da393670e34bd0187d7ede7adf5ed00dc1451892319aa6e1f471e50da491745c

Sharing

Copy URL Twitter E-mail

General

Target

da393670e34bd0187d7ede7adf5ed00dc1451892319aa6e1f471e50da491745c
Size

184KB
MD5

a1757ae8049fba2f812dc4a636341022
SHA1

4f6e0eeb66a2f47b896d19f54c7453f784f456e1
SHA256

da393670e34bd0187d7ede7adf5ed00dc1451892319aa6e1f471e50da491745c
SHA512

bb4dbffa97c89c459f87752b2d9d714267f4f361ce224ff63ddc2de9547b5385382b1b70050ca31a564a88554a96bc810871e0c50d064e3a2d80aa541b3996b3
SSDEEP

3072:RKh3xyD7UAoUMMnMMMMMX7I7DPpt/LDQruVfqt/AP2H84s3D8pFb+H4yERAo40Us:sO7UA/MMnMMMMMa7LMr6fo/AOjs3D81O

Score

N/A

Malware Config

Signatures

Files

da393670e34bd0187d7ede7adf5ed00dc1451892319aa6e1f471e50da491745c
.exe windows x86

9423d72e47376cb5bceab4b5b5206a2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
GetStartupInfoA
CreateDirectoryA
DuplicateHandle
SetStdHandle
TlsAlloc
CloseHandle
CompareStringA
RtlUnwind
lstrcmpiW
lstrcatA
HeapFree
MoveFileA
FileTimeToSystemTime
FindFirstFileA
VirtualAlloc
GetTempPathA
GetOEMCP
GetCurrentDirectoryA
FreeEnvironmentStringsA
CreateProcessW
GetStringTypeA
LCMapStringW
ExitProcess
VirtualProtect
LockResource
GetUserDefaultLangID
lstrcpyA
GetUserDefaultLCID
SetCurrentDirectoryA
GetTickCount
IsBadCodePtr
WriteFile
GetDateFormatA
GetFullPathNameA
GlobalHandle
GetFileType
LCMapStringA
_lclose
ReadFile
GetWindowsDirectoryA
_lwrite
TerminateProcess
ResumeThread
FindResourceA
EnterCriticalSection
IsBadReadPtr
SetLocalTime
GetModuleFileNameA
FileTimeToLocalFileTime
lstrcmpA
GetFileTime
GlobalAddAtomA
GetProcAddress
GetVolumeInformationA
GetTimeZoneInformation
SetEndOfFile
FreeEnvironmentStringsW
GetStringTypeW
MultiByteToWideChar
GetSystemTime
LoadLibraryA
GetCommandLineA
CreateFileA
GetCurrentProcessId
FlushFileBuffers
SystemTimeToFileTime
GetStdHandle
LeaveCriticalSection
InterlockedIncrement
MulDiv
GetVersion
GetCPInfo
GetTempFileNameA
UnhandledExceptionFilter
IsDBCSLeadByte
GetLastError
GetSystemDefaultLangID
GlobalFree
VirtualQuery
GetLocaleInfoA
ExitThread
CreateProcessA
DeleteFileA
SetFileTime
lstrcmpiA
HeapCreate
GetExitCodeProcess
WaitForSingleObject
LockFile
GetStringTypeExA
LoadResource
SetHandleCount
SetFilePointer
SearchPathA
GetModuleHandleA
SetEvent
GetACP
GetCurrentThreadId
TlsGetValue
GlobalUnlock
SetEnvironmentVariableA
lstrlenA
SetLastError
FormatMessageW
GetModuleFileNameW
CreateMailslotA
CreateEventA
HeapReAlloc
GetEnvironmentStringsW
InterlockedDecrement
RaiseException
GetVersionExA
GetSystemDefaultLCID
GetFileAttributesA
FormatMessageA
DeleteCriticalSection
lstrcpynA
CreateThread
VirtualFree
_llseek
GetEnvironmentStrings
CompareStringW
GlobalDeleteAtom
FreeLibrary
HeapSize
SetFileAttributesA
GetProfileStringA
SetErrorMode
ResetEvent
TlsSetValue
_lread
WideCharToMultiByte
WinExec
GetSystemInfo
UnlockFile
LoadLibraryExA
GetSystemDirectoryA
FindClose
InitializeCriticalSection
HeapAlloc
GlobalAlloc
Sleep
FlushInstructionCache
HeapDestroy
GetCurrentProcess
GlobalSize
GlobalLock
TlsFree
RemoveDirectoryA
GetLocalTime
ReleaseSemaphore
FreeResource
SizeofResource
GetDriveTypeA
FindNextFileA
GlobalReAlloc

mswsock

sethostname

ddraw

DirectDrawEnumerateA

advapi32

RegQueryValueA
RegOpenKeyExA
RegEnumValueA
RegSetValueExA
RegEnumKeyW
ReportEventA
RegOpenKeyA
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyW
RegDeleteKeyA
LookupPrivilegeValueA
DeregisterEventSource
RegSetValueA
RegSetValueExW
SetSecurityDescriptorDacl
RegQueryInfoKeyA
RegDeleteValueA
InitializeSecurityDescriptor
RegDeleteValueW
RegCloseKey
RegCreateKeyA
RegisterEventSourceA
RegOpenKeyW
RegEnumValueW
RegQueryValueExA
RegEnumKeyA
OpenProcessToken
AdjustTokenPrivileges

samlib

SamiSetDSRMPassword
SamTestPrivateFunctionsUser
SamConnectWithCreds
SamRemoveMultipleMembersFromAlias

user32

SetParent
GetSysColor
GetClientRect
SetCaretPos
GetSystemMetrics
GetWindowLongA
IsChild
GetMenuItemInfoA
EndDialog
HideCaret
GetMenuStringA
GetWindow
GetCapture
IsClipboardFormatAvailable
SetWindowContextHelpId
GetUpdateRect
DrawIcon
SetCursorPos
EndPaint
CreateAcceleratorTableA
FindWindowW
keybd_event
VkKeyScanW
CharLowerBuffA
GetParent
DdeFreeStringHandle
DrawTextA
DispatchMessageA
DdeCmpStringHandles
GetIconInfo
CharToOemA
CreateIcon
CharLowerBuffW
DrawFocusRect
GetQueueStatus
DdeCreateDataHandle
SystemParametersInfoA
OemToCharA
GetMessageTime
LoadIconA
CallNextHookEx
DdeQueryConvInfo
SetWindowLongA
SetWindowTextA
MessageBoxA
SetClipboardData
PostMessageA
ReleaseDC
IsDialogMessageA
GetActiveWindow
DeleteMenu
CharPrevA
IsWindow
CloseClipboard
MoveWindow
TranslateMessage
RemovePropA
AttachThreadInput
GetClassInfoA
RegisterClassExA
GetFocus
PeekMessageA
DdeInitializeA
KillTimer
DdeFreeDataHandle
DefWindowProcA
GetKeyboardState
SetPropA
ClientToScreen
wsprintfA
CallWindowProcA
GetMenuState
TabbedTextOutA
CreateWindowExA
EmptyClipboard
ShowCaret
FillRect
SubtractRect
UnregisterClassA
SetMenuDefaultItem
GetDlgItem
CopyRect
IsIconic
GetAsyncKeyState
MsgWaitForMultipleObjects
DdeUninitialize
DrawFrameControl
GetWindowTextA
GetCaretBlinkTime
WaitForInputIdle
GetWindowRgn
ClipCursor
CopyAcceleratorTableA
DdeDisconnect
ShowCursor
GetTabbedTextExtentA
GetDCEx
DdeClientTransaction
DefFrameProcA
InflateRect
PostMessageW
DdeAbandonTransaction
CreateCursor
WindowFromPoint
IsWindowEnabled
LoadImageA
CharUpperA
EndDeferWindowPos
SetCursor
DestroyWindow
FrameRect
IsRectEmpty
CreateMenu
GetUpdateRgn
CreateCaret
AdjustWindowRectEx
EnumClipboardFormats
SetWindowsHookExW
IsZoomed
GetSystemMenu
EnableWindow
AdjustWindowRect
SetWindowRgn
SetActiveWindow
DefMDIChildProcA
GetMenuItemCount
ShowScrollBar
TranslateMDISysAccel
EnumThreadWindows
PeekMessageW
CharUpperBuffW
DdeGetLastError
LockWindowUpdate
WaitMessage
GetMenu
UpdateWindow
GetLastActivePopup
TrackPopupMenu
DdePostAdvise
DrawMenuBar
SetRect
SetScrollInfo
DestroyAcceleratorTable
DdeSetUserHandle
GetMenuItemID
FindWindowA
DeferWindowPos
AppendMenuA
IsWindowVisible
ShowWindow
InvalidateRect
DdeGetData
ToAscii
GetForegroundWindow
InvalidateRgn
GetScrollPos
SetKeyboardState
MessageBeep
GetDesktopWindow
SetScrollPos
SetMenu
RemoveMenu
GetMessagePos
SetDlgItemTextA
LoadAcceleratorsA
SetMenuItemInfoA
LoadStringA
GetPropA
CharLowerA
DdeConnect
ScreenToClient
CharUpperBuffA
GetDoubleClickTime
GetCaretPos
DestroyIcon
DdeCreateStringHandleA
LoadCursorA
SetFocus
DdeQueryStringA
IntersectRect
GetClipboardFormatNameA
WinHelpA
CreatePopupMenu
BringWindowToTop
DestroyCursor
GetWindowDC
CharToOemBuffA
ReleaseCapture
EnableMenuItem
VkKeyScanA
SetScrollRange
SetCapture
OpenClipboard
GetWindowRect
RegisterClassA
SetTimer
GetClassNameA
GetScrollInfo
BeginPaint
ModifyMenuA
MessageBoxIndirectA
CharNextA
UnhookWindowsHookEx
CheckMenuItem
CreateDialogParamA
GetKeyState
DestroyMenu
LoadBitmapA
GetWindowThreadProcessId
EqualRect
IsCharAlphaA
SetWindowPos
DestroyCaret
GetSubMenu
SetForegroundWindow
DdeNameService
GetCursor
OffsetRect
SendDlgItemMessageA
GetClassInfoExA
GetDC
PostQuitMessage
PtInRect
GetCursorPos
SendMessageA
PostThreadMessageA
InsertMenuA
DialogBoxParamA
BeginDeferWindowPos
RegisterClipboardFormatA
MapWindowPoints
GetWindowTextLengthA
GetClipboardData
SetWindowsHookExA
GetKeyboardLayout

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9423d72e47376cb5bceab4b5b5206a2b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mswsock

ddraw

advapi32

samlib

user32

Sections

.text Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 64B

.idata Size: 11KB - Virtual size: 10KB

.rsrc Size: 57KB - Virtual size: 56KB

.data Size: 48KB - Virtual size: 376KB

.rdata Size: 65KB - Virtual size: 64KB

.text
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 64B

.idata
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 57KB - Virtual size: 56KB

.data
Size: 48KB - Virtual size: 376KB

.rdata
Size: 65KB - Virtual size: 64KB