3953faf955eede8c2220a501a0bc58be7fe58898ecb66a44d4373d2259dc69ff

Sharing

Copy URL

Twitter E-mail

General

Target

3953faf955eede8c2220a501a0bc58be7fe58898ecb66a44d4373d2259dc69ff
Size

503KB
MD5

60238ebad1c44bf159c2eba25f3c4ca6
SHA1

8ee071c4e55bbc7ac2fcfa1779307b2e19f1e9d0
SHA256

3953faf955eede8c2220a501a0bc58be7fe58898ecb66a44d4373d2259dc69ff
SHA512

f209749ed5d7e6a189fcd4efc31b4eb2a462d6d7654b23101d0e2aad73a6d812cdf5a38840eb2a0309061b066d4a853f1e649f6ba35db0dac09e42d650302945
SSDEEP

12288:mqE2NJWh/VScyFi9VJqgqrSyXNTTkiYfwtfYNh:k00dUi9SgLwdYfwt

Score

N/A

Malware Config

Signatures

Files

3953faf955eede8c2220a501a0bc58be7fe58898ecb66a44d4373d2259dc69ff
.exe windows x86

898c0999549d38e8479352dd95903ec5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
HeapSize
FlushFileBuffers
SetStdHandle
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
HeapCreate
InterlockedDecrement
GetStringTypeW
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
SetEndOfFile
GetProcessHeap
LocalFree
GetVersion
CloseHandle
GetCurrentDirectoryA
GetModuleHandleA
WaitCommEvent
SetCommMask
LocalAlloc
LoadLibraryA
GetLocalTime
CreateNamedPipeA
GetProcAddress
lstrcmpiA
GetLastError
GetStdHandle
CreateDirectoryA
lstrlenW
ReadFile
GetModuleFileNameA
HeapReAlloc
VirtualAlloc
VirtualFree
DeleteCriticalSection
GetFileType
SetHandleCount
Sleep
CreateFileA
WideCharToMultiByte
SetCommTimeouts
WriteFile
ConnectNamedPipe
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapFree
ClearCommError
GetCurrentThreadId
CreateProcessA
GetModuleHandleW
HeapAlloc
CommConfigDialogA
GetFileSize

user32

SetScrollInfo
SetDlgItemTextA
DrawFrameControl
MonitorFromRect
MoveWindow
LoadBitmapA
DialogBoxParamA
GetDlgItemTextA
LoadCursorA
LoadImageA
SetWindowTextA
GetSystemMetrics
MessageBoxW
CheckRadioButton
GetActiveWindow
SetWindowPos
GetSysColor
DefWindowProcA
EndDialog
GetDlgItem
ReleaseDC
CreateWindowExA
GetWindowTextW
EndPaint
DestroyWindow
InvalidateRect
SetTimer
HideCaret
GetWindowRect
PostThreadMessageA
PostQuitMessage
FillRect
KillTimer
MsgWaitForMultipleObjects
GetDlgItemInt
LoadIconA
GetClientRect
SetFocus
SendMessageA
BeginPaint
GetMonitorInfoA
GetDC
GetForegroundWindow
SetDlgItemInt
GetWindowTextA
SetWindowLongA
MessageBoxA

gdi32

CreateCompatibleBitmap
EndPage
BitBlt
StartPage
SetTextColor
DeleteDC
SetBkColor
CreateDCA
DeleteObject
SelectObject
CreateCompatibleDC
TextOutA
StartDocA
Ellipse
GetBkColor
Polyline
CreatePen
GetTextMetricsA
GetPixel
GetObjectA
TextOutW
EndDoc
CreateSolidBrush

winspool.drv

OpenPrinterA
EndPagePrinter
ClosePrinter
EndDocPrinter
EnumPrintersA

comdlg32

GetOpenFileNameA

advapi32

SetSecurityDescriptorDacl
RegCloseKey
InitializeSecurityDescriptor

shell32

SHGetFolderPathW
SHFileOperationA

ole32

CoInitializeEx
CoInitialize
WriteClassStg
StgCreateDocfile
CoSuspendClassObjects
CoUninitialize

iphlpapi

GetTcpTable

shlwapi

StrToIntA

comctl32

ImageList_Add
ImageList_Create

gdiplus

GdiplusShutdown
GdipFree
GdipLoadImageFromFile
GdiplusStartup
GdipCloneImage
GdipSaveImageToFile
GdipDisposeImage
GdipGetImageEncodersSize
GdipAlloc

opengl32

wglDeleteContext
glEnable
glLightfv
glBlendFunc
wglMakeCurrent
wglCreateContext

setupapi

SetupCreateDiskSpaceListA
SetupDiOpenDevRegKey
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo

tapi32

phoneGetHookSwitch

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

898c0999549d38e8479352dd95903ec5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

iphlpapi

shlwapi

comctl32

gdiplus

opengl32

setupapi

tapi32

Sections

.text Size: 173KB - Virtual size: 173KB

.rdata Size: 196KB - Virtual size: 195KB

.data Size: 15KB - Virtual size: 30KB

.rsrc Size: 107KB - Virtual size: 107KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 173KB - Virtual size: 173KB

.rdata
Size: 196KB - Virtual size: 195KB

.data
Size: 15KB - Virtual size: 30KB

.rsrc
Size: 107KB - Virtual size: 107KB

.reloc
Size: 10KB - Virtual size: 9KB