99b78ad6a83f2d3b751c7e0e8ba95045557f85e9d2614b865d5e4dcc4d17f4e9

Sharing

Copy URL

Twitter E-mail

General

Target

99b78ad6a83f2d3b751c7e0e8ba95045557f85e9d2614b865d5e4dcc4d17f4e9
Size

1.5MB
MD5

82e491a26314f425160b85d7c65a4940
SHA1

591396bb4c886a53333ad1b113d509ed12d76340
SHA256

99b78ad6a83f2d3b751c7e0e8ba95045557f85e9d2614b865d5e4dcc4d17f4e9
SHA512

8c489a11e9e76de20ab157a3dc95265179f6a73eac2524b78d0a0dd38db712c5d0ece342a719557876587f93be9a0ba8f53ed5cfc101bda40ce45101adbefac0
SSDEEP

24576:PeyjBifJcPeCtYbHEydQhUzAE9GSMNKQRe+8:TNSnCtYb3dNkEGSMEQRw

Score

N/A

Malware Config

Signatures

Files

99b78ad6a83f2d3b751c7e0e8ba95045557f85e9d2614b865d5e4dcc4d17f4e9
.exe windows x86

e17e310b7356f52425f1d54f49d9c0fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceW
GetProcessPriorityBoost
FindAtomA
SetThreadExecutionState
GetVolumeInformationW
SetSystemTimeAdjustment
ReplaceFileW
DeleteTimerQueueEx
DefineDosDeviceW
GetBinaryTypeW
GetLongPathNameW
AssignProcessToJobObject
GetModuleFileNameW
GetLogicalDrives
GetDateFormatW
OpenFileMappingA
FindFirstVolumeMountPointA
GetPrivateProfileSectionNamesW
DuplicateHandle
VirtualAlloc
Toolhelp32ReadProcessMemory
GetConsoleAliasW
MapViewOfFile
SetThreadPriorityBoost
DeleteAtom
DeleteVolumeMountPointA
GetLogicalDriveStringsA
GetVolumeInformationA
GetUserDefaultLCID
GetConsoleOutputCP
GetCurrentConsoleFont
GetConsoleAliasExesLengthW
SetFileTime
AddAtomW
CompareStringW
GetDriveTypeW
CreateIoCompletionPort
SetConsoleTextAttribute
MoveFileWithProgressA
GetProcAddress
FreeEnvironmentStringsA
GetCPInfoExA
DnsHostnameToComputerNameW
FreeEnvironmentStringsW
FindResourceA
GetConsoleCP
GetProcessVersion
FoldStringA
GetEnvironmentVariableA
DisconnectNamedPipe
ReleaseSemaphore
ResetEvent
SetFileAttributesA
GetProcessIoCounters
SetWaitableTimer
ContinueDebugEvent
MultiByteToWideChar
GetPrivateProfileStructA
GetFileSize
GetAtomNameW
GetCurrentProcess
GetSystemWindowsDirectoryA
GetFileAttributesExW
GetCurrentThread
GetSystemDirectoryA
GetModuleHandleA
GetProfileStringA
SetThreadPriority
GetStringTypeExA
GetWindowsDirectoryW
MulDiv
GetNumberFormatW
GetStringTypeA
ChangeTimerQueueTimer
SetLocaleInfoW
SetEvent
GetProcessTimes
GetConsoleAliasesA
SetVolumeMountPointA
AreFileApisANSI

rpcrt4

MesEncodeFixedBufferHandleCreate
RpcMgmtInqComTimeout
RpcEpRegisterNoReplaceW
RpcServerUseProtseqW
RpcServerRegisterIf2
NdrClientCall
RpcBindingServerFromClient
RpcBindingVectorFree
NdrFullPointerXlatFree
RpcServerYield
RpcBindingReset
RpcServerUnregisterIf
RpcAsyncCompleteCall
RpcAsyncGetCallStatus
NdrPointerFree
RpcServerRegisterIf
NdrConformantArrayMarshall
NdrPointerBufferSize
NdrCreateServerInterfaceFromStub
NdrCorrelationInitialize
RpcBindingInqAuthClientExA
RpcErrorClearInformation
RpcBindingInqAuthClientExW
RpcMgmtInqStats
RpcMgmtEnableIdleCleanup
RpcServerUseAllProtseqsIf
RpcBindingSetOption
NdrFullPointerXlatInit
RpcStringBindingParseW
RpcRevertToSelfEx
MesHandleFree
RpcServerListen
MesDecodeIncrementalHandleCreate
RpcCancelThreadEx
RpcSsGetContextBinding
NdrDcomAsyncClientCall
NdrSimpleStructUnmarshall
NdrStubCall2

user32

LoadCursorW
EndDeferWindowPos
GetMessageW
RegisterClassExW
OffsetRect
EmptyClipboard
GetWindowTextW
IsCharAlphaNumericW
DrawIconEx
SendMessageA
FillRect
FrameRect
GetDCEx
LoadMenuW
GetKeyboardType
WinHelpA
HideCaret
wvsprintfW
GetClassInfoExW
CloseClipboard
GetGUIThreadInfo
GetClassNameW
EnumChildWindows
ActivateKeyboardLayout
ShowWindow
TrackMouseEvent
GetWindowInfo

comctl32

PropertySheetA
ImageList_Remove
InitCommonControlsEx
ImageList_DragEnter
ImageList_GetIcon
ImageList_DrawIndirect
FlatSB_SetScrollProp
ImageList_Replace
PropertySheetW
ImageList_SetBkColor
ImageList_LoadImageW
ImageList_Write
CreateToolbarEx
ImageList_SetDragCursorImage
ImageList_DragLeave
ImageList_LoadImageA
CreateStatusWindowW
ImageList_EndDrag
ImageList_Draw
FlatSB_SetScrollInfo
ImageList_GetImageInfo
ImageList_GetIconSize
DestroyPropertySheetPage
ImageList_GetDragImage
ImageList_SetImageCount
FlatSB_GetScrollInfo
ImageList_SetIconSize
ImageList_DrawEx
FlatSB_GetScrollPos
ImageList_Read
ImageList_Copy
FlatSB_SetScrollPos
CreatePropertySheetPageA
ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_GetImageCount
ImageList_DragMove
ImageList_Add
CreatePropertySheetPageW
InitializeFlatSB
ord17
ImageList_SetOverlayImage
ImageList_Destroy
ImageList_AddMasked
ImageList_DragShowNolock
ImageList_GetBkColor
_TrackMouseEvent
ImageList_Create

oleaut32

SysFreeString
SafeArrayGetUBound
VariantCopy
SafeArrayGetLBound
VariantClear
VariantChangeTypeEx
GetActiveObject
SysAllocStringByteLen
SafeArrayPtrOfIndex
GetErrorInfo
SysAllocStringLen
VariantInit
SafeArrayCreate
VariantCopyInd
SysStringLen

msvcrt

_exit
_XcptFilter
_cexit
exit
__initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3
_c_exit

Sections

.text
Size: 766KB - Virtual size: 765KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 630KB - Virtual size: 630KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e17e310b7356f52425f1d54f49d9c0fd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

user32

comctl32

oleaut32

msvcrt

Sections

.text Size: 766KB - Virtual size: 765KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 630KB - Virtual size: 630KB

.rsrc Size: 108KB - Virtual size: 107KB

.text
Size: 766KB - Virtual size: 765KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 630KB - Virtual size: 630KB

.rsrc
Size: 108KB - Virtual size: 107KB