fc21fcd0479c10b640c37adc354c92cf4157cccc6adc29b83e81c5b04826f9e2

Sharing

Copy URL Twitter E-mail

General

Target

fc21fcd0479c10b640c37adc354c92cf4157cccc6adc29b83e81c5b04826f9e2
Size

576KB
MD5

a1969a8c5be5019d2387a76e315415f0
SHA1

a2249fe5489b5d94dfbca1bcc5e44eb69a11ac43
SHA256

fc21fcd0479c10b640c37adc354c92cf4157cccc6adc29b83e81c5b04826f9e2
SHA512

18c126d5734ea0a25cb395eb517a66cd5b2f76c72d6004b72b8c48ca293139c344a3db301c5016ad2169ec466e0bc826f615360a7a50ffcbd0c424b75a7b1d25
SSDEEP

12288:ASfgVZe8OZLJrYGwhxwE9/Gmu7pwdXfIgVytNt+EKUcNl:Ag0bhJ5GfA3/UcX

Score

N/A

Malware Config

Signatures

Files

fc21fcd0479c10b640c37adc354c92cf4157cccc6adc29b83e81c5b04826f9e2
.exe windows x86

f0fd2b0cf9f928454a8824756ed2b663

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
LoadLibraryW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
HeapSize
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetTickCount
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetModuleFileNameW
GetStdHandle
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitProcess
GetModuleHandleW
GetProcAddress
DecodePointer
EncodePointer
HeapFree
GetSystemTimeAsFileTime
MultiByteToWideChar
LCMapStringW
GetStringTypeW
HeapReAlloc
RtlUnwind
ReadFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
SetStdHandle
WriteConsoleW
lstrcpyW
GetCurrentProcessId
CloseHandle
GetModuleHandleA
LockResource
CreateFileMappingA
LoadLibraryA
EnterCriticalSection
VerLanguageNameA
GetLastError
ReleaseSemaphore
lstrlenW
CreateSemaphoreA
HeapCreate
LeaveCriticalSection
SizeofResource
Sleep
FindResourceExA
WriteFile
WaitForSingleObject
GlobalLock
HeapAlloc
LoadResource
MapViewOfFile
GetLocaleInfoA
CreateFileA
lstrlenA
GetOEMCP
CreateFileW

user32

GetSubMenu
DrawIconEx
DeleteMenu
CopyImage
GetFocus
LoadBitmapA
LoadIconA
IsWindowEnabled
DrawTextA
GetMenuItemID
MoveWindow
RegisterClassA
ClientToScreen
EndPaint
FillRect
SetDlgItemTextA
GetWindowDC
PostQuitMessage
wsprintfA
DrawIcon
GetClientRect
CreateDialogParamA
GetWindowRect
CloseClipboard
EndDeferWindowPos
DestroyIcon
LoadCursorA
FindWindowA
DestroyMenu
SetClipboardData
EnableWindow
LoadImageA
SetWindowTextA
GetSystemMetrics
BeginDeferWindowPos
DeferWindowPos
OpenClipboard
GetKeyboardType
IsWindow
GetMenuItemCount
AppendMenuA
CheckMenuItem
DestroyWindow
GetClassInfoA
IsDlgButtonChecked
CreatePopupMenu
CreateMenu
GetWindowTextLengthA
SendMessageA
BeginPaint
GetIconInfo
GetDC
SetSysColors
GetMenu
OffsetRect
GetCursorInfo
GetWindowTextA
SetRect
SetWindowLongA
MessageBoxA
UnionRect
UnregisterClassA
SystemParametersInfoW
CreateWindowExA
ReleaseDC
EnableMenuItem
EmptyClipboard
SetClassLongA
GetMenuState
GetDlgItem
EndDialog
DefWindowProcA
SendMessageTimeoutA
GetDesktopWindow
LoadStringW
GetMenuStringA
EnumWindowStationsW
ShowWindow
SetMenu

gdi32

GetBitmapBits
BitBlt
PatBlt
GetTextExtentPoint32A
TextOutA
CreateSolidBrush
RestoreDC
GetStockObject
CreateRectRgn
SaveDC
CreateCompatibleBitmap
CombineRgn
CreateCompatibleDC
SelectObject
DeleteObject
CreateBitmap
ExcludeClipRect
SetBkColor
GetDeviceCaps
DeleteDC
CreateFontA
SetTextColor

advapi32

IsValidAcl
GetAclInformation
RegQueryValueExA
RegCloseKey
GetLengthSid
CryptGenKey
RegOpenKeyExW
FreeSid
IsValidSid
AddAccessAllowedAce
AllocateAndInitializeSid
InitializeAcl
RegQueryValueExW
LookupAccountSidA
GetTokenInformation

shell32

SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream

oleaut32

OleCreatePictureIndirect

wininet

FtpSetCurrentDirectoryA

shlwapi

PathFindFileNameA

comctl32

ImageList_Create
ImageList_ReplaceIcon
ImageList_Add

rpcrt4

RpcServerUseProtseqEpA
RpcServerListen
RpcServerRegisterIfEx

secur32

GetUserNameExA

uxtheme

DrawThemeBackground

Sections

.text
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0fd2b0cf9f928454a8824756ed2b663

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wininet

shlwapi

comctl32

rpcrt4

secur32

uxtheme

Sections

.text Size: 364KB - Virtual size: 364KB

.rdata Size: 108KB - Virtual size: 108KB

.data Size: 5KB - Virtual size: 12KB

.ndata Size: 33KB - Virtual size: 33KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 63KB - Virtual size: 62KB

.text
Size: 364KB - Virtual size: 364KB

.rdata
Size: 108KB - Virtual size: 108KB

.data
Size: 5KB - Virtual size: 12KB

.ndata
Size: 33KB - Virtual size: 33KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 63KB - Virtual size: 62KB