60bd98a5d1c5e77401b5992791e523daa25c9e936ec0bfd8edc52fda95e27ae3

Sharing

Copy URL

Twitter E-mail

General

Target

60bd98a5d1c5e77401b5992791e523daa25c9e936ec0bfd8edc52fda95e27ae3
Size

600KB
MD5

962e8053f9c45963e21f2eea465c7c00
SHA1

f3d0be26803b2c2502626ef88a201feb6956b3e2
SHA256

60bd98a5d1c5e77401b5992791e523daa25c9e936ec0bfd8edc52fda95e27ae3
SHA512

07361835a768c03dc8588a0f5eeed2ea0659be22c477f7c7809cce68fd6df3ccc6081fc0d70822609dda69e6a69a7d315e3e5f2db71629a26a388ced5ae41a0a
SSDEEP

12288:M7Tg15v8XS3lRkRc4YFwjsWOfRg6gtPbcTTn7qxerx7zj:kcXvWS3/kRc4l6g6gtPbcHn7qkj

Score

N/A

Malware Config

Signatures

Files

60bd98a5d1c5e77401b5992791e523daa25c9e936ec0bfd8edc52fda95e27ae3
.exe windows x86

04d8ee76d0a182663f0fc26de23d4858

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
CloseTrace
RegCreateKeyExW
OpenProcessToken
TraceMessage
ControlTraceW
EnableTrace
StartTraceW
CheckTokenMembership
GetTokenInformation
CreateWellKnownSid
RegOpenKeyExW
RegQueryValueExW
DuplicateToken

kernel32

GetLocaleInfoW
FormatMessageW
LoadLibraryW
GetProcAddress
FreeLibrary
CreateThread
Sleep
GetLocalTime
GetCalendarInfoW
GetModuleHandleW
LoadLibraryExW
GetVolumePathNameW
ExpandEnvironmentStringsW
MoveFileExW
CreateFileW
DeviceIoControl
FindFirstFileW
FindNextFileW
FindClose
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
GetVolumeInformationW
GetDriveTypeW
CreateEventW
DeleteCriticalSection
SetEvent
InitializeCriticalSection
GetVolumeNameForVolumeMountPointW
GetDateFormatW
GetTimeFormatW
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
SystemTimeToFileTime
FileTimeToSystemTime
WaitForSingleObject
InterlockedPopEntrySList
InitializeSListHead
RtlCaptureStackBackTrace
InterlockedPushEntrySList
InterlockedDecrement
InterlockedIncrement
CloseHandle
SetLastError
GetProcessHeap
HeapSetInformation
SetErrorMode
GetCommandLineW
RegisterApplicationRestart
GetFileAttributesW
DeleteFileW
CreateDirectoryW
GetLastError
LocalFree

gdi32

CreateCompatibleDC
SetLayout
SelectObject
DeleteDC
DeleteObject
GdiFlush
CreateDIBSection
SetTextColor
SetBkColor
ExtTextOutW
CreateFontIndirectW
GetDeviceCaps

user32

SetWindowTextW
EnumWindows
GetWindowTextW
GetDlgItemTextW
SetDlgItemTextW
SendMessageTimeoutW
RegisterWindowMessageW
DestroyWindow
SystemParametersInfoW
ReleaseDC
GetDC
SendMessageW
DialogBoxParamW
SetForegroundWindow
MessageBoxW
MoveWindow
GetWindowRect
GetClientRect
ClientToScreen
GetSystemMetrics
DestroyIcon
EndPaint
GetSysColor
MapWindowPoints
GetDlgItem
BeginPaint
SetFocus
SetWindowLongW
GetWindowLongW
ShowWindow
EndDialog
EnableWindow
PostMessageW
SetWindowPos
LoadImageW
LoadStringW
CheckDlgButton
IsDlgButtonChecked
InflateRect
DrawFrameControl
OffsetRect
SetTimer
GetSysColorBrush
KillTimer
GetDesktopWindow
ChangeWindowMessageFilter

msvcrt

memset
memmove
wcstok
_wtol
??2@YAPAXI@Z
_purecall
_vscwprintf
memcpy
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_except_handler4_common
_controlfp
_wcsicmp
??3@YAXPAX@Z
iswspace
_vsnwprintf
wcschr

shell32

CommandLineToArgvW
ShellExecuteExW
SHGetFileInfoW
SHGetStockIconInfo

ole32

CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoDisconnectObject

oleaut32

VariantInit
VariantTimeToSystemTime
SysFreeString
SysStringLen
SystemTimeToVariantTime
SysAllocString
VariantClear

comctl32

ImageList_Add
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Create
ord345
InitCommonControlsEx
ord344
ImageList_Destroy

ntdll

RtlAllocateHeap
RtlFreeHeap
WinSqmAddToStream
EtwTraceMessage
RtlGetLastNtStatus

virtdisk

GetStorageDependencyInformation

sxshared

SxTracerDebuggerBreak
SxTracerGetThreadContextRetail
SxTracerShouldTrackFailure

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 463KB - Virtual size: 462KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mcvxgya
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

04d8ee76d0a182663f0fc26de23d4858

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

shell32

ole32

oleaut32

comctl32

ntdll

virtdisk

sxshared

Sections

.text Size: 97KB - Virtual size: 97KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 463KB - Virtual size: 462KB

.reloc Size: 34KB - Virtual size: 35KB

mcvxgya Size: - Virtual size: 4KB

.text
Size: 97KB - Virtual size: 97KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 463KB - Virtual size: 462KB

.reloc
Size: 34KB - Virtual size: 35KB

mcvxgya
Size: - Virtual size: 4KB