fdaa6a1728ba49e3c4f5e046cd42858af5c6bcf2b18ae40f733aef61966acabe

Sharing

Copy URL Twitter E-mail

General

Target

fdaa6a1728ba49e3c4f5e046cd42858af5c6bcf2b18ae40f733aef61966acabe
Size

490KB
MD5

71ca47a57548d9c0e6dd71ac644a2760
SHA1

8140cad2cc7b529751b1d9d82a7001130d68aa56
SHA256

fdaa6a1728ba49e3c4f5e046cd42858af5c6bcf2b18ae40f733aef61966acabe
SHA512

f241fefeb405bb74accc06602715034af5ffb8badc9f29aa4fe651f87208afda141119eee461a85af3cb2767697cf05bb07c474f9f57eaae11a5f0c0114cfcda
SSDEEP

6144:Lac0dKAQiDiK7s3UhCMiQh8xll6Gfquxwj0ufOS+uZ5RQ5NpYXN1puD0Tr2oMJyL:X2bQrK7s3U0Sh8ZzCYqJ+35YXrQ0kY

Score

N/A

Malware Config

Signatures

Files

fdaa6a1728ba49e3c4f5e046cd42858af5c6bcf2b18ae40f733aef61966acabe
.exe windows x86

7d95cbb7099174c53512e3a49351f252

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

CreateFileW
CloseHandle
LCMapStringW
GetStringTypeW
MultiByteToWideChar
FlushFileBuffers
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
GetCPInfo
GetOEMCP
GetACP
GetConsoleMode
CreateEventW
SetStdHandle
RtlUnwind
LoadLibraryW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetLastError
HeapCreate
HeapAlloc
GlobalLock
lstrlenA
GlobalUnlock
lstrcpyW
lstrlenW
IsValidCodePage
GetCurrentDirectoryW
WriteFile
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetEnvironmentStringsW
WideCharToMultiByte
GetModuleHandleA
GetConsoleCP
FreeEnvironmentStringsW
GetModuleFileNameA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
DecodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
GetModuleFileNameW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
SetFilePointer
HeapValidate
IsBadReadPtr
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
GetProcAddress
GetModuleHandleW
ExitProcess
RaiseException

user32

SetWindowTextA
IsWindow
EnumChildWindows
ScreenToClient
GetWindowRect
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItem
EnableWindow
CreateWindowExA
LoadBitmapA
BeginPaint
EndPaint
PostQuitMessage
CreateWindowExW
SendMessageA
DispatchMessageA
DefWindowProcA
GetClientRect
OpenClipboard
GetClipboardData
GetDC
ReleaseDC
CloseClipboard
SetWindowLongA
SetClipboardViewer
SendDlgItemMessageA
SetFocus
GetWindowLongA
EndDialog

gdi32

CreateCompatibleDC
SelectObject
CreateBitmap
GetStockObject
Rectangle
Ellipse
BitBlt
DeleteDC
DeleteObject
CreateColorSpaceA
CreateFontIndirectA
TextOutA
GetObjectA

shell32

SHGetSpecialFolderPathA

ole32

CreateBindCtx
CoInitialize
CoInitializeEx

oleaut32

SafeArrayAllocDescriptor

ws2_32

WSAStartup

comctl32

InitCommonControlsEx
ord6

sensapi

IsNetworkAlive

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d95cbb7099174c53512e3a49351f252

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

ws2_32

comctl32

sensapi

Sections

.text Size: 167KB - Virtual size: 167KB

.rdata Size: 216KB - Virtual size: 216KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 99KB - Virtual size: 98KB

.text
Size: 167KB - Virtual size: 167KB

.rdata
Size: 216KB - Virtual size: 216KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 99KB - Virtual size: 98KB