bd1b2498774ede9d969548ac234f681644dd9520788f03eb0f60e1ddecf74399

Sharing

Copy URL Twitter E-mail

General

Target

bd1b2498774ede9d969548ac234f681644dd9520788f03eb0f60e1ddecf74399
Size

547KB
MD5

56ff0ef2bd400d21295485f104dc3dd4
SHA1

2925649d35ac79fe61c97df53181bc11a0430b8b
SHA256

bd1b2498774ede9d969548ac234f681644dd9520788f03eb0f60e1ddecf74399
SHA512

a9bcdbdeb6c041937bfe8eb3e69c85342f0e56c842b7577347c9f272986f0b3e7b8a24e2039d6154e29e5a255243c8cb3aeb9b7ae6ea5bebe0e765a2c8c6bf97
SSDEEP

12288:dYhPnr2k7vSueOVkJAY7g/evaSqEbmUQRcVUnb7i:dYh/feOVkJqGlm/c67i

Score

N/A

Malware Config

Signatures

Files

bd1b2498774ede9d969548ac234f681644dd9520788f03eb0f60e1ddecf74399
.exe windows x86

48f072a608161ce8b5a64e0ea0f579a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

GetEnvironmentStringsW
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetLocaleInfoW
SetFilePointer
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetHandleCount
LoadLibraryW
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
SetLastError
GetStringTypeW
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
SetStdHandle
CreateFileW
SetEndOfFile
GlobalAlloc
CreateFileA
CloseHandle
WriteFile
GetLastError
CreatePipe
IsValidCodePage
GetOEMCP
GetACP
HeapFree
HeapQueryInformation
WaitForMultipleObjects
GetFullPathNameA
lstrlenA
WaitForSingleObject
HeapSize
HeapReAlloc
GetModuleFileNameA
HeapAlloc
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
GetCPInfo
HeapCreate
lstrcpyA
GetSystemTime
GetProcAddress
Sleep
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
GetStartupInfoW
HeapSetInformation
GetModuleHandleA
TlsFree
LoadLibraryA
GetCommandLineA
ExitProcess
GetModuleHandleW
RtlUnwind
RaiseException
GetModuleFileNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsBadReadPtr
HeapValidate
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
GetProcessHeap

user32

ReleaseDC
MessageBoxA
RegisterClassW
LoadIconW
SetRect
IntersectRect
EnumWindowStationsW
DeleteMenu
GetWindowTextLengthA
GetScrollInfo
BeginPaint
LoadCursorW
SetCursor
LoadCursorA
TrackPopupMenu
GetCursorPos
CreatePopupMenu
GetDlgItemTextW
DestroyAcceleratorTable
DefWindowProcA
UpdateWindow
ScrollWindow
SetScrollInfo
SystemParametersInfoA
GetDC
InvalidateRect
GetClientRect
PostQuitMessage
WindowFromDC
CharLowerBuffA
SendMessageA
GetWindowTextA
InsertMenuItemA
CreateMenu
EndPaint

gdi32

CreateFontIndirectA
DeleteDC
GetCharWidth32A
DeleteObject
GetCurrentObject
GetObjectA
GetTextMetricsA
TextOutA
SetTextAlign
StartDocA
StartPage
EndPage
EndDoc

winspool.drv

EnumPrintersA
OpenPrinterA
ClosePrinter
GetPrinterA
EnumJobsA

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyW

ole32

OleInitialize
StgCreateDocfile
CoUnmarshalInterface
OleIsCurrentClipboard
CoGetMalloc

ws2_32

WSCEnumProtocols

avifil32

AVIFileRelease
AVIFileInfoA
AVIFileOpenA
AVIFileInit

msacm32

acmDriverOpen
acmMetrics

winmm

PlaySoundA

iphlpapi

IcmpCloseHandle
IcmpCreateFile

rpcrt4

RpcStringFreeA
UuidCreate
UuidToStringA

opengl32

wglGetCurrentDC

Sections

.text
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 211KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48f072a608161ce8b5a64e0ea0f579a9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

ws2_32

avifil32

msacm32

winmm

iphlpapi

rpcrt4

opengl32

Sections

.text Size: 207KB - Virtual size: 206KB

.rdata Size: 87KB - Virtual size: 86KB

.data Size: 211KB - Virtual size: 219KB

.rsrc Size: 41KB - Virtual size: 40KB

.text
Size: 207KB - Virtual size: 206KB

.rdata
Size: 87KB - Virtual size: 86KB

.data
Size: 211KB - Virtual size: 219KB

.rsrc
Size: 41KB - Virtual size: 40KB