f070163e2468938ecf69b9cdb6ecb9ac2e965072cf03abe6c146db17bbdd9768

Sharing

Copy URL Twitter E-mail

General

Target

f070163e2468938ecf69b9cdb6ecb9ac2e965072cf03abe6c146db17bbdd9768
Size

160KB
MD5

824d38fe2b17f42ec91a0b8ef88a03d0
SHA1

f77b0191a59b5cb9ed1046054aafc3dddce6eb0b
SHA256

f070163e2468938ecf69b9cdb6ecb9ac2e965072cf03abe6c146db17bbdd9768
SHA512

404dfb8eb02e4799746bb206dc0e34d8f95d8c758f65ed62c7c4edef8d367e02209c8670a4231331cc82c889af5f023adce24f052944d33df9571fb54ff4e100
SSDEEP

1536:lVxEC/by3vyA6Hc02QALnps2+4kAjvkZ32tpPWLvXl9J4XtcTXr3+ZbIuKmmmmmk:ljTy3uH0F44kBRl0XtcX3cX9L3e560F

Score

N/A

Malware Config

Signatures

Files

f070163e2468938ecf69b9cdb6ecb9ac2e965072cf03abe6c146db17bbdd9768
.exe windows x86

9874380bcf32867071500c96aa2c8b54

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessageA
DefWindowProcW
InvalidateRgn
CharToOemBuffW
GetNextDlgTabItem
wvsprintfW
GetWindowLongW
EnumWindows
IsZoomed
SetCapture
GetClassInfoA
SendDlgItemMessageA
MonitorFromPoint
TrackPopupMenu
UpdateWindow
EndMenu
DefWindowProcA
ValidateRect
MapVirtualKeyExW
MapVirtualKeyA
GetTopWindow
ChildWindowFromPointEx

shell32

SHGetFileInfoA

advapi32

RegEnumValueW
RegEnumKeyW
RegDeleteValueW
RegCreateKeyExA

gdi32

GetStockObject
SelectObject
CreateFontIndirectW
GetArcDirection
EndPage
CreateCompatibleBitmap
CreateSolidBrush
GetCharABCWidthsA
GetRandomRgn
TextOutW
GetGlyphOutlineW
DeleteObject
SetWorldTransform
GetStretchBltMode
GetTextCharsetInfo
GetCharWidthI
RoundRect
AngleArc
GetObjectW
GetTextFaceW
MoveToEx
CreateDCA
Polygon
SetBrushOrgEx
CreatePolygonRgn
GetColorSpace
GetCurrentObject

kernel32

LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapAlloc
HeapReAlloc
RtlUnwind
RaiseException
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetLocaleInfoA
HeapSize
GetWindowsDirectoryA
EncodePointer
CancelIo
GetLogicalDrives
SetHandleInformation
LockResource
FreeResource
PostQueuedCompletionStatus
GetProcessVersion
MulDiv
GetExitCodeProcess
GetPriorityClass
GetNamedPipeHandleStateA
SetProcessShutdownParameters
VirtualAlloc
MapUserPhysicalPagesScatter
lstrcpynA
GetStdHandle
SetPriorityClass
SizeofResource
FindResourceA
CreateEventW
IsDBCSLeadByte
GetVersionExW
DebugActiveProcessStop
GetSystemDirectoryA
FormatMessageA
GetStringTypeW
VirtualProtect
GetCommandLineA
GetStartupInfoA
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9874380bcf32867071500c96aa2c8b54

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

gdi32

kernel32

Sections

.text Size: 71KB - Virtual size: 71KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 15KB - Virtual size: 37KB

.rsrc Size: 61KB - Virtual size: 60KB

.text
Size: 71KB - Virtual size: 71KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 15KB - Virtual size: 37KB

.rsrc
Size: 61KB - Virtual size: 60KB