42923683022f255205e9e0269abf1d6d676b4b4dfa4afec040fb4b21c24e0676

Sharing

Copy URL

Twitter E-mail

General

Target

42923683022f255205e9e0269abf1d6d676b4b4dfa4afec040fb4b21c24e0676
Size

437KB
MD5

b5f35ddf66046061fe55935b2bb210c8
SHA1

1b0cc49bdbc8959938088747c048fc98b8386bad
SHA256

42923683022f255205e9e0269abf1d6d676b4b4dfa4afec040fb4b21c24e0676
SHA512

a7da8abe2f84df3a6317e92abb1b78319a84033853b76bfd4ad2018f1cd59cfcb36f9f2e8d76646b8550b2ef2ec863ae5c775252f48d5b3bf05948903c59c265
SSDEEP

6144:nuU4My6j817/7TodFsGN858k31BSZW5lV3QfZ0SHKDGiRX8AeZ+oDsCgu77+YESv:nuuyt7jTodFzjUD5AfZ0cUGW8V6QcAHd

Score

N/A

Malware Config

Signatures

Files

42923683022f255205e9e0269abf1d6d676b4b4dfa4afec040fb4b21c24e0676
.exe windows x86

5c180c76fd6c031d9cf9adda1b0d949b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CloseHandle
SetFilePointer
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
FlushFileBuffers
GetConsoleMode
GetConsoleCP
ReadFile
GetModuleFileNameA
WriteFile
ExitProcess
GetModuleHandleW
HeapReAlloc
GetSystemInfo
VirtualFree
HeapCreate
SetHandleCount
GetCPInfo
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
RaiseException
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetFileType
SetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CreateFileW
GetLocaleInfoW
SetEndOfFile
lstrcpyA
LocalAlloc
GetConsoleScreenBufferInfo
LoadLibraryA
GetProcAddress
GetLastError
GetStdHandle
CreateEventA
GetConsoleTitleA
GetProcessHeap
SetConsoleScreenBufferSize
WaitForSingleObject
HeapFree
HeapAlloc
GetCurrentProcess
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
InterlockedDecrement
InterlockedIncrement
LCMapStringW
GetModuleHandleA
AllocConsole
VirtualAlloc
GetThreadContext

user32

SetWindowTextA
LoadImageA
UpdateWindow
SetClipboardData
CallWindowProcA
IsWindow
DispatchMessageA
OpenClipboard
DestroyMenu
FindWindowA
LoadCursorA
GetScrollPos
AppendMenuA
DrawMenuBar
CreatePopupMenu
SetMenu
ShowWindow
EnumChildWindows
DefMDIChildProcA
GetSystemMetrics
LoadAcceleratorsA
GetCursorPos
GetSysColor
DefWindowProcA
EndDialog
GetDlgItem
TranslateMDISysAccel
RegisterClassA
GetWindow
GetWindowDC
EndPaint
TranslateAcceleratorA
GetMessageA
CloseClipboard
InsertMenuItemA
PostQuitMessage
TrackPopupMenu
DestroyWindow
FillRect
SetCapture
DrawTextA
GetSubMenu
SetForegroundWindow
LoadStringA
GetParent
LoadMenuA
LoadIconA
DefFrameProcA
wsprintfA
GetClientRect
SendMessageA
BeginPaint
PtInRect
SetScrollRange
GetDC
IsDialogMessageA
TranslateMessage
GetMenu
OffsetRect
MessageBoxA
InvalidateRect
GetWindowLongA
CreateWindowExA
SetScrollPos
ReleaseDC
EnableMenuItem
EmptyClipboard

gdi32

SelectObject
BitBlt
SetViewportOrgEx
SetWindowExtEx
SetTextColor
DeleteDC
SetBkColor
SetBkMode
DeleteObject
TextOutA
CreateCompatibleDC
SetMapMode
Rectangle
Ellipse
CreatePen
SetViewportExtEx
GetTextMetricsA
GetObjectA
GetStockObject
CreateSolidBrush

comdlg32

GetOpenFileNameA

advapi32

SetSecurityDescriptorOwner
ConvertStringSidToSidA
CryptDeriveKey
CryptHashData
CryptDestroyHash
CryptDestroyKey
CryptCreateHash
SetNamedSecurityInfoA
CryptEncrypt
AllocateAndInitializeSid
CryptAcquireContextA
InitializeSecurityDescriptor
CryptReleaseContext

shell32

SHEmptyRecycleBinA
SHQueryRecycleBinA

ole32

OleSetMenuDescriptor
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SafeArrayUnaccessData
SafeArrayPutElement
SysFreeString
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayDestroy
VariantInit
SafeArrayGetElement

winscard

SCardListReadersA
SCardDisconnect
SCardFreeMemory
SCardEstablishContext
SCardControl
SCardReleaseContext
SCardConnectA

shlwapi

StrFormatByteSizeA
PathUnquoteSpacesA

comctl32

ImageList_Create
ImageList_Draw
ImageList_ReplaceIcon

secur32

ImpersonateSecurityContext
FreeCredentialsHandle

imm32

ImmGetDefaultIMEWnd

dbghelp

MiniDumpWriteDump

urlmon

URLDownloadToCacheFileA

sensapi

IsNetworkAlive

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 257KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c180c76fd6c031d9cf9adda1b0d949b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

winscard

shlwapi

comctl32

secur32

imm32

dbghelp

urlmon

sensapi

Sections

.text Size: 125KB - Virtual size: 125KB

.rdata Size: 37KB - Virtual size: 36KB

.data Size: 257KB - Virtual size: 264KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 125KB - Virtual size: 125KB

.rdata
Size: 37KB - Virtual size: 36KB

.data
Size: 257KB - Virtual size: 264KB

.rsrc
Size: 16KB - Virtual size: 16KB