b8d1d641a6fe282649df1d349273652dcf06cf4b817524e3fc6236f2a6ba9eec

Sharing

Copy URL Twitter E-mail

General

Target

b8d1d641a6fe282649df1d349273652dcf06cf4b817524e3fc6236f2a6ba9eec
Size

418KB
MD5

823d80ece30761048677291ff06c2870
SHA1

0e78757f0896d0abde53cd1ac2572858225cec72
SHA256

b8d1d641a6fe282649df1d349273652dcf06cf4b817524e3fc6236f2a6ba9eec
SHA512

e6fc0f3bd2daf7be22798e4e047a0fc4efd45215715272fc61f23cfc10eeb09f614ac1a127a00ea8efeda418c8cf09a1e5fce92937798643f238c91e5aa87516
SSDEEP

6144:f3WDbZvxLXISGLrrtUOV6QRb1ahc0EjiKj+f7ZNepn5AAAN6tEqyG3IXytBv7ZZf:PWDVxLXAnxUOQgZCERCfeZ5AA7nH3zNv

Score

N/A

Malware Config

Signatures

Files

b8d1d641a6fe282649df1d349273652dcf06cf4b817524e3fc6236f2a6ba9eec
.exe windows x86

df51c7d60e74ec937eb90db9eeeb8876

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

LoadLibraryW
RtlUnwind
GetStringTypeW
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
RaiseException
OutputDebugStringW
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
OutputDebugStringA
FreeEnvironmentStringsW
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
CreateFileW
lstrcpyA
CloseHandle
GetLastError
HeapCreate
GetVolumeInformationA
WriteFile
HeapAlloc
lstrlenA
GetModuleFileNameA
ExitProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetLastError
GetModuleHandleW
GetProcAddress
GetEnvironmentStringsW
WriteConsoleW
TlsFree
GetCurrentThreadId
GetModuleFileNameW
CreateFileA
DecodePointer
FlushFileBuffers
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
IsValidCodePage
GetCPInfo
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapValidate
IsBadReadPtr
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP

user32

LoadCursorA
CheckMenuItem
GetSystemMetrics
GetSysColorBrush
ShowWindow
GetMenuStringA
DispatchMessageW
SetWindowTextA
GetClientRect
ClientToScreen
DestroyWindow
GetSystemMenu
GetWindowRect
GetMessageW
GetWindowDC
FillRect
GetSubMenu
GetMenuItemInfoA
GetParent
GetWindowTextLengthA
SendMessageA
DrawEdge
GetDC
TranslateMessage
CreateDialogIndirectParamA
GetMenu
OffsetRect
GetWindowTextA
SetWindowLongA
InvalidateRect
GetWindowLongA
GetDlgItem
GetSysColor
SetWindowPos

gdi32

DeleteObject
GetDeviceCaps
CreateFontIndirectA
ExcludeClipRect
CreateDCA
RestoreDC
CreateCompatibleDC
CombineRgn
CreateRectRgn
CreatePen
GetObjectA
GetStockObject

advapi32

CredGetSessionTypes

shell32

SHGetPathFromIDListA

ole32

CreateBindCtx

ws2_32

inet_addr

iphlpapi

SendARP

shlwapi

StrChrA

imm32

ImmAssociateContext

setupapi

SetupAddToSourceListA
SetupFindFirstLineA

uxtheme

DrawThemeBackground
OpenThemeData

rasdlg

RasDialDlgA

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dydata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relov
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df51c7d60e74ec937eb90db9eeeb8876

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

ws2_32

iphlpapi

shlwapi

imm32

setupapi

uxtheme

rasdlg

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 9KB - Virtual size: 16KB

.dydata Size: 36KB - Virtual size: 36KB

.qdata Size: 165KB - Virtual size: 164KB

.relov Size: 3KB - Virtual size: 3KB

.rsrc Size: 43KB - Virtual size: 43KB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 9KB - Virtual size: 16KB

.dydata
Size: 36KB - Virtual size: 36KB

.qdata
Size: 165KB - Virtual size: 164KB

.relov
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 43KB - Virtual size: 43KB

.reloc
Size: 15KB - Virtual size: 14KB