0c8de25a7acc52fc870a0f7edb46fdcfc15e638eabad9942e7654e7c5f995edb

Sharing

Copy URL Twitter E-mail

General

Target

0c8de25a7acc52fc870a0f7edb46fdcfc15e638eabad9942e7654e7c5f995edb
Size

306KB
MD5

966713fafd17d7beb58b2d55b2764050
SHA1

8696eed4d998794b813c62ef6b442e6621b768ce
SHA256

0c8de25a7acc52fc870a0f7edb46fdcfc15e638eabad9942e7654e7c5f995edb
SHA512

51fc34e2bc40de5834b3e1c6d7038b50ee58883c9e014dc52f8780c15ef8f3e04fe6b95053913019b98fcf11258b4543e8681f389e72b49ff2c4d927dbfb1803
SSDEEP

6144:FdJL3E7i86+mHPZVSsTQ0Sz5Zk+ap4XBppP8v/VDoEvKcs:F3LU7i86xHRVpM0SfNOypPsDo2xs

Score

N/A

Malware Config

Signatures

Files

0c8de25a7acc52fc870a0f7edb46fdcfc15e638eabad9942e7654e7c5f995edb
.exe windows x86

5686e2718add748de6ea15d0d7674f23

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
IsProcessorFeaturePresent
RtlUnwind
GetConsoleMode
GetConsoleCP
SetFilePointer
Sleep
SetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
WriteConsoleW
FlushFileBuffers
ReadFile
HeapSize
CloseHandle
LoadLibraryA
GetLastError
lstrlenW
ExitThread
LoadLibraryW
HeapCreate
GetTickCount
GetCurrentProcess
HeapAlloc
FreeLibrary
ExitProcess
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
GetCurrentThreadId
CreateFileW
SetLastError
GetModuleHandleW
TlsFree
DecodePointer
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage

user32

MessageBoxA
SetDlgItemTextA
EndDeferWindowPos
EnableWindow
UpdateWindow
MapWindowPoints
SendMessageW
IsWindowVisible
GetWindowRect
DrawTextA
SetForegroundWindow
GetParent
LoadMenuA
LoadIconA
GetClientRect
GetSystemMetrics
DrawEdge
GetDC
SetWindowLongA
SendMessageA
GetWindowLongA
ReleaseDC
GetDlgItem
CharUpperW
EndDialog
GetSysColor
LoadStringW
GetSysColorBrush
IsWindow
CreateWindowExW
DeferWindowPos
BeginDeferWindowPos

gdi32

GetTextExtentPoint32W
GetTextMetricsW
CreateFontIndirectW
CreateFontIndirectA
GetCurrentObject
SetPixel
SetBkMode
DeleteObject
SelectObject
GetObjectA
GetStockObject
GetLayout

advapi32

RegQueryValueExA

shell32

ord100

ole32

CoInitializeEx
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysFreeString
VariantClear
SysAllocString
VariantInit

winmm

midiOutSetVolume
midiOutGetDevCapsA
midiOutClose
midiOutOpen

shlwapi

SHRegGetBoolUSValueW

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 198KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5686e2718add748de6ea15d0d7674f23

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

winmm

shlwapi

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 198KB - Virtual size: 243KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 198KB - Virtual size: 243KB

.rsrc
Size: 11KB - Virtual size: 10KB