c344a365d40ed1a77315f7e99b61bd9ca598e86602df1cec07a1fe14fa11154a

Sharing

Copy URL Twitter E-mail

General

Target

c344a365d40ed1a77315f7e99b61bd9ca598e86602df1cec07a1fe14fa11154a
Size

167KB
MD5

47103c6b9b85a24bfa6571aea7831380
SHA1

d6fe4467e16be0d61de6db7dbebd5c23271f27bf
SHA256

c344a365d40ed1a77315f7e99b61bd9ca598e86602df1cec07a1fe14fa11154a
SHA512

7c9db7b84c8b64324408ef5e611afa0432b6cccbc6b9818f9d25340cceb6d9611a1576f1b545045e7d063b1d52db3c93c343a52bc1337c493e9dce53bb6a6709
SSDEEP

3072:RXZu683T0JVX8n71E/UelAiswa17zVPapfRz7KWPuR:RXYJYXapEcNrAp5z7

Score

N/A

Malware Config

Signatures

Files

c344a365d40ed1a77315f7e99b61bd9ca598e86602df1cec07a1fe14fa11154a
.exe windows x86

1475e86f07432fed82e0be5b159c6218

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetThreadPriority
GetConsoleMode
LoadLibraryExW
CreateSemaphoreA
FileTimeToLocalFileTime
CreateEventA
GetDiskFreeSpaceA
GetEnvironmentVariableW
GetDriveTypeW
GetStartupInfoW
GetUserDefaultLCID
GetProcessHeap
IsBadReadPtr
GetDriveTypeA
GetVolumeInformationA
IsValidLanguageGroup
GetEnvironmentVariableA
IsDBCSLeadByteEx
GetThreadLocale
IsValidCodePage
SetFileApisToOEM
GetCurrentThreadId
SetErrorMode
FindVolumeClose

user32

DdeAddData
MapVirtualKeyA
DrawEdge
SetActiveWindow
RemoveMenu
InternalGetWindowText
CallWindowProcA
GetScrollPos
DestroyIcon
DestroyMenu
CountClipboardFormats
BeginDeferWindowPos
DdePostAdvise
UnhookWindowsHookEx
FindWindowExW
GetActiveWindow
IsDlgButtonChecked
CheckDlgButton
DefWindowProcA
SetWindowLongW
MapVirtualKeyExW
GetClipboardData
GetWindowLongA
SetWindowLongA
SetLastErrorEx
LoadIconW
GetDC
wsprintfW
GetClassLongW
SendMessageA
FindWindowExA
GetProcessWindowStation
DeleteMenu
IsZoomed
GetTopWindow
GetMenuItemID
GetThreadDesktop
MapVirtualKeyW
CloseClipboard
GetWindowTextLengthW
SetCursor
DdeInitializeW
CopyAcceleratorTableW
DrawFrameControl
GetMessagePos

gdi32

GetStockObject
SetViewportExtEx

ole32

CoInitialize

Exports

Exports

?AnsaPoemKeefMautTikiacedbroby@@YGGHPCKACJ@Z
?EsesTaelesneMuskyo@@YGXI@Z
?NettDrubMaraNapsno@@YG_KPCUPeenReadfid@@AC_K@Z
?WolfliloOxenIllyWichEkedBoos@@YGGACU_GUID@@UAxesTuisEpic@@PCU_SECURITY_DESCRIPTOR@@DK@Z

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1475e86f07432fed82e0be5b159c6218

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 87KB - Virtual size: 87KB

.data Size: 22KB - Virtual size: 22KB

.rsrc Size: 34KB - Virtual size: 34KB

.reloc Size: 22KB - Virtual size: 21KB

.text
Size: 87KB - Virtual size: 87KB

.data
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 22KB - Virtual size: 21KB