f0936dd8c4b6bf2933556c4492239471526cfbb3d902915f67ef91b74d29dae6

Sharing

Copy URL

Twitter E-mail

General

Target

f0936dd8c4b6bf2933556c4492239471526cfbb3d902915f67ef91b74d29dae6
Size

865KB
MD5

0c0a168100d6facb0f5696203ee78f50
SHA1

04705e2e66d63a6194986ef85a94e0fbe8c010c5
SHA256

f0936dd8c4b6bf2933556c4492239471526cfbb3d902915f67ef91b74d29dae6
SHA512

3a0f0cd5f377ef3def85917585e86cd9caf2097439e715e3b6fa255766b97dc10cfdf4970f7936f1dca20289acd01b0e2d3601bffe291b8b9f04946cd85146e1
SSDEEP

12288:1K0xJKbQ8GOhS/IzJqrraq/t2qXy6xdRhMAK4/cGPEl0Io3:1K0ibkGS/EEn/tkIsGPEl0I2

Score

N/A

Malware Config

Signatures

Files

f0936dd8c4b6bf2933556c4492239471526cfbb3d902915f67ef91b74d29dae6
.exe windows x86

6d86e779a247bf438689a64a68008c86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
EventUnregister
EventRegister
EventWrite
RegQueryValueExW

kernel32

GetCurrentProcess
WaitForSingleObject
CreateMutexW
GetSystemTime
CopyFileW
WideCharToMultiByte
WriteFile
CreateFileW
FlushInstructionCache
LocalFree
FormatMessageW
LockResource
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
DeleteCriticalSection
ReleaseMutex
CloseHandle
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
GetCurrentThreadId
FreeLibrary
lstrcmpiW
GetModuleHandleW
GetProcAddress
LoadLibraryW
InterlockedDecrement
InterlockedIncrement
GetLastError
lstrlenW
GetSystemDirectoryW
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
Sleep
VirtualAlloc
VirtualFree
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedExchange
GetVersionExA
OutputDebugStringA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
UnhandledExceptionFilter

gdi32

SetBkMode
GetObjectW
CreateCompatibleDC
SelectObject
SetStretchBltMode
CreateCompatibleBitmap
StretchBlt
GetTextExtentPoint32W
SetDeviceGammaRamp
GetDeviceGammaRamp
GetStockObject
CreateSolidBrush
SetTextColor
SetBkColor
GetDeviceCaps
DeleteDC
CreateDCW
DeleteObject

user32

GetDC
MessageBoxW
GetWindow
ShowWindow
CharNextW
DestroyWindow
GetActiveWindow
GetSystemMetrics
MonitorFromRect
CallWindowProcW
SetWindowPos
SetForegroundWindow
OpenIcon
SendMessageW
SetWindowLongW
GetWindowLongW
MapDialogRect
RegisterWindowMessageW
DefWindowProcW
SendMessageTimeoutW
AllowSetForegroundWindow
GetWindowTextLengthW
FindWindowW
InvalidateRect
MoveWindow
MapWindowPoints
GetWindowRect
GetDlgItem
GetParent
GetMonitorInfoW
EnumDisplayDevicesW
EnumDisplayMonitors
GetWindowTextW
ReleaseDC
SetTimer
KillTimer
ShowCursor
UnregisterClassA
LoadStringW
SetCursor
LoadCursorW
MonitorFromWindow
PostMessageW
EnumChildWindows
GetWindowThreadProcessId
SetWindowTextW

msvcrt

_controlfp
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
_errno
realloc
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
memcpy
_ftol2
_CIpow
_wcsupr
swscanf_s
_ftol2_sse
_purecall
memset
??_U@YAPAXI@Z
wcsncpy_s
memcpy_s
malloc
??2@YAPAXI@Z
free
??_V@YAXPAX@Z
??3@YAXPAX@Z
wcsstr
_vsnwprintf

ntdll

WinSqmAddToStream

dxva2

DestroyPhysicalMonitors
GetPhysicalMonitorsFromHMONITOR
GetNumberOfPhysicalMonitorsFromHMONITOR
GetVCPFeatureAndVCPFeatureReply
SetVCPFeature
GetMonitorBrightness
SetMonitorBrightness
GetMonitorContrast
SetMonitorContrast
GetMonitorCapabilities

mscms

InstallColorProfileW
GetColorProfileFromHandle
WcsCreateIccProfile
SetColorProfileElementSize
SetColorProfileElement
UninstallColorProfileW
DccwGetDisplayProfileAssociationList
WcsDisassociateColorProfileFromDevice
WcsSetDefaultColorProfile
GetColorDirectoryW
WcsGetUsePerUserProfiles
WcsGetDefaultColorProfile
WcsOpenColorProfileW
DccwGetGamutSize
CloseColorProfile
DccwSetDisplayProfileAssociationList
DccwReleaseDisplayProfileAssociationList
WcsGetCalibrationManagementState
WcsSetCalibrationManagementState
DccwCreateDisplayProfileAssociationList

shell32

ShellExecuteW

gdiplus

GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneBrush
GdipFillRectangleI
GdipCreateFromHDC
GdipCreateLineBrushI
GdipCreateSolidFill
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDeleteBrush
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdiplusShutdown
GdipCloneImage

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageW
ord345
PropertySheetW

ole32

StringFromCLSID
CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemFree

oleaut32

SysFreeString
VarUI4FromStr
SysAllocString

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 763KB - Virtual size: 763KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6d86e779a247bf438689a64a68008c86

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

ntdll

dxva2

mscms

shell32

gdiplus

comctl32

ole32

oleaut32

Sections

.text Size: 75KB - Virtual size: 75KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 763KB - Virtual size: 763KB

.reloc Size: 23KB - Virtual size: 26KB

.text
Size: 75KB - Virtual size: 75KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 763KB - Virtual size: 763KB

.reloc
Size: 23KB - Virtual size: 26KB