077f62b2eaee3cb9a23d74cc5be4a218821539cbbd99876dd005a8be69e88425

Sharing

Copy URL

Twitter E-mail

General

Target

077f62b2eaee3cb9a23d74cc5be4a218821539cbbd99876dd005a8be69e88425
Size

1.1MB
MD5

80d67a15adcd8518543450adbf01aa20
SHA1

662a104df2ceac63c2df01c1f1580db3572e1023
SHA256

077f62b2eaee3cb9a23d74cc5be4a218821539cbbd99876dd005a8be69e88425
SHA512

14a4a624ac8baa28bd9473743a043868d7f79e9a32e229ba29a0e81f403f5c9aefff1de7f3c370a84f0ae7eb80a0828653d32508b80191027752fd0ba2835933
SSDEEP

24576:ANW/3/kRc4l6g6gtPbcHn7qKbRngQCsSy2zdNvILLw2MsMTteKjia9pNrdW7gdJ:tvkcmZtPw7qCCsoAPATtHjia9pNrdW7m

Score

N/A

Malware Config

Signatures

Files

077f62b2eaee3cb9a23d74cc5be4a218821539cbbd99876dd005a8be69e88425
.exe windows x64

4a85e40b703e7f894c51a443e2339cff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCreateKeyExW
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids
RegCloseKey
OpenProcessToken
TraceMessage
DuplicateToken
ControlTraceW
StartTraceW
EnableTraceEx2
CheckTokenMembership
GetTokenInformation
CreateWellKnownSid
RegQueryValueExW

kernel32

FormatMessageW
FreeLibrary
GetProcAddress
LoadLibraryW
Sleep
UnhandledExceptionFilter
GetLocalTime
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
GetStartupInfoW
CreateThread
InitializeSListHead
RtlCaptureStackBackTrace
InterlockedPushEntrySList
InterlockedPopEntrySList
SystemTimeToFileTime
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetVersionExW
SetEvent
DeleteCriticalSection
InitializeCriticalSection
GetVolumeNameForVolumeMountPointW
GetTimeFormatW
GetDateFormatW
SetLastError
WaitForSingleObject
CreateEventW
GetCurrentProcess
SetErrorMode
GetProcessHeap
FindFirstFileW
FindNextFileW
TerminateProcess
FindClose
CreateFileW
DeviceIoControl
MoveFileExW
HeapSetInformation
RegisterApplicationRestart
GetCommandLineW
LocalFree
GetLastError
CreateDirectoryW
DeleteFileW
GetFileAttributesW
LoadLibraryExW
LocalAlloc
GetSystemDirectoryW
ExpandEnvironmentStringsW
GetTickCount

gdi32

SetBkColor
DeleteDC
GdiFlush
SelectObject
SetLayout
CreateCompatibleDC
DeleteObject
GetObjectW
CreateFontIndirectW
GetDeviceCaps
ExtTextOutW
SetTextColor
CreateDIBSection

user32

LoadStringW
CheckDlgButton
DrawFrameControl
GetDlgItemTextW
SetDlgItemTextW
OffsetRect
InflateRect
SetTimer
KillTimer
GetSysColorBrush
GetWindowLongPtrW
DestroyWindow
EnableWindow
EndDialog
SetWindowLongPtrW
EndPaint
GetSysColor
MapWindowPoints
BeginPaint
ShowWindow
PostMessageW
SetWindowPos
LoadImageW
ChangeWindowMessageFilterEx
GetDesktopWindow
SetFocus
SetWindowLongW
GetWindowLongW
DestroyIcon
MoveWindow
GetWindowRect
GetClientRect
ClientToScreen
GetSystemMetrics
DialogBoxParamW
SetForegroundWindow
ReleaseDC
GetDC
SetWindowTextW
SendMessageW
GetDlgItem
SendMessageTimeoutW
GetWindowTextW
EnumWindows
RegisterWindowMessageW
MessageBoxW
IsDlgButtonChecked

msvcrt

_vscwprintf
iswspace
wcscmp
memcpy
memset
?terminate@@YAXXZ
_commode
_fmode
_acmdln
__C_specific_handler
_initterm
__setusermatherr
_cexit
_exit
exit
__set_app_type
__getmainargs
_amsg_exit
_XcptFilter
_purecall
??2@YAPEAX_K@Z
wcstok
_wcsicmp
??3@YAXPEAX@Z
_ismbblead
_vsnwprintf

shell32

ShellExecuteExW
CommandLineToArgvW
SHGetFileInfoW
SHGetStockIconInfo

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitializeSecurity
CoInitializeEx
CoDisconnectObject

oleaut32

VariantInit
SysStringLen
VariantClear
VariantTimeToSystemTime
SysFreeString
SysAllocString
SystemTimeToVariantTime

comctl32

ImageList_AddMasked
ImageList_Add
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
ord345
InitCommonControlsEx
ord344

ntdll

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WinSqmAddToStream
RtlAllocateHeap
RtlFreeHeap
RtlGetLastNtStatus
EtwTraceMessage
RtlNtStatusToDosError

sxshared

SxTracerGetThreadContextRetail
SxTracerShouldTrackFailure
SxTracerDebuggerBreak

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 463KB - Virtual size: 462KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 556KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4a85e40b703e7f894c51a443e2339cff

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

shell32

ole32

oleaut32

comctl32

ntdll

sxshared

Sections

.text Size: 86KB - Virtual size: 86KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 2KB - Virtual size: 2KB

.idata Size: 7KB - Virtual size: 7KB

.rsrc Size: 463KB - Virtual size: 462KB

.reloc Size: 556KB - Virtual size: 1.9MB

.text
Size: 86KB - Virtual size: 86KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 2KB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 463KB - Virtual size: 462KB

.reloc
Size: 556KB - Virtual size: 1.9MB