ec4bd4acc276ae17a0d8f0cdc1042b641e4e12c1ea6616f18bd814e921aeab79

Sharing

Copy URL Twitter E-mail

General

Target

ec4bd4acc276ae17a0d8f0cdc1042b641e4e12c1ea6616f18bd814e921aeab79
Size

350KB
MD5

67cbf1b48d36a1366fcb6b17a1f66974
SHA1

3120323e8d515d296b1040dd5f934dddb3c7c728
SHA256

ec4bd4acc276ae17a0d8f0cdc1042b641e4e12c1ea6616f18bd814e921aeab79
SHA512

7b306a2fc30bad65e8c84be6f5282b3b6d1433802c089e7fc4ed182742fdc4ad3525e0bed6827ac2c5229b3057f3d16a0515c72f0d871caa28fe8608517edcf8
SSDEEP

6144:Lehw8eDKEO72pFqg6UYUvJKnnYHFrtGaD2oqqr1TIIdrerohKN+S9:L1GELN6UYUvJonAFJGaDRqqhyIA+u

Score

N/A

Malware Config

Signatures

Files

ec4bd4acc276ae17a0d8f0cdc1042b641e4e12c1ea6616f18bd814e921aeab79
.exe windows x86

3619ebe02faecc6ace4ab5246c45217f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

LoadLibraryW
TlsAlloc
TlsGetValue
GetConsoleCP
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
HeapSize
GetConsoleMode
HeapReAlloc
FlushFileBuffers
LCMapStringW
GetStringTypeW
LoadLibraryA
SetStdHandle
WriteConsoleW
GetLastError
lstrlenA
MultiByteToWideChar
GlobalAlloc
SetErrorMode
GetVolumeInformationA
ExitProcess
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
HeapCreate
GetProcAddress
SetLastError
GlobalMemoryStatusEx
CreateFileW
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleA
SetFilePointer
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
GetStartupInfoW
GetModuleHandleW
DecodePointer
HeapAlloc
GetCommandLineA
HeapSetInformation
CloseHandle

user32

wsprintfA
SendDlgItemMessageA
AdjustWindowRect
GetWindowLongA
SetRect
GetWindowDC
DdeInitializeA
DdeCreateStringHandleW
SendMessageA
CreateWindowExA
ShowWindow
UpdateWindow
DestroyWindow
PostQuitMessage
DispatchMessageA
GetClientRect
MapWindowPoints
GetCursorPos
PtInRect
WindowFromPoint
KillTimer
PostMessageA
GetDC
ReleaseDC
PeekMessageA
TranslateMessage
SetCapture
ClientToScreen
SetCursorPos
BeginPaint
EndPaint
ReleaseCapture
DefWindowProcA
MonitorFromWindow
GetMonitorInfoA
GetWindowInfo
InvalidateRect
CopyImage
GetIconInfo
DrawIconEx
DestroyIcon
LoadImageW
EqualRect
SetWindowTextA
LoadMenuA

gdi32

CreateDIBSection
GetObjectA
CreateCompatibleDC
SelectObject
SetStretchBltMode
StretchBlt
DeleteDC
SetDCPenColor
Rectangle
MoveToEx
LineTo
GetStockObject
GetCurrentObject
GetPaletteEntries
SetDIBColorTable
BitBlt
DeleteObject
GetDIBColorTable
CreateBitmap
SelectPalette
GetTextMetricsA
GetObjectW
PatBlt
GetNearestColor
CreateSolidBrush
GetClipBox
EnumFontsA
RealizePalette
CreateFontIndirectA
TextOutA
StartDocA

advapi32

CryptImportKey
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptEncrypt
CryptReleaseContext
CryptDestroyKey
CryptSetKeyParam
CryptAcquireContextA
LookupAccountSidA
GetTokenInformation
LookupPrivilegeNameA
AllocateAndInitializeSid
IsValidSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
IsValidAcl
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
CryptGetHashParam

ole32

CreateBindCtx
CoInitialize
CoCreateInstance

oleaut32

SysAllocStringLen

psapi

GetPerformanceInfo

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_Destroy
ImageList_DragEnter
ImageList_BeginDrag
ImageList_Add

rpcrt4

RpcServerListen
RpcServerRegisterIfEx
RpcServerUseProtseqEpA

dxva2

RestoreMonitorFactoryDefaults
SetMonitorDisplayAreaPosition

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3619ebe02faecc6ace4ab5246c45217f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

psapi

comctl32

rpcrt4

dxva2

Sections

.text Size: 155KB - Virtual size: 154KB

.rdata Size: 137KB - Virtual size: 137KB

.data Size: 3KB - Virtual size: 11KB

.rsrc Size: 53KB - Virtual size: 52KB

.text
Size: 155KB - Virtual size: 154KB

.rdata
Size: 137KB - Virtual size: 137KB

.data
Size: 3KB - Virtual size: 11KB

.rsrc
Size: 53KB - Virtual size: 52KB