b76270a461dd7cc1a218f477cff7f225f5321f31f49c13f9118d06eb1008deef

Sharing

Copy URL Twitter E-mail

General

Target

b76270a461dd7cc1a218f477cff7f225f5321f31f49c13f9118d06eb1008deef
Size

320KB
MD5

f1b406901c5428f598801e2975be6d4b
SHA1

14a4d6b1a8130054ca2740c7ba782b936c7f7d65
SHA256

b76270a461dd7cc1a218f477cff7f225f5321f31f49c13f9118d06eb1008deef
SHA512

db658746d32b368e11883c3e845bb1885b05f000f3bc96a604adfe883780d1f1502d1dfd0c77c126dd25c0d5045297fef28412ce2b8ba78a67b5547ff357ae3c
SSDEEP

6144:jfciJXdmu2I1Tte89u6BJjhcVLSF+KpPJ8Gsfdm+IL:fdSI5ta49cF+TRIM

Score

N/A

Malware Config

Signatures

Files

b76270a461dd7cc1a218f477cff7f225f5321f31f49c13f9118d06eb1008deef
.exe windows x86

50fcad561912ac98357299b240d8c783

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
HeapSize
MultiByteToWideChar
Sleep
GetOEMCP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapReAlloc
VirtualAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
CloseHandle
OpenProcess
GetModuleFileNameW
LocalFree
SystemTimeToFileTime
LocalFileTimeToFileTime
LoadLibraryW
GetACP
FreeLibrary
HeapAlloc
CreateEventA
GetConsoleWindow
FindResourceExA
LoadResource
SizeofResource
LockResource
UpdateResourceA
FreeResource
EnumResourceTypesA
GetSystemTimeAsFileTime
GetLocalTime
CreateDirectoryA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
GlobalAlloc
LoadLibraryA
GetProcAddress
FindFirstFileA
FindClose
GetModuleHandleA
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSection
DeleteCriticalSection
GetStdHandle
WriteFile
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
GetCurrentThreadId
DeviceIoControl
CreateFileA
TerminateProcess
GetCurrentProcess
SetLastError
InterlockedIncrement
TlsFree
UnhandledExceptionFilter
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetProcessHeap
GetVersionExA
HeapFree
GetCommandLineA
ExitProcess
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
GetModuleFileNameA

user32

CreateMenu
WindowFromDC
SendMessageA
GetDlgItem
DrawMenuBar
GetSystemMenu
CallWindowProcA
InflateRect
SetMenu
MessageBoxA
IsWindowEnabled
GetWindowLongA
EndPaint
GetDlgCtrlID
EndDialog
GetDlgItemTextA
DlgDirListA
GetDC
DialogBoxParamA
BeginPaint
SetDlgItemTextA
LoadImageA
LoadCursorA
LoadIconA
CreateWindowExW
SendMessageW
GetSysColor
DestroyIcon
GetIconInfo
GetSystemMetrics
MoveWindow
LoadAcceleratorsW
LoadKeyboardLayoutA
GetMenu
SetCursor
FillRect
DrawTextA
LoadStringA
EnableMenuItem
CheckMenuItem

gdi32

CombineRgn
CreateSolidBrush
Rectangle
CreateHatchBrush
SetBkColor
SetBkMode
GetStockObject
GetDeviceCaps
SelectPalette
RealizePalette
SetMapMode
BitBlt
TranslateCharsetInfo
CreateFontIndirectA
CreateDIBSection
ExtTextOutA
Polyline
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateBitmap
DeleteObject
DeleteDC
TextOutA
SetTextColor

comdlg32

ChooseColorA
GetSaveFileNameW

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
GetCurrentHwProfileA
ImpersonateLoggedOnUser
GetUserNameA

shell32

SHGetMalloc
SHGetDesktopFolder

ole32

StringFromCLSID
RegisterDragDrop
StringFromGUID2
CLSIDFromString
CoUninitialize
MkParseDisplayName
CreateItemMoniker
GetRunningObjectTable
CoCreateInstance
CoInitialize
OleCreateStaticFromData
CreateBindCtx

oleaut32

SafeArrayCreate
SafeArrayUnaccessData
VariantClear
VariantInit

ws2_32

accept
connect
closesocket
bind
WSCEnumProtocols
WSACloseEvent
recv
WSAGetLastError
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSAEventSelect
WSACreateEvent
WSAStartup
getpeername

psapi

QueryWorkingSet
EnumProcesses
InitializeProcessForWsWatch
GetModuleFileNameExA
GetWsChanges

avifil32

AVIStreamGetFrameOpen

shlwapi

PathFindFileNameW

comctl32

ImageList_Add
ImageList_Create
ord17

rpcrt4

UuidToStringA
RpcStringFreeA
RpcStringBindingComposeA
UuidFromStringA

opengl32

wglMakeCurrent
wglGetCurrentDC
wglCreateContext

setupapi

SetupCommitFileQueueA
SetupTermDefaultQueueCallback
SetupCloseFileQueue
SetupDefaultQueueCallbackA
SetupOpenFileQueue
SetupSetDirectoryIdA
SetupCloseInfFile
SetupOpenInfFileA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupInitDefaultQueueCallbackEx
SetupDiGetDeviceInterfaceDetailA
SetupInstallFilesFromInfSectionA

tapi32

phoneGetDisplay
phoneGetDevCapsW

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50fcad561912ac98357299b240d8c783

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

psapi

avifil32

shlwapi

comctl32

rpcrt4

opengl32

setupapi

tapi32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 180KB - Virtual size: 176KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 180KB - Virtual size: 176KB