3da90bd249d2eeae6e7af2e7318bbfabe795c8e2b10782db8c677d66ca95eec6

Sharing

Copy URL Twitter E-mail

General

Target

3da90bd249d2eeae6e7af2e7318bbfabe795c8e2b10782db8c677d66ca95eec6
Size

470KB
MD5

90fa912eba9a852be5406dc05cb3a9e0
SHA1

acf1832b84f283d0c8a171472b304e3b5e8eba8a
SHA256

3da90bd249d2eeae6e7af2e7318bbfabe795c8e2b10782db8c677d66ca95eec6
SHA512

2bb9fd3984a98420b55a0417d826551f34d0d56142e9cc7088e92a92dee44fe7e78b426f711fc01f8a42770322dfa54a6bc0afe3181cc6ef86987f6769eef478
SSDEEP

12288:wMD1+FfZdBQW5YkiZ6JZcGiP7ksFizVFx29:wMRVW5YJWc7FKVFx29

Score

N/A

Malware Config

Signatures

Files

3da90bd249d2eeae6e7af2e7318bbfabe795c8e2b10782db8c677d66ca95eec6
.exe windows x86

1ad4f8122baef995b6a8ee207447e483

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

HeapReAlloc
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
HeapCreate
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LoadLibraryW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
MultiByteToWideChar
RtlUnwind
HeapSize
GetConsoleMode
GetConsoleCP
LocalAlloc
WriteFile
FlushFileBuffers
ExitProcess
GetModuleHandleW
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
IsBadReadPtr
HeapValidate
IsProcessorFeaturePresent
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetModuleFileNameW
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
DecodePointer
LeaveCriticalSection
EnterCriticalSection
HeapQueryInformation
SetStdHandle
WaitForSingleObject
CreateProcessA
GetStringTypeW
LCMapStringW
CreateFileW
CompareStringW
SetEnvironmentVariableA
lstrcpyA
LocalFree
DeleteFileW
CloseHandle
GetCurrentThreadId
FillConsoleOutputAttribute
lstrcatW
GetModuleHandleA
GetModuleFileNameA
GetFileAttributesA
LockResource
GetConsoleScreenBufferInfo
LoadLibraryA
FillConsoleOutputCharacterA
GetProcAddress
GetLastError
GetStdHandle
lstrcatA
CreateActCtxA
ReadFile
SetConsoleCursorPosition
GetExitCodeProcess
SizeofResource
Sleep
OpenProcess
GetProcessHeap
HeapFree
GetCurrentProcess
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
HeapAlloc
LoadResource
FreeLibrary
SetFilePointer
FindResourceA
CreateFileA
WideCharToMultiByte
SetEndOfFile

user32

UpdateWindow
MapWindowPoints
LoadImageA
SetWindowTextA
DefMDIChildProcA
OpenClipboard
GetWindow
MoveWindow
SetClipboardData
SetMenuItemInfoA
LoadCursorA
GetDlgItemTextA
GetWindowThreadProcessId
LookupIconIdFromDirectory
GetNextDlgTabItem
EndPaint
DestroyWindow
SetWindowPlacement
SetCursor
GetMessageA
CloseClipboard
SetTimer
PostQuitMessage
SendDlgItemMessageA
CopyImage
GetParent
IsClipboardFormatAvailable
GetFocus
AttachThreadInput
LoadIconA
DefFrameProcA
wsprintfA
GetClientRect
GetUserObjectSecurity
SetFocus
SendMessageA
SetRectEmpty
RegisterWindowMessageA
BeginPaint
EnumWindows
GetDC
InflateRect
GetForegroundWindow
GetMenu
GetWindowTextA
SetWindowLongA
InvalidateRect
LookupIconIdFromDirectoryEx
GetWindowLongA
SetUserObjectSecurity
CreateWindowExA
ReleaseDC
EnableMenuItem
EmptyClipboard
GetDlgItem
EndDialog
DefWindowProcA
CreateIconFromResource
ShowWindow
DrawMenuBar
GetMenuItemCount
IsWindow
DispatchMessageA

gdi32

MoveToEx
PatBlt
LineTo
SetWindowExtEx
DeleteDC
CreateFontA
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
SetMapMode
CreateCompatibleBitmap
Rectangle
Ellipse
SaveDC
StretchDIBits
SetROP2
SetTextAlign
GetStockObject
RestoreDC
CreateSolidBrush
TextOutA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

GetTokenInformation
GetAclInformation
ConvertSidToStringSidA
OpenProcessToken
AddAccessAllowedAce
GetSecurityDescriptorDacl
AdjustTokenPrivileges
AddAce
InitializeAcl
GetAce
LookupPrivilegeValueA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

DragFinish
DragAcceptFiles
SHGetFolderPathW
DragQueryFileA

ole32

CreateItemMoniker
CoCreateInstance
CoInitialize

oleaut32

VariantInit

psapi

GetModuleFileNameExA

winmm

mmioWrite
mmioOpenA
mmioClose
PlaySoundA

shlwapi

PathFindFileNameA

comctl32

ImageList_Create
ImageList_ReplaceIcon
CreatePropertySheetPageA
PropertySheetA

activeds

ord3

setupapi

SetupDiGetDeviceInstallParamsA
SetupDiSetClassInstallParamsA
SetupDiSetDeviceRegistryPropertyA
SetupDiGetClassInstallParamsA
SetupDiSetDeviceInstallParamsA

uxtheme

CloseThemeData
DrawThemeBackground
SetWindowTheme
OpenThemeData
IsAppThemed

rasdlg

RasEntryDlgW

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fla
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ad4f8122baef995b6a8ee207447e483

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

psapi

winmm

shlwapi

comctl32

activeds

setupapi

uxtheme

rasdlg

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 5KB - Virtual size: 13KB

.fla Size: 100KB - Virtual size: 100KB

.rsrc Size: 100KB - Virtual size: 99KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 5KB - Virtual size: 13KB

.fla
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 100KB - Virtual size: 99KB