8fb6d49abbd275a3cb713851ef5fa5e6beeda7ec831b39e3f1f23b211ce9694c

Sharing

Copy URL Twitter E-mail

General

Target

8fb6d49abbd275a3cb713851ef5fa5e6beeda7ec831b39e3f1f23b211ce9694c
Size

813KB
MD5

44f3324b6a25777e08137c4ceb80cce7
SHA1

e4dfaed30282f30d31a5ba9cbb3f84469e83234b
SHA256

8fb6d49abbd275a3cb713851ef5fa5e6beeda7ec831b39e3f1f23b211ce9694c
SHA512

f3249ffadc60d2fa15a72bdbf1353827ba95acf438fc99fc1fa3b1f3127009824aef9e123f8392f92d94307710b2fb7c60c8e93d18ddd36cd707b14c142a3ff9
SSDEEP

24576:Wxk6EG4MaQYJSTUarST/2spNOBSZA9PNaKo/:WxJE/oYJST3rST/2sGTa5/

Score

N/A

Malware Config

Signatures

Files

8fb6d49abbd275a3cb713851ef5fa5e6beeda7ec831b39e3f1f23b211ce9694c
.exe windows x86

544ab8487bf9af3ccade19a5efa07c5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetNamedPipeHandleState
WriteFile
WaitNamedPipeW
GetVolumeInformationW
InterlockedDecrement
InterlockedIncrement
FreeLibrary
LoadLibraryW
SetFileAttributesW
CreateDirectoryW
Module32NextW
Module32FirstW
OpenProcess
GetFullPathNameW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
OutputDebugStringW
lstrlenW
RemoveDirectoryW
WaitForSingleObject
CreateProcessW
GetModuleFileNameW
GetModuleHandleW
GetVersionExW
SetFilePointer
ReadFile
GetFileSize
GetCurrentProcess
TerminateProcess
LocalFree
GetCommandLineW
GetProcAddress
MultiByteToWideChar
GetCurrentThreadId
UnmapViewOfFile
MapViewOfFile
DeleteFileW
MoveFileW
Sleep
GetTickCount
CreateFileMappingW
CreateFileW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
TerminateThread
OpenThread
SetEndOfFile
WriteConsoleW
FlushFileBuffers
SetStdHandle
GlobalFree
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
GetConsoleMode
GetConsoleCP
RtlUnwind
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapCreate
GetStdHandle
ExitProcess
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResumeThread
GetStartupInfoW
HeapSetInformation
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
CreateThread
ExitThread
InitializeCriticalSectionAndSpinCount
RaiseException
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
MulDiv
GetSystemInfo
CloseHandle
WideCharToMultiByte
GetNativeSystemInfo
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalLock
FreeResource
LCMapStringW
GetTempPathW
FindClose
FindNextFileW
FindFirstFileW
InterlockedExchange
GetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateFileA

user32

SetCapture
GetMessageW
GetCapture
ReleaseDC
ReleaseCapture
PtInRect
SetCursor
LoadCursorW
GetWindowLongW
SetWindowLongW
SetFocus
DefWindowProcW
GetWindowTextLengthW
GetWindowTextW
PostQuitMessage
SetWindowTextW
DrawTextW
DispatchMessageW
GetCursor
KillTimer
SetTimer
UpdateLayeredWindow
GetCursorPos
EndPaint
BeginPaint
IntersectRect
EqualRect
SetRectEmpty
EnumChildWindows
EnumThreadWindows
SystemParametersInfoW
IsZoomed
SetWindowRgn
IsRectEmpty
SetRect
SendMessageW
SetWindowPos
SendMessageTimeoutW
MsgWaitForMultipleObjects
PeekMessageW
InflateRect
TranslateMessage
MessageBoxW
UpdateWindow
EnableWindow
InvalidateRect
OffsetRect
ScreenToClient
ShowWindow
EndDialog
GetDesktopWindow
GetWindowRect
PostMessageW
MoveWindow
IsWindowVisible
GetDC
RegisterClassExW
RemovePropW
GetParent
GetPropW
IsWindow
DestroyWindow
CreateWindowExW
SetPropW
GetClientRect

gdi32

GetTextExtentPoint32W
SelectObject
PatBlt
CreateRectRgn
BitBlt
CombineRgn
OffsetRgn
CreateFontIndirectW
SaveDC
RestoreDC
SelectClipRgn
CreateCompatibleDC
SetBkMode
CreateDIBSection
CreateCompatibleBitmap
DeleteDC
GetObjectA
SetTextColor
RectVisible
ExtCreateRegion
DeleteObject

advapi32

FreeSid
SetNamedSecurityInfoW
SetEntriesInAclW
GetExplicitEntriesFromAclW
GetNamedSecurityInfoW
AllocateAndInitializeSid
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
OpenProcessToken
CheckTokenMembership
GetTokenInformation
CreateWellKnownSid

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc
SHFileOperationW
ord75
ShellExecuteExW
SHCreateDirectoryExW
SHGetSpecialFolderPathW
ShellExecuteW
CommandLineToArgvW

ole32

CoCreateGuid
StringFromGUID2
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitialize

shlwapi

PathFileExistsW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathIsDirectoryW
PathRemoveFileSpecW

gdiplus

GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipDrawImageRectI
GdipCloneImage
GdipLoadImageFromStream
GdipGetImageRawFormat
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipGetPropertyItemSize
GdipDisposeImage
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatFlags
GdipSetStringFormatTrimming
GdipSetClipRectI
GdipDrawString
GdipMeasureString
GdipDrawLineI
GdiplusShutdown
GdiplusStartup
GdipDeletePen
GdipCreatePen1
GdipFillRectangleI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneBrush
GdipAlloc
GdipFree
GdipDeleteBrush
GdipCreateSolidFill
GdipImageGetFrameCount
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromStream
GdipGetImagePixelFormat

msimg32

TransparentBlt
AlphaBlend

comctl32

_TrackMouseEvent
InitCommonControlsEx

msvfw32

DrawDibDraw
DrawDibOpen
DrawDibClose

imagehlp

ImageLoad
ImageUnload

iphlpapi

GetAdaptersInfo

ws2_32

inet_addr
ioctlsocket
connect
gethostbyname
socket
recv
send
__WSAFDIsSet
select
closesocket
WSACleanup
WSAStartup
ntohl
htons
inet_ntoa

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

544ab8487bf9af3ccade19a5efa07c5f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

gdiplus

msimg32

comctl32

msvfw32

imagehlp

iphlpapi

ws2_32

version

Sections

.text Size: 348KB - Virtual size: 348KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 8KB - Virtual size: 24KB

.rsrc Size: 357KB - Virtual size: 356KB

.reloc Size: 26KB - Virtual size: 26KB

.text
Size: 348KB - Virtual size: 348KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 8KB - Virtual size: 24KB

.rsrc
Size: 357KB - Virtual size: 356KB

.reloc
Size: 26KB - Virtual size: 26KB