702a342a83265a9aad08766b8e336db9156c0be806789060595889c9f25a49b1

Sharing

Copy URL Twitter E-mail

General

Target

702a342a83265a9aad08766b8e336db9156c0be806789060595889c9f25a49b1
Size

431KB
MD5

a1dacf5f0f731c6dab74a79dfbfe1f3f
SHA1

20f9d1cf2fde093b549628ecac9cdaba25573720
SHA256

702a342a83265a9aad08766b8e336db9156c0be806789060595889c9f25a49b1
SHA512

323d24bcf86455615a1a632ffb8b08229647ae27a75fe146ec68ec8cc4c2679e33aa3e64c0f014b7b882aa7dea015adf758ca19d9274975a5bf57347e3f6d0ea
SSDEEP

6144:DimCLjrh8D4qYzPx12TFS+ClL2osAda/c+3Wr5KG04X0bCipmXrFrkssPeaxm:+mCdiPYzqFt6RZdRr4GDmPArksJaxm

Score

N/A

Malware Config

Signatures

Files

702a342a83265a9aad08766b8e336db9156c0be806789060595889c9f25a49b1
.exe windows x86

24a632261cdd34903875a68efb236c05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_SYSTEM
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

lstrcpyA
GetProcessHeap
SetEndOfFile
FlushFileBuffers
HeapReAlloc
HeapSize
GetStringTypeW
LCMapStringW
CreateFileA
GetTickCount
GetLastError
WriteConsoleW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointer
DeleteCriticalSection
SetHandleCount
GetCurrentThreadId
GetVersion
CloseHandle
GetModuleFileNameA
LocalAlloc
LoadLibraryA
GetProcAddress
SetLastError
TlsFree
MultiByteToWideChar
lstrcatA
FreeLibrary
CreateFileW
Sleep
GetVolumeInformationA
LoadLibraryW
ReadFile
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetFileType
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapFree
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameW
HeapCreate
RtlUnwind
GetCPInfo
InterlockedIncrement

user32

DialogBoxParamA
FindWindowA
EndPaint
InsertMenuItemA
GetWindowDC
FillRect
DrawTextA
LoadStringA
GetClientRect
SendMessageA
BeginPaint
GetDC
SetDlgItemInt
MessageBoxA
InvalidateRect
CreateWindowExA
ReleaseDC
DefWindowProcA
GetCursorPos
CreatePopupMenu

gdi32

SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
FillRgn
GetStockObject
CreateSolidBrush
TextOutA
DeleteDC

winspool.drv

EnumPrintersA

comdlg32

FindTextA

advapi32

AdjustTokenGroups

secur32

AcceptSecurityContext
InitializeSecurityContextA
AcquireCredentialsHandleA

wtsapi32

WTSEnumerateSessionsA

Sections

.text
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24a632261cdd34903875a68efb236c05

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

secur32

wtsapi32

Sections

.text Size: 269KB - Virtual size: 269KB

.rdata Size: 42KB - Virtual size: 42KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 104KB - Virtual size: 104KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 269KB - Virtual size: 269KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 104KB - Virtual size: 104KB

.reloc
Size: 9KB - Virtual size: 9KB