3704c608623348c55af315516d2b897e75b311fde8924761a78ac312a518deb8

Sharing

Copy URL Twitter E-mail

General

Target

3704c608623348c55af315516d2b897e75b311fde8924761a78ac312a518deb8
Size

183KB
MD5

87b4ed2d0670ae17f18842a6d1250c8a
SHA1

e963b4b48bc9c0aef960bd62ec9320aa5083466f
SHA256

3704c608623348c55af315516d2b897e75b311fde8924761a78ac312a518deb8
SHA512

e2681b72c279ecbe2272d0f5aa4a76d5c8e38ed73b2377bca9d889955b4b6a8cf8edad356f3fd4d56a6a8829338d68429558ba374591e516fe8864ace8b15972
SSDEEP

3072:jzORTPASCYOvEgTTd5psD1SK96tHgCMu1Mx7n4he26wBQHAMSeOlWx7Yz/:jWNCYaTTfpsDp96bxhLR8/7Y

Score

N/A

Malware Config

Signatures

Files

3704c608623348c55af315516d2b897e75b311fde8924761a78ac312a518deb8
.exe windows x64

d5eb3138816d9878f0674dde0ddbc8f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

GetModuleHandleW
FlushInstructionCache
MultiByteToWideChar
lstrlenW
lstrcmpiW
GetVersionExW
SetLastError
FreeLibrary
LoadLibraryExW
GetModuleFileNameW
CreateThread
lstrcatW
lstrcpyW
GetWindowsDirectoryW
GetSystemDefaultLocaleName
LCMapStringW
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcAddress
SetHandleCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
RtlPcToFileHeader
HeapCreate
GetVersion
HeapSetInformation
GetStdHandle
WriteFile
GetStringTypeW
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
CopyFileW
GetOEMCP
GetACP
GetCPInfo
RtlUnwindEx
ExitProcess
Sleep
CreateDirectoryW
GetFileType
FindFirstFileW
FindClose
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
CreateProcessW
WaitForSingleObject
CloseHandle
GetCurrentThread
GetLastError
GetCurrentProcess
LocalAlloc
LocalFree
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
FindResourceExW
TerminateProcess
FindResourceW
LoadResource
LockResource
SizeofResource
RaiseException
RtlCaptureContext
RtlLookupFunctionEntry
SetEndOfFile
CreateFileW
CreateFileA
ReadFile
SetStdHandle
WriteConsoleW
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
GetCommandLineW
IsValidCodePage
FindNextFileW
DecodePointer
EncodePointer
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedPushEntrySList
SetFilePointer

user32

GetActiveWindow
RegisterClassW
UnregisterClassA
MessageBoxW
DefWindowProcW
GetDC
DialogBoxParamW
CreateDialogParamW
SetWindowLongPtrW
CharNextW
CreateWindowExW
GetMessageW
TranslateMessage
DispatchMessageW
ShowWindow
PostQuitMessage
IsDialogMessageW
DestroyWindow
GetSystemMetrics
LoadImageW
GetParent
GetWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
GetClientRect
MapWindowPoints
SetWindowPos
GetDlgItem
SetDlgItemTextW
SetWindowTextW
GetWindowLongW
EndDialog
SendMessageW
PeekMessageW

gdi32

SetPixelFormat
ChoosePixelFormat

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
FreeSid

shell32

ShellExecuteW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoCreateInstance

oleaut32

VarUI4FromStr

shlwapi

StrRChrW
StrCpyW

comctl32

InitCommonControlsEx

opengl32

wglMakeCurrent
wglCreateContext
wglDeleteContext
glGetString

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5eb3138816d9878f0674dde0ddbc8f7

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

opengl32

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 6KB - Virtual size: 17KB

.pdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 6KB - Virtual size: 17KB

.pdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 2KB - Virtual size: 1KB