ff76cffb091b664d1ca01d6d910d2cce6da96012fbf659b98a437af668abe46f

Sharing

Copy URL Twitter E-mail

General

Target

ff76cffb091b664d1ca01d6d910d2cce6da96012fbf659b98a437af668abe46f
Size

424KB
MD5

8107289b9a444ac20643b334ac1eea8d
SHA1

f908f66f460d74aace39ea942e6483a895500c8c
SHA256

ff76cffb091b664d1ca01d6d910d2cce6da96012fbf659b98a437af668abe46f
SHA512

6426f2ac4f2fd5f0e2ced994abd0b59c31696aaa665e26f992e8b4bbef998e7bafa3b02e2ccad480e906577e2c3fe88e1231fe0f7bcc067074e65737720412db
SSDEEP

12288:QzHypOkQuQ8ukplnRcmHxyeIWNUuqMd1+aBdN:StkHQ8BVcyu/uq6BdN

Score

N/A

Malware Config

Signatures

Files

ff76cffb091b664d1ca01d6d910d2cce6da96012fbf659b98a437af668abe46f
.exe windows x86

1f2a32d634ee7efad9f83582e0e10b06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetConsoleMode
GetConsoleCP
GetStringTypeW
LCMapStringW
HeapReAlloc
ReadFile
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
FlushFileBuffers
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
SetFilePointer
SetStdHandle
WriteConsoleW
GetLastError
GetStdHandle
GetConsoleScreenBufferInfo
CreateFileA
CloseHandle
WriteFile
HeapCreate
GetProcessHeap
HeapAlloc
FormatMessageA
LocalFree
GetProcAddress
GlobalAlloc
GlobalLock
GlobalUnlock
LoadLibraryW
CreateFileW
Sleep
LoadLibraryA
RaiseException
RtlUnwind
HeapFree
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleFileNameW
EncodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection

user32

GetSystemMetrics
GetDlgItem
SendMessageA
BeginPaint
InsertMenuItemA
wsprintfA
EndPaint
DefWindowProcA
LoadImageA
InvalidateRect
SetRect
GetClientRect
GetClassNameW
GetWindowTextLengthA
GetWindowTextA
GetFocus
GetWindowRect
SetWindowPos
DrawFrameControl
GetDC
ReleaseDC
GetDesktopWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetClipboardData
SendDlgItemMessageW

gdi32

GetObjectA
SaveDC
GetDeviceCaps
CreateFontA
SelectObject
GetTextExtentPoint32A
TextOutA
DeleteObject
RestoreDC
SetTextColor
CreateCompatibleDC
BitBlt
DeleteDC
CreatePalette
CreateBitmapIndirect
CreateCompatibleBitmap
GetStockObject
MoveToEx
LineTo
Rectangle
CreatePen

advapi32

QueryAllTracesA

ws2_32

inet_addr

version

GetFileVersionInfoW

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 221KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f2a32d634ee7efad9f83582e0e10b06

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ws2_32

version

iphlpapi

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 221KB - Virtual size: 228KB

.rsrc Size: 98KB - Virtual size: 98KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 221KB - Virtual size: 228KB

.rsrc
Size: 98KB - Virtual size: 98KB

.reloc
Size: 8KB - Virtual size: 8KB