1719cf1042e64bb5cef873edbd08c6f9d741e4747ab2e051a9cd8bcc43bc88ad

Sharing

Copy URL

Twitter E-mail

General

Target

1719cf1042e64bb5cef873edbd08c6f9d741e4747ab2e051a9cd8bcc43bc88ad
Size

324KB
MD5

3db1e36f7d4dcf040e60114e8c43fea5
SHA1

d9593fb5ef255e990e6c13e5a33c37666bdd2436
SHA256

1719cf1042e64bb5cef873edbd08c6f9d741e4747ab2e051a9cd8bcc43bc88ad
SHA512

c2d134a73c6b38ffaf8b2afcf7d1d5db8571d58542a424ca4156903513ecdc0548b7808b56cc75ad151a554e00b8402d9ca3ca9301007c59432cae519c822c87
SSDEEP

3072:BGLsImbWiEPUDB3utSIS/LV4amVDGVy2EF5PSyA1Rsi3NEU0lWwJx/ILM+mKxLx0:BnE+/LV4/uEXox0AwD/ILuKxLxM8tfq

Score

N/A

Malware Config

Signatures

Files

1719cf1042e64bb5cef873edbd08c6f9d741e4747ab2e051a9cd8bcc43bc88ad
.exe windows x86

ebceed2743874fd0bac75b10199bf478

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
CreatePipe
GetFileTime
CloseHandle
GetSystemTime
lstrcpyA
CreateFileA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapSize
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
IsValidCodePage
SetConsoleWindowInfo
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LocalAlloc
LoadLibraryA
GetPrivateProfileStringA
LocalLock
GetProcAddress
GetLastError
GetStdHandle
lstrcatA
FileTimeToSystemTime
GetConsoleWindow
LoadLibraryW
GetVolumeInformationA
GetPrivateProfileIntA
GlobalAlloc
FindResourceExA
SetConsoleScreenBufferSize
GetEnvironmentStringsW
WideCharToMultiByte
SetHandleInformation
HeapAlloc
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
GetModuleHandleA
TlsAlloc
TlsGetValue
GetFileType
SetHandleCount
GetModuleFileNameA
WriteFile
ExitProcess
Sleep
GetModuleHandleW
VirtualAlloc
DeleteCriticalSection
VirtualFree
FreeLibrary
lstrlenA
OpenFile
LocalUnlock
GetOEMCP
GetComputerNameA
HeapFree
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
HeapCreate

user32

BeginPaint
RegisterClassA
LoadCursorA
DialogBoxIndirectParamA
LoadImageA
GetSystemMetrics
ClientToScreen
SetWindowRgn
SetTimer
GetWindowRect
SystemParametersInfoA
GetParent
LoadIconA
CallNextHookEx
DefFrameProcA
wsprintfA
CreateMDIWindowA
GetClientRect
SendMessageA
GetSubMenu
SetWindowWord
GetDC
GetMenu
GetWindowWord
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
ReleaseDC
GetDesktopWindow
SetWindowPos
ShowWindow
GetTabbedTextExtentA
CreateCaret

gdi32

GetObjectA
GetStockObject
CreateFontIndirectA
BitBlt
GetTextExtentPoint32A
DeleteDC
CreateSolidBrush
DeleteObject
SelectObject
CreateCompatibleDC
CreateRectRgnIndirect
Rectangle
GetTextExtentPointA
GetTextMetricsA
SetTextAlign

advapi32

LsaClose

odbc32

ord219
ord26
ord207
ord12
ord75
ord9
ord13
ord241
ord31
ord24
ord4

wininet

FtpPutFileA
FtpOpenFileA

netapi32

NetUserAdd
NetGroupAddUser
NetUserDel
NetLocalGroupAddMember

shlwapi

PathCombineA

comctl32

ImageList_Create

imm32

ImmReleaseContext
ImmGetContext
ImmGetCompositionStringA

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebceed2743874fd0bac75b10199bf478

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

odbc32

wininet

netapi32

shlwapi

comctl32

imm32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 208KB - Virtual size: 207KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 208KB - Virtual size: 207KB