHSK
Size: 2KB - Virtual size: 162B

.JAHQJ
Size: 2KB - Virtual size: 126B

.rsrc
Size: 18KB - Virtual size: 16KB

.reloc
Size: 2KB - Virtual size: 248KB