20fb8197a6bb81621b384018ce156cfbc20812f8563ebac17f252786b007d7ae

Sharing

Copy URL Twitter E-mail

General

Target

20fb8197a6bb81621b384018ce156cfbc20812f8563ebac17f252786b007d7ae
Size

406KB
MD5

63f2f2542e3c8f7a436e9c6298fa3297
SHA1

dd034932c432e112a7d5c9ebb151be2322472203
SHA256

20fb8197a6bb81621b384018ce156cfbc20812f8563ebac17f252786b007d7ae
SHA512

a51f83301949238f09004c8a8944e9bced4d4790e959ca0a3a418ab8f96a31ca109ef80b400796c03633edb59dc75ed8be612f5d3d2976d08595c99f04b29d05
SSDEEP

6144:KZvnPA7Q3mkhv/bE7MMdcvohZp1y2YzcnzczLs7sOGBGi:KZvnPA7Q3msnboZceZpSgnzczwwOq

Score

N/A

Malware Config

Signatures

Files

20fb8197a6bb81621b384018ce156cfbc20812f8563ebac17f252786b007d7ae
.exe windows x86

ad512676011e16532e0beb001e816f10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StretchDIBits
GetObjectA
CreateFontIndirectA
CreateICA
SetViewportExtEx
GetDIBits
CreateCompatibleDC
CreateBitmap
CreateDIBSection
GetTextMetricsA
CreateFontA
GetPaletteEntries
RestoreDC
PlayMetaFile
BitBlt
DeleteMetaFile
CreateHalftonePalette
SelectClipRgn
CreatePalette
SetTextColor
DeleteDC
SelectPalette
SetMapMode
CreateDCA
CreateCompatibleBitmap
SetBkColor
GetDeviceCaps
ExtTextOutA
CreateSolidBrush
SaveDC
GetTextExtentPointA
RealizePalette
SelectObject
CreateRectRgnIndirect
SetBkMode
CreatePatternBrush
SetMetaFileBitsEx
DeleteObject
CreatePen
PatBlt
SetViewportOrgEx

kernel32

FindNextFileA
ExitProcess
DisableThreadLibraryCalls
VirtualAlloc
LoadLibraryA
SetEnvironmentVariableA
DeleteCriticalSection
LocalReAlloc
GetModuleHandleA
HeapAlloc
GetVolumeInformationA
FlushFileBuffers
GlobalAlloc
GetLocaleInfoA
GetSystemTimeAsFileTime
GetFileSize
GetFileType
OpenFile
CreateThread
HeapReAlloc
DeleteFileA
_lclose
GetStringTypeA
GetCommandLineA
LocalFree
IsDBCSLeadByte
GetTimeZoneInformation
CloseHandle
LeaveCriticalSection
TlsGetValue
IsBadCodePtr
CreateFileA
GetCurrentDirectoryA
SearchPathA
GetTempFileNameA
LCMapStringW
SetCurrentDirectoryA
lstrcmpiA
lstrcatA
GetCurrentProcess
_lread
FreeLibrary
GetLastError
FreeEnvironmentStringsW
GetStdHandle
_lopen
TerminateProcess
MapViewOfFile
GetCPInfo
GetSystemDirectoryA
FreeEnvironmentStringsA
CreateFileMappingA
HeapDestroy
InterlockedIncrement
_llseek
GetEnvironmentStringsW
GetVersion
CreateSemaphoreA
lstrlenW
CreateDirectoryA
GetStringTypeW
SetLastError
FatalAppExitA
VirtualFree
ReleaseSemaphore
FindFirstFileA
GetWindowsDirectoryA
IsBadWritePtr
SetUnhandledExceptionFilter
GetLocalTime
GetOEMCP
GetTempPathA
ExitThread
GetProcAddress
Sleep
SetStdHandle
SetEndOfFile
lstrcpyA
GetCurrentThreadId
TlsSetValue
WritePrivateProfileStringA
GetStartupInfoA
IsBadReadPtr
CompareStringW
RtlUnwind
SetFilePointer
GetEnvironmentStrings
GetVersionExA
WideCharToMultiByte
GetFileAttributesA
InterlockedDecrement
DebugBreak
TlsFree
GlobalMemoryStatus
TlsAlloc
MultiByteToWideChar
GetPrivateProfileStringA
WaitForSingleObject
GetSystemDefaultLangID
GlobalFree
FindClose
_lwrite
HeapSize
GetModuleFileNameA
GetACP
GetTickCount
MulDiv
GetLocaleInfoW
CompareStringA
GetSystemTime
RaiseException
GetUserDefaultLCID
WriteFile
FormatMessageA
GlobalHandle
HeapCreate
lstrcpynA
InitializeCriticalSection
GetFullPathNameA
lstrlenA
LCMapStringA
GetCurrentProcessId
GlobalLock
ReadFile
LocalAlloc
EnterCriticalSection
SetHandleCount
HeapFree

advpack

RegInstall
DelNode

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

version

VerQueryValueA
GetFileVersionInfoA

user32

ShowWindow
CallNextHookEx
LoadCursorA
FindWindowA
SendDlgItemMessageA
DeleteMenu
GetSystemMetrics
IsWindow
GetClientRect
GetMenuItemID
GetParent
PtInRect
SetTimer
CharLowerA
SetWindowLongA
CharUpperA
SystemParametersInfoA
GetWindowTextA
LoadBitmapA
SetWindowTextA
DialogBoxParamA
RegisterClassA
GetCursorPos
CreateDialogParamA
InsertMenuA
wsprintfA
DefWindowProcA
GetWindowLongA
BeginPaint
MoveWindow
FillRect
EndPaint
GetDlgItem
LoadStringA
CreateWindowExA
wvsprintfA
GetWindowRect
EnumChildWindows
MessageBoxA
SetDlgItemInt
GetDlgItemInt
WinHelpA
EndDialog
SetRect
ClientToScreen
CharNextA
DestroyWindow
ScreenToClient
SetFocus
OffsetRect
SendMessageA
ClipCursor
UnhookWindowsHookEx
GetDesktopWindow
ReleaseDC
CallWindowProcA
EnableWindow
GetClassNameA
GetWindowTextLengthA
CharPrevA
SetWindowsHookExA
GetSysColor
GetDC
GetWindowPlacement
InvalidateRect
PostMessageA
IsIconic
SetWindowPos
SetCursor
SetCapture
KillTimer

advapi32

RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ad512676011e16532e0beb001e816f10

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

advpack

shell32

version

user32

advapi32

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 34KB - Virtual size: 2.4MB

.reloc Size: 512B - Virtual size: 28B

.rdata Size: 49KB - Virtual size: 49KB

.rsrc Size: 313KB - Virtual size: 312KB

.idata Size: 6KB - Virtual size: 6KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 34KB - Virtual size: 2.4MB

.reloc
Size: 512B - Virtual size: 28B

.rdata
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 313KB - Virtual size: 312KB

.idata
Size: 6KB - Virtual size: 6KB