c93a013ec9f51bd1bd5496744abb5295f833445245648f77d151691a394c8886

Sharing

Copy URL Twitter E-mail

General

Target

c93a013ec9f51bd1bd5496744abb5295f833445245648f77d151691a394c8886
Size

465KB
MD5

4df944d009cab9259b0ccf4f7b47db20
SHA1

f421febbd439570862250828a5b701eab78a87ed
SHA256

c93a013ec9f51bd1bd5496744abb5295f833445245648f77d151691a394c8886
SHA512

31f5f4fdcb160ff2cf3b91413f6bb24083affa707c161f3a3dc6282f6f3db808ef1bd6f7f3cedafdf7efbd16515bdc935ebbbc19a26e9587d10b9f7e1545f97f
SSDEEP

12288:KLLdQ9BTg3YUGS/l48VkrqsIGuANKz7LBh:KLaWCpUAN4j

Score

N/A

Malware Config

Signatures

Files

c93a013ec9f51bd1bd5496744abb5295f833445245648f77d151691a394c8886
.exe windows x86

5b8d45700eb4620040da8b15b578ce2d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM

Imports

kernel32

GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LoadLibraryW
DeleteCriticalSection
GetStdHandle
RaiseException
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
GetStringTypeW
SetFilePointer
SetStdHandle
FlushFileBuffers
CloseHandle
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
ReadFile
CreateFileW
SetEndOfFile
GetLastError
FindFirstFileA
SetHandleCount
FindClose
GetCommandLineA
HeapCreate
InterlockedIncrement
HeapAlloc
GetProfileStringA
GlobalFree
lstrlenA
IsBadReadPtr
HeapValidate
RtlUnwind
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
GetConsoleMode
GetConsoleCP
WriteFile
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
LCMapStringW
SetLastError
TlsFree
GetCurrentThreadId
GetProcessHeap
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
GetModuleFileNameW
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
FindNextFileA
GetFileType
GetStartupInfoW
HeapSetInformation
ExitProcess
GetModuleHandleW
GetProcAddress
CreateFileA
lstrlenW
WideCharToMultiByte
EnumDateFormatsA
DecodePointer
InterlockedDecrement

user32

GetClipCursor
CreateWindowExA
EndDialog
PostQuitMessage
SendDlgItemMessageA
MoveWindow
GetClientRect
DrawIcon
SetScrollPos
InvalidateRect
SetScrollRange
LoadBitmapA
SendMessageA
GetIconInfo
GetDesktopWindow
GetForegroundWindow
IsWindowVisible
FindWindowA
FindWindowExA
SetWindowRgn
GetWindow
GetClassNameA
GetWindowTextA
SetDlgItemTextA
GetDlgItem
SetWindowLongA
SetWindowPos
GetWindowRect
GetParent
ShowWindow
GetSystemMetrics
MessageBoxA
IsDlgButtonChecked
CheckDlgButton
MessageBoxW
GetDC
ReleaseDC

gdi32

CreateEllipticRgnIndirect
CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
GetDeviceCaps
CreateDCA
CreateMetaFileA
SetMapMode
SetWindowExtEx
SetWindowOrgEx
CreateFontIndirectA
ExtTextOutA
MoveToEx
LineTo
CloseMetaFile
DeleteMetaFile
StartDocA
StartPage
Escape
EndPage
EndDoc
GetTextMetricsA

comdlg32

PrintDlgA

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegEnumKeyExA

shell32

SHGetFolderPathW
SHGetFolderPathA
ExtractIconExA
ord727
SHGetFileInfoW

ole32

CoInitialize
CoFileTimeNow

odbc32

ord75
ord24
ord39
ord31
ord9
ord13
ord4
ord111
ord107

ws2_32

WSAGetLastError
WSALookupServiceEnd
WSACleanup
inet_addr
WSAStartup
WSALookupServiceBeginA
WSALookupServiceNextA
closesocket
getsockopt
bind
socket

iphlpapi

SendARP

shlwapi

StrToIntExA
AssocCreate
StrStrIA
PathAppendA

comctl32

CreateToolbarEx
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Create
ImageList_Add

powrprof

ReadProcessorPwrScheme

Sections

.text
Size: 386KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b8d45700eb4620040da8b15b578ce2d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

odbc32

ws2_32

iphlpapi

shlwapi

comctl32

powrprof

Sections

.text Size: 386KB - Virtual size: 386KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 8KB - Virtual size: 15KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 386KB - Virtual size: 386KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 8KB - Virtual size: 15KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 17KB - Virtual size: 16KB