13faac462bc674a644439649e7ac11ae1bd0f87a9cf89baaa2f9b35c7c70bf6d

Sharing

Copy URL Twitter E-mail

General

Target

13faac462bc674a644439649e7ac11ae1bd0f87a9cf89baaa2f9b35c7c70bf6d
Size

1.0MB
MD5

0048e98bfde025f3fd37576544f8daf0
SHA1

19cf8855c864f7c22cfe33e4f95ea6dadb4a66b7
SHA256

13faac462bc674a644439649e7ac11ae1bd0f87a9cf89baaa2f9b35c7c70bf6d
SHA512

3a84032661ffcc32b268756d2f739a8ea00516171d369831e31178d0dbaf317011f996501a9e1744d4e05a33db720ccbbdb467e12bb01f4d0a286000a7c5e213
SSDEEP

24576:qxBn3yiO9STQypF3W2ngw1E/6fOBJTapcj1sp1cxOyi:EjQ2ngwCCgTNDg

Score

N/A

Malware Config

Signatures

Files

13faac462bc674a644439649e7ac11ae1bd0f87a9cf89baaa2f9b35c7c70bf6d
.exe windows x86

cfe35847dc4cf69227c72f966949a8fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
CreateFileW
lstrlenW
GetProcAddress
GetLocalTime
lstrcatW
IsDebuggerPresent
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
lstrcpyW
CreateDirectoryW
SetLastError
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
GetTempPathW
InterlockedIncrement
InterlockedCompareExchange
WideCharToMultiByte
MultiByteToWideChar
MoveFileExW
WaitForSingleObject
GlobalAlloc
Sleep
CopyFileW
GetExitCodeProcess
FileTimeToSystemTime
GlobalFree
GetFileTime
DeleteFileW
SetFileAttributesW
ExitThread
CreateEventW
LocalFree
CreateThread
FindFirstFileW
WriteFile
LocalAlloc
FindNextFileW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetSystemDirectoryW
RemoveDirectoryW
CreateMutexW
OpenMutexW
ReleaseMutex
GetFileSize
ReadFile
FlushFileBuffers
FreeLibrary
GetVersionExW
QueryPerformanceFrequency
SetEvent
GlobalLock
GlobalUnlock
GlobalHandle
CreateFileA
FormatMessageW
HeapAlloc
GetTimeZoneInformation
HeapReAlloc
GetSystemTimeAsFileTime
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
FileTimeToLocalFileTime
GetDriveTypeW
ResumeThread
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
RtlUnwind
GetDriveTypeA
GetFileType
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetModuleHandleA
SetStdHandle
GetConsoleCP
GetConsoleMode
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetModuleHandleW
OutputDebugStringW
GetCurrentProcess
SetUnhandledExceptionFilter
CreateProcessW
VirtualQuery
SetFilePointer
HeapFree
LoadLibraryW
GetLastError
FindClose
GetSystemDefaultLangID

user32

SystemParametersInfoW
SetRectEmpty
GetSystemMetrics
EnumWindows
IsWindow
wvsprintfW
FillRect
DefWindowProcW
CallWindowProcW
EndPaint
DestroyWindow
GetWindowRect
SetForegroundWindow
GetFocus
DialogBoxParamW
GetParent
TrackMouseEvent
IsWindowEnabled
GetClientRect
BeginPaint
GetDC
GetForegroundWindow
InvalidateRect
GetWindowLongW
GetWindowTextW
ReleaseDC
ScrollWindow
SetWindowLongW
EndDialog
SetWindowPos
CheckDlgButton
IsDlgButtonChecked
CreateWindowExW
DrawTextW
SendMessageW
MessageBoxW
GetWindowDC

gdi32

StretchBlt
CreateSolidBrush
GetStockObject
CreatePen
Rectangle
SelectObject
DeleteObject
SetBkMode
CreateFontIndirectW
SetTextColor
GetTextExtentPoint32W
CreateDIBSection
BitBlt
DeleteDC
GetObjectW
CreateCompatibleBitmap
SelectClipRgn
StretchDIBits
CreateCompatibleDC

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

imm32

ImmDisableIME

comctl32

InitCommonControlsEx

msimg32

TransparentBlt
AlphaBlend
GradientFill

advapi32

RegOpenKeyExW
RegEnumKeyW
RegCreateKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteKeyW
SetSecurityDescriptorSacl
GetLengthSid
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeAcl
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAceEx
LookupAccountSidW
GetTokenInformation
OpenProcessToken
RegSetValueExW
RegCloseKey

shell32

ShellExecuteExW
SHFileOperationW
SHGetFolderPathW
ShellExecuteW

Sections

.text
Size: 731KB - Virtual size: 731KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cfe35847dc4cf69227c72f966949a8fa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

version

imm32

comctl32

msimg32

advapi32

shell32

Sections

.text Size: 731KB - Virtual size: 731KB

.rdata Size: 192KB - Virtual size: 192KB

.data Size: 19KB - Virtual size: 52KB

.rsrc Size: 87KB - Virtual size: 88KB

.text
Size: 731KB - Virtual size: 731KB

.rdata
Size: 192KB - Virtual size: 192KB

.data
Size: 19KB - Virtual size: 52KB

.rsrc
Size: 87KB - Virtual size: 88KB