d26161bc381625ade7fb51db987f2e69c244acc642911948b1507860e90fd3f9

Sharing

Copy URL Twitter E-mail

General

Target

d26161bc381625ade7fb51db987f2e69c244acc642911948b1507860e90fd3f9
Size

289KB
MD5

2f8658b8ab6f27cfd86bd2c7add30cb7
SHA1

089a7fd3c0b703c075d7a0877fbf596a2eb08c7d
SHA256

d26161bc381625ade7fb51db987f2e69c244acc642911948b1507860e90fd3f9
SHA512

a73cdc1b38dc2a3c48fbdf269ececef62e096b241d057d6a5c69d18e53de3de18be40bd6fa46bdc58ccfb546f5ff36e4453ce873fbae61383cd7a10975ba6b7f
SSDEEP

3072:n68APVyVVLdZvfFr0NJBbqQR+OGzzihkXWKfi1101sWzO0qXhOx+JhiciIN5BdHh:+dyJbrgT7lGmpKfg01soQhOQSINe

Score

N/A

Malware Config

Signatures

Files

d26161bc381625ade7fb51db987f2e69c244acc642911948b1507860e90fd3f9
.exe windows x86

55f143e3ef6415f990faafda8663c949

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
HeapSize
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FileTimeToSystemTime
LoadLibraryExW
OutputDebugStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LCMapStringW
GetFileAttributesExA
HeapReAlloc
FlushFileBuffers
ReadFile
ReadConsoleW
SetStdHandle
WriteConsoleW
CreateFileW
FormatMessageA
LoadLibraryA
GetThreadLocale
InitializeCriticalSection
LoadLibraryExA
GetModuleHandleExA
SetCommConfig
SetCommTimeouts
CreateToolhelp32Snapshot
GetSystemTime
GetLastError
CreateConsoleScreenBuffer
CreateProcessW
CloseHandle
GetCommandLineA
GlobalAlloc
GetConsoleTitleA
GlobalAddAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GlobalLock
GlobalUnlock
GlobalFree
LoadLibraryW
lstrcatA
GetCurrentThread
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
TerminateProcess
GetModuleFileNameA
GetStartupInfoW
DeleteCriticalSection
GetFileType
VirtualQuery
GetProcessHeap
GetModuleFileNameW
WriteFile
GetStdHandle
WideCharToMultiByte
MultiByteToWideChar
HeapAlloc
HeapFree
RtlUnwind
RaiseException
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
GetEnvironmentVariableA

user32

ReleaseDC
MessageBoxA
MonitorFromWindow
EnumWindowStationsW
PackDDElParam
FreeDDElParam
UnpackDDElParam
GetIconInfo
DestroyWindow
CreatePopupMenu
CreateWindowExA
GetWindowRect
TrackPopupMenu
ClientToScreen
CreateMenu
GetClipboardSequenceNumber
GetSystemMetrics
SendMessageA
GetMenu
GetMenuItemInfoA
ShowWindow
SetWindowPos
EnableWindow
GetDlgItem
PostMessageA
BeginPaint
EndPaint
DefWindowProcA
EndDeferWindowPos
CheckMenuItem
GetScrollRange
LoadIconA
LoadCursorA
RegisterClassA
GetClientRect
GetDC
wsprintfA
AppendMenuA

gdi32

SetLayout
GetObjectA
CreateDIBSection
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject
CreatePen
CreateSolidBrush
CreateFontIndirectA
SetGraphicsMode
SetStretchBltMode
SetBrushOrgEx
SetArcDirection
SetBkColor
SetTextColor
SetDCBrushColor
SetBkMode
SetROP2
GetPixel
Rectangle
CombineRgn
GetCharacterPlacementW
CreateBitmap
CreatePatternBrush
GetStockObject
SetDCPenColor

comdlg32

GetOpenFileNameA
CommDlgExtendedError

advapi32

SetSecurityDescriptorOwner
OpenProcessToken
LookupAccountNameW
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
QueryServiceStatus
GetUserNameW
OpenThreadToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
SetFileSecurityA

shell32

ShellExecuteA

ws2_32

WSCGetProviderPath
WSCUpdateProvider

netapi32

NetUserGetInfo
NetApiBufferFree

shlwapi

StrFormatKBSizeW

comctl32

CreateToolbarEx

opengl32

glDisable
glPushMatrix
glTranslatef
glLoadIdentity
glBegin
glColor3f
glVertex3f
glMatrixMode
glClear
glRotatef

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55f143e3ef6415f990faafda8663c949

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ws2_32

netapi32

shlwapi

comctl32

opengl32

Sections

.text Size: 100KB - Virtual size: 100KB

.text1 Size: 512B - Virtual size: 176B

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 9KB - Virtual size: 18KB

.text Size: 5KB - Virtual size: 5KB

.data1 Size: 512B - Virtual size: 496B

.trace Size: 1024B - Virtual size: 916B

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 122KB - Virtual size: 122KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 100KB - Virtual size: 100KB

.text1
Size: 512B - Virtual size: 176B

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 9KB - Virtual size: 18KB

.text
Size: 5KB - Virtual size: 5KB

.data1
Size: 512B - Virtual size: 496B

.trace
Size: 1024B - Virtual size: 916B

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 122KB - Virtual size: 122KB

.reloc
Size: 8KB - Virtual size: 8KB