61de8cea19ebffdd22e885c63b5184bd438bacb9cefbc47b93dad427a0652449

Sharing

Copy URL Twitter E-mail

General

Target

61de8cea19ebffdd22e885c63b5184bd438bacb9cefbc47b93dad427a0652449
Size

404KB
MD5

5bfb21c871898f11036970e4f51d88e0
SHA1

373ae2abb1607849ec055d5c01171f580bcd5870
SHA256

61de8cea19ebffdd22e885c63b5184bd438bacb9cefbc47b93dad427a0652449
SHA512

1492142b645f503f0b9d4b9aac15c4511f4e387298a6a40a3378d1c88c017c5aa5cae56571e1c626c77279e8fb03c423fb79ffa7157ca342dad51ea864b4101e
SSDEEP

12288:YZ8xKr3CNFGuh4SNboaOhIfUAmZx/LTDtJ+qo:m8or4ZVNbojy8LxTDtJ+qo

Score

N/A

Malware Config

Signatures

Files

61de8cea19ebffdd22e885c63b5184bd438bacb9cefbc47b93dad427a0652449
.exe windows x86

b021b9c2a927174f74f70014f691e610

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
HeapSize
FreeEnvironmentStringsW
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
TlsFree
InterlockedExchange
TlsGetValue
TlsAlloc
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapReAlloc
GetLastError
LCMapStringW
MultiByteToWideChar
GetStringTypeW
LocalFree
CloseHandle
GetCurrentThreadId
CreateToolhelp32Snapshot
LocalAlloc
GlobalFree
VerLanguageNameA
SetLastError
WideCharToMultiByte
Thread32Next
HeapCreate
CreateFileA
CreateEventA
Sleep
Thread32First
GlobalAlloc
InitializeCriticalSection
WriteFile
GetCurrentThread
WaitForSingleObject
GetCurrentProcess
HeapAlloc
SetFilePointer
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
EncodePointer
GetFileSize
TlsSetValue
GetModuleFileNameW
GetStdHandle
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
HeapFree
IsProcessorFeaturePresent

user32

LoadImageA
ModifyMenuA
MoveWindow
SetWindowTextA
BeginDeferWindowPos
EndPaint
GetSystemMenu
GetWindowRect
PostQuitMessage
FillRect
GetMenuItemID
GetSubMenu
AttachThreadInput
wsprintfA
CopyAcceleratorTableA
GetClientRect
SendMessageA
BeginPaint
GetMenu
MessageBoxA
InvalidateRect
GetWindowLongA
GetClassNameW
GetDlgItem
EndDialog
DefWindowProcA
GetDesktopWindow
SetWindowPos
ShowWindow
GetSysColorBrush
AppendMenuA
IsWindow

gdi32

GetBitmapBits
EndPage
BitBlt
StartPage
DeleteDC
GetDeviceCaps
GetDIBits
CreateDCA
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
StartDocA
SetPixelFormat
GetObjectA
GetStockObject
EndDoc

comdlg32

GetSaveFileNameW

advapi32

MapGenericMask
OpenThreadToken
IsValidSecurityDescriptor
GetFileSecurityA
MakeSelfRelativeSD
GetSecurityDescriptorSacl
GetSecurityDescriptorLength
ImpersonateSelf
ReportEventA
InitializeSecurityDescriptor
DeregisterEventSource
AccessCheck
RegisterEventSourceA

oleaut32

SafeArrayAllocDescriptor

netapi32

NetShareGetInfo
NetShareSetInfo

psapi

GetProcessMemoryInfo

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

FlatSB_SetScrollInfo

uxtheme

SetWindowTheme

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b021b9c2a927174f74f70014f691e610

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

oleaut32

netapi32

psapi

version

comctl32

uxtheme

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 177KB - Virtual size: 177KB

.data Size: 5KB - Virtual size: 8KB

.mata Size: 8KB - Virtual size: 7KB

.rsrc Size: 98KB - Virtual size: 97KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 177KB - Virtual size: 177KB

.data
Size: 5KB - Virtual size: 8KB

.mata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 98KB - Virtual size: 97KB

.reloc
Size: 7KB - Virtual size: 7KB