203caf8a42223d1cec6c816842d96fbfdcf3888f674403369ab469cc598cfb2f

Sharing

Copy URL

Twitter E-mail

General

Target

203caf8a42223d1cec6c816842d96fbfdcf3888f674403369ab469cc598cfb2f
Size

327KB
MD5

c3b0d8f30ec7dcaa514965ba5b2f7be1
SHA1

4214fccd87e342c72167c7b4476ffd44c88231e1
SHA256

203caf8a42223d1cec6c816842d96fbfdcf3888f674403369ab469cc598cfb2f
SHA512

e4790540ad31b245b882c4361f2245aaf19f2f820c2c722e35afc007509a9edb73495a18f253a95862104bef9c2556e3ef96df85ced2b636bde60ea8cda39bd4
SSDEEP

6144:Sz/HRsos9yPfDc2plVi6+J5/ZyvaOUhAvpXAnlepV9ScmXLGuQfMIHV:y/xsoscHDc2pHdUpZAJwAvpqle/kcmXU

Score

N/A

Malware Config

Signatures

Files

203caf8a42223d1cec6c816842d96fbfdcf3888f674403369ab469cc598cfb2f
.exe windows x86

5a7c84ce35f086bbe8da16a7065ffd55

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetCurrentThreadId
TlsFree
TlsSetValue
TlsAlloc
GetProcessHeap
GetLastError
GetConsoleMode
LoadLibraryW
WriteFile
ReadFile
ExitProcess
GetModuleHandleW
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
SetHandleCount
SetEndOfFile
ReadConsoleInputA
SetConsoleMode
GlobalReAlloc
LocalFree
FileTimeToLocalFileTime
CloseHandle
GetFileTime
GetModuleHandleA
LockResource
SetConsoleOutputCP
LocalAlloc
GetConsoleScreenBufferInfo
LoadLibraryA
GlobalFree
GetProcAddress
GetEnvironmentStringsW
SetLastError
GetStdHandle
GlobalUnlock
MultiByteToWideChar
GetFileAttributesExA
SetConsoleScreenBufferSize
WaitForSingleObject
GlobalLock
HeapFree
GetCurrentProcess
GetThreadContext
GlobalAddAtomA
HeapAlloc
SystemTimeToTzSpecificLocalTime
LoadResource
AllocConsole
lstrcmpA
FindResourceA
GetCPInfo
LCMapStringW
WideCharToMultiByte
LCMapStringA
RaiseException
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetFileType
SetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FileTimeToSystemTime
SetConsoleCP
CreateEventA
FlushFileBuffers
SizeofResource
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GlobalAlloc
OpenProcess
GetConsoleCP
FormatMessageA
InitializeCriticalSection
Sleep
InterlockedDecrement
InterlockedIncrement
GetFileSize
CreateFileA
TlsGetValue

user32

UpdateWindow
OpenClipboard
SystemParametersInfoA
GetSystemMetrics
SetWindowTextA
AppendMenuA
EnableScrollBar
FrameRect
SetClipboardData
FindWindowA
LoadCursorA
ExcludeUpdateRgn
GetDialogBaseUnits
LookupIconIdFromDirectory
ModifyMenuA
RegisterClassA
MoveWindow
FlashWindow
EndPaint
DestroyWindow
InvertRect
CloseClipboard
GetWindowRect
PostQuitMessage
TrackPopupMenu
FillRect
GetMenuItemID
DrawTextA
GetSubMenu
GetFocus
LoadBitmapA
LoadIconA
IsWindowEnabled
GetClientRect
SendMessageA
BeginPaint
DrawTextExA
GetDC
DrawFocusRect
GetMenu
DrawStateA
GetAsyncKeyState
SetWindowLongA
MessageBoxA
GetAncestor
CreateWindowExA
ReleaseDC
EnableMenuItem
EmptyClipboard
GetDlgItem
DefWindowProcA
GetSysColor
CreateIconFromResource
SetWindowPos
GetCursorPos
EnumChildWindows
ShowWindow
CreatePopupMenu

gdi32

SetWindowOrgEx
SetGraphicsMode
SetViewportOrgEx
LineTo
ExtEscape
StartPage
SetTextColor
DeleteDC
GetDeviceCaps
EnumObjects
CreateDCA
CreatePalette
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectType
CreatePatternBrush
CreatePen
GetObjectA
GetStockObject
MoveToEx

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

AllocateAndInitializeSid
OpenProcessToken
CheckTokenMembership
FreeSid
RevertToSelf
SetServiceStatus
ImpersonateLoggedOnUser
DuplicateTokenEx
RegisterServiceCtrlHandlerA
CreateProcessAsUserA

netapi32

NetShareDelSticky
NetShareCheck

psapi

GetProcessMemoryInfo
GetProcessImageFileNameA
EnumProcesses

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

shlwapi

StrToIntExA
StrChrA
PathFileExistsA

comctl32

ImageList_GetIconSize
ImageList_Draw
ord413

pdh

PdhAddCounterW

gdiplus

GdipCloneImage
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipAlloc
GdipCreateFromHDC
GdipDeletePen
GdipFree
GdiplusStartup
GdipCreatePen1
GdipDisposeImage

dbghelp

MiniDumpWriteDump

ntdsapi

DsReplicaSyncW

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a7c84ce35f086bbe8da16a7065ffd55

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

netapi32

psapi

version

shlwapi

comctl32

pdh

gdiplus

dbghelp

ntdsapi

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 129KB - Virtual size: 129KB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 129KB - Virtual size: 129KB