613ad7a9d3ac20de7ec7ef708dcdb2fceee70e251bd6768a1dbd50d56525faeb

Sharing

Copy URL

Twitter E-mail

General

Target

613ad7a9d3ac20de7ec7ef708dcdb2fceee70e251bd6768a1dbd50d56525faeb
Size

88KB
MD5

8046685e08a7539be493fb2b89615290
SHA1

8485f1223ede0f4b9537ccf8257ff08e7d53b0a2
SHA256

613ad7a9d3ac20de7ec7ef708dcdb2fceee70e251bd6768a1dbd50d56525faeb
SHA512

a5755717ba6ca5394884257309e7f4c4472477e0b0cb6bcc66702664a55e46b11ca08dd2f4fd3a586ce0400d7c4299d8fe7ad759d7a867da0aeb6fcfa3adf1e8
SSDEEP

1536:L3mx5ax68HiEslxrckTl1TfAbMRr01rUGkFlFJVReGlV/0yd3Puoz:kaxDHXsBfEMcUGkFlFJVReG0yd3P

Score

N/A

Malware Config

Signatures

Files

613ad7a9d3ac20de7ec7ef708dcdb2fceee70e251bd6768a1dbd50d56525faeb
.exe windows x86

990b860e2e0387137b2cef5724e5a054

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
wcslen
wcschr
wcscmp
strchr
_XcptFilter
_exit
_c_exit
rand
malloc
realloc
free
_except_handler3
_resetstkoflw
strrchr
wcsrchr
_strnicmp
_wcsnicmp
??2@YAPAXI@Z
wcsncpy
wcscpy
??3@YAXPAX@Z

advapi32

RegCreateKeyExA
IsValidSid
GetSecurityInfo
SetEntriesInAclW
SetSecurityInfo
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
AllocateAndInitializeSid
RegQueryValueExA
RegSetValueExA

kernel32

GetDiskFreeSpaceA
GetStartupInfoA
GetModuleHandleA
GlobalMemoryStatus
LoadLibraryA
GetVersionExA
DeviceIoControl
HeapFree
FreeEnvironmentStringsA
FreeEnvironmentStringsW
lstrlenA
lstrlenW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapAlloc
GetProcessHeap
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetSystemTimeAsFileTime
WaitForSingleObject
CloseHandle
UnmapViewOfFile
GetLocalTime
GetProcAddress
GetModuleHandleW
InterlockedExchange
GetCurrentThreadId
GetCurrentProcessId
MapViewOfFile
CreateFileMappingW
LocalAlloc
GetLastError
GetCurrentProcess
ReleaseMutex
SetLastError
LocalFree
CreateMutexW
LoadLibraryExA
SetEvent
ResetEvent
InterlockedIncrement
GlobalFree
GlobalUnlock
GlobalLock
CreateDirectoryW
DeleteFileW
GetTempFileNameW
WideCharToMultiByte
GlobalAlloc
InterlockedDecrement
MultiByteToWideChar
WaitForMultipleObjects
GlobalSize
CreateThread
CreateEventW
ProcessIdToSessionId
GetOverlappedResult
WriteFile
ExitThread
ReadFile
GetTickCount
CancelIo
PulseEvent
OpenEventW
WaitForMultipleObjectsEx
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter

gdi32

DeleteMetaFile
DeleteObject
GetObjectW
GetPaletteEntries
CreatePalette
SetMetaFileBitsEx
CreateMetaFileW
PlayMetaFile
CloseMetaFile
GetMetaFileBitsEx
GetStockObject

user32

PostMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadStringW
CloseClipboard
EmptyClipboard
OpenClipboard
GetClipboardOwner
GetClipboardFormatNameW
EnumClipboardFormats
CountClipboardFormats
RegisterClipboardFormatW
GetClipboardViewer
DefWindowProcW
SetClipboardViewer
PostQuitMessage
DestroyWindow
ChangeClipboardChain
UnregisterClassW
RegisterWindowMessageW
CreateWindowExW
RegisterClassW
GetClipboardData
SendMessageW

shell32

SHFileOperationA
SHFileOperationW

winsta

WinStationQueryInformationW
WinStationVirtualOpen

wsock32

socket
WSAGetLastError
WSAStartup
WSACleanup
closesocket
getsockopt
ioctlsocket
sendto

ws2_32

WSACloseEvent
WSACreateEvent
WSAGetOverlappedResult
WSARecvFrom

msacm32

acmDriverOpen
acmStreamSize
acmStreamPrepareHeader
acmDriverClose
acmStreamClose
acmFormatSuggest
acmStreamOpen
acmFormatTagDetailsW
acmDriverEnum
acmStreamUnprepareHeader
acmStreamConvert

wtsapi32

WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

ole32

OleIsCurrentClipboard
CoGetMalloc
OleSetClipboard
OleInitialize

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lvpcera
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

990b860e2e0387137b2cef5724e5a054

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

shell32

winsta

wsock32

ws2_32

msacm32

wtsapi32

ole32

Sections

.text Size: 56KB - Virtual size: 56KB

.data Size: 3KB - Virtual size: 72KB

.rsrc Size: 28KB - Virtual size: 29KB

lvpcera Size: - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 56KB

.data
Size: 3KB - Virtual size: 72KB

.rsrc
Size: 28KB - Virtual size: 29KB

lvpcera
Size: - Virtual size: 4KB