8d7bf9d30b73a21733a3f99c4635cc63987f34926918b1e7cde8a97fa6675e44

Sharing

Copy URL Twitter E-mail

General

Target

8d7bf9d30b73a21733a3f99c4635cc63987f34926918b1e7cde8a97fa6675e44
Size

361KB
MD5

a05cd3a43350f895e6b36441358b3260
SHA1

323c6b411f7ee953c9953a37786006518a7b1bf7
SHA256

8d7bf9d30b73a21733a3f99c4635cc63987f34926918b1e7cde8a97fa6675e44
SHA512

0663f85ca3d4a746891743e7134300b35c6be1e6f0d8841b16b5952577d26184c8efd1a9b38c036c551f580fc1bb4dbbbcdbf5623ebe072e26d6a59a7946cbf1
SSDEEP

6144:BbuVvSHfNFl2T5EpLnp+ocENWnUfcZTQgjFAmnMsxT+6xkAGH:BbuVEfHc29ns1Uf4TbmufkH

Score

N/A

Malware Config

Signatures

Files

8d7bf9d30b73a21733a3f99c4635cc63987f34926918b1e7cde8a97fa6675e44
.exe windows x86

a4bf86c43ad55254261051774f93e97a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

RtlUnwind
Sleep
GetConsoleMode
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
LoadLibraryW
LCMapStringW
GetStringTypeW
SetStdHandle
WriteConsoleW
HeapReAlloc
FlushFileBuffers
HeapSize
CreateFileW
GetLastError
CreateFileA
InterlockedIncrement
GetProcAddress
HeapCreate
lstrlenA
MultiByteToWideChar
GetStartupInfoA
GetModuleHandleA
GetConsoleCP
LoadLibraryA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
CloseHandle
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
IsProcessorFeaturePresent
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
TerminateProcess
EncodePointer
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

ReleaseDC
GetForegroundWindow
GetDC
ShowWindow
LoadMenuA
DrawFrameControl
SetWindowPos
SendMessageA
GetMessageA
TranslateMessage
DispatchMessageA
LoadBitmapA
DialogBoxParamA
SetWindowTextA
GetWindowRect
MessageBoxW
GetClientRect
SystemParametersInfoA
CreateWindowExA
UpdateWindow
DestroyWindow
PostQuitMessage
LoadCursorA
RegisterClassA
CreateMenu
InsertMenuA
GetSystemMetrics

gdi32

SelectObject
GetPixel
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleBitmap
BitBlt
GetStockObject
GetObjectA
CreateFontIndirectA
CreateSolidBrush
CreatePen
Rectangle
DeleteDC
EnumFontsA
ChoosePixelFormat
CreateCompatibleDC

comdlg32

FindTextW

advapi32

RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW

shell32

SHParseDisplayName
SHCreateShellItem
SHGetFolderPathW
SHGetFolderPathA

ole32

CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoSetProxyBlanket
CoCreateInstance

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString

netapi32

NetApiBufferFree
NetGetDCName
NetWkstaUserGetInfo
NetShareGetInfo

psapi

GetProcessMemoryInfo

shlwapi

wnsprintfA
PathAppendA

rpcrt4

UuidCreateSequential

gdiplus

GdiplusStartup

tapi32

lineSetTollListA
phoneGetLamp

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.get
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4bf86c43ad55254261051774f93e97a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

netapi32

psapi

shlwapi

rpcrt4

gdiplus

tapi32

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 3KB - Virtual size: 11KB

data Size: 34KB - Virtual size: 34KB

.get Size: 172KB - Virtual size: 171KB

.rsrc Size: 93KB - Virtual size: 93KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 3KB - Virtual size: 11KB

data
Size: 34KB - Virtual size: 34KB

.get
Size: 172KB - Virtual size: 171KB

.rsrc
Size: 93KB - Virtual size: 93KB

.reloc
Size: 4KB - Virtual size: 4KB