ef92c91ece89c0a522b003abab19f435cb965be078406531662738caac6d4668

Sharing

Copy URL Twitter E-mail

General

Target

ef92c91ece89c0a522b003abab19f435cb965be078406531662738caac6d4668
Size

326KB
MD5

0b00c7d5ef180b2d71cced8d7e285f03
SHA1

50a9286f3a739d2e09198184dc7ecf8611f87eaa
SHA256

ef92c91ece89c0a522b003abab19f435cb965be078406531662738caac6d4668
SHA512

2f0eef0ac8f7adb6fb3cee1a21ddb294186c8b02f9604ee0263a9fac16b666d84ae45c1a92e2ebda2d8676ff3dff33089e64d829d47fab8663fc7fb2812e3254
SSDEEP

6144:q+UzusIBTuK719uw7KUTCKd0QUvT8gv6/5sHap0Ra+pYdp4u:q+IOTH5+Uzd0B4niHaia6Ydmu

Score

N/A

Malware Config

Signatures

Files

ef92c91ece89c0a522b003abab19f435cb965be078406531662738caac6d4668
.exe windows x86

a9ce4cd838f0c1e7b38b8b8fa5d8db71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetStdHandle
HeapReAlloc
LoadLibraryW
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
Sleep
GetStringTypeW
MultiByteToWideChar
WriteConsoleW
CreateFileW
CloseHandle
FlushFileBuffers
SetLastError
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetLastError
HeapCreate
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
WriteFile
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LocalFree
HeapAlloc
FormatMessageA
OutputDebugStringA
GetStdHandle
GetProcAddress
GetCurrentThreadId
GetModuleHandleW
TlsFree
DecodePointer
TlsSetValue
FlushConsoleInputBuffer
ExitProcess
LCMapStringW
TlsGetValue
TlsAlloc
EncodePointer
IsValidCodePage
GetOEMCP
RaiseException
RtlUnwind
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP

user32

PostQuitMessage
EndPaint
BeginPaint
CreateWindowExA
DefWindowProcA
ShowScrollBar
GetDlgItem
GetForegroundWindow
FindWindowA
GetWindowTextA
SetWindowTextA
EndDialog
MessageBoxA
EnumWindows
LoadBitmapA
SetWindowPos
RegisterClassExA
GetKeyboardLayout
SetFocus
SendMessageA

gdi32

DescribePixelFormat
DeleteObject
ChoosePixelFormat
SetPixelFormat
FillRgn
CreatePen
CreateSolidBrush

ole32

CoInitialize
OleGetClipboard
OleInitialize
WriteClassStg
StgCreateDocfile
CreateBindCtx
CoCreateInstance

oleaut32

VariantClear

avicap32

capCreateCaptureWindowA

winmm

mmioCreateChunk
mmioWrite
waveOutGetNumDevs
mmioOpenA
mmioClose

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

shlwapi

PathFileExistsW
StrToIntExA
StrDupA

comctl32

ImageList_Add
ImageList_Create
ord6
ord17

gdiplus

GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipDisposeImage

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetConversionStatus
ImmGetContext

oleacc

GetOleaccVersionInfo

dxva2

GetMonitorBrightness
GetVCPFeatureAndVCPFeatureReply

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flash
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relob
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9ce4cd838f0c1e7b38b8b8fa5d8db71

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

avicap32

winmm

version

shlwapi

comctl32

gdiplus

imm32

oleacc

dxva2

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 61KB - Virtual size: 61KB

.data Size: 5KB - Virtual size: 12KB

.flash Size: 8KB - Virtual size: 7KB

.relob Size: 147KB - Virtual size: 146KB

.ddata Size: 22KB - Virtual size: 21KB

.rsrc Size: 27KB - Virtual size: 27KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 61KB - Virtual size: 61KB

.data
Size: 5KB - Virtual size: 12KB

.flash
Size: 8KB - Virtual size: 7KB

.relob
Size: 147KB - Virtual size: 146KB

.ddata
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 27KB - Virtual size: 27KB

.reloc
Size: 7KB - Virtual size: 6KB