01184f21ba02ed8129579f7be4b88d931d3bc676c2b9a458a10e238b6f50b1c4

Sharing

Copy URL

Twitter E-mail

General

Target

01184f21ba02ed8129579f7be4b88d931d3bc676c2b9a458a10e238b6f50b1c4
Size

129KB
MD5

071502e5cf6941abbd1601206eb6c227
SHA1

869a106459ddd87c647e1830dc0271e3d93ea662
SHA256

01184f21ba02ed8129579f7be4b88d931d3bc676c2b9a458a10e238b6f50b1c4
SHA512

2463a7d16ed7de778036a762b3ea8d6b138432c035f329313202be4a125ea4e6994955dc1e6b2a844ca9a3ec89d5624126c2508e6bf578d222e1ce8c7ed15f67
SSDEEP

3072:QxQP5/+mxZpHyHtf8ojnJR7yfNl7q3BVtZEzzO:QG9+m5MjjnP7+qVtCzO

Score

N/A

Malware Config

Signatures

Files

01184f21ba02ed8129579f7be4b88d931d3bc676c2b9a458a10e238b6f50b1c4
.exe windows x86

98185bd6b0ebad7ee818067678290afa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
FlushFileBuffers
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
GetTimeFormatA
EnumSystemLocalesA
SetLastError
VirtualFree
LCMapStringA
FindFirstFileA
SetStdHandle
GetLocaleInfoW
GetFileAttributesW
SystemTimeToFileTime
SetEndOfFile
CreateFileMappingA
GetLocaleInfoA
SetEvent
Sleep
FatalAppExitA
HeapCreate
SetThreadContext
GetCPInfo
GetEnvironmentStringsW
InterlockedDecrement
RtlUnwind
GetCurrentProcessId
InterlockedCompareExchange
FormatMessageA
ResumeThread
GetLastError
GetFileType
GetDriveTypeA
InterlockedExchange
SetEnvironmentVariableW
VirtualAlloc
lstrlenA
QueryPerformanceCounter
GetStartupInfoA
FreeLibrary
SetCurrentDirectoryW
InitializeCriticalSection
CopyFileW
GetStringTypeW
CompareStringW
CreateThread
GetConsoleCP
WriteFile
OpenThread
CreateProcessA
Process32FirstW
VirtualAllocEx
GlobalLock
HeapSize
GetEnvironmentStrings
GetFullPathNameW
WideCharToMultiByte
SleepEx
FileTimeToSystemTime
UnmapViewOfFile
CreateEventW
GetCurrentThread
FreeEnvironmentStringsW
SetConsoleCtrlHandler
PeekNamedPipe
MapViewOfFileEx
ReadFileEx
MoveFileExW
ConnectNamedPipe
GetSystemInfo
GetModuleHandleW
TlsSetValue
IsValidCodePage
ResetEvent
SetFileAttributesW
GetSystemTimeAsFileTime
GetOEMCP
GetConsoleMode
CreateFileA
EnterCriticalSection
GetPrivateProfileStringA
GlobalUnlock
GetThreadContext
CloseHandle
GetStdHandle
GlobalAlloc
DeleteCriticalSection
WaitForSingleObject
FreeEnvironmentStringsA
GetStringTypeA
WriteConsoleA
SetFilePointer
CreateMutexW
TlsAlloc
TlsGetValue
Thread32Next
GetTimeZoneInformation
MultiByteToWideChar
SetCurrentDirectoryA
OpenProcess
CreateDirectoryW
GetCurrentDirectoryA
RaiseException
GetFileSizeEx
CreateToolhelp32Snapshot
GetCurrentThreadId
DuplicateHandle
WriteFileEx
OutputDebugStringA
GetConsoleOutputCP
GetExitCodeProcess
CreateNamedPipeA
DeviceIoControl
SetUnhandledExceptionFilter
GetDateFormatA
LoadLibraryA
GlobalFree
FileTimeToLocalFileTime
TryEnterCriticalSection
VirtualQuery
OpenFileMappingA
DeleteFileW
CreateFileW
CreateEventA
SuspendThread
TlsFree
FindClose
TerminateProcess
ExpandEnvironmentStringsA
CreateProcessW
FindNextFileW
HeapDestroy
GetFileInformationByHandle
DisconnectNamedPipe
ReadFile
RemoveDirectoryW
LCMapStringW
GetTickCount
GetVersionExA
GetUserDefaultLCID
IsDebuggerPresent
CompareStringA
VirtualFreeEx
FlushInstructionCache
IsValidLocale
ExitThread
GetCurrentDirectoryW
FindFirstFileW
LeaveCriticalSection
UnhandledExceptionFilter
GetFullPathNameA
HeapReAlloc
WaitForSingleObjectEx
GetACP
Thread32First
WriteConsoleW
SetHandleCount
LocalFree
GetModuleHandleA
GetModuleFileNameA
VirtualProtectEx
GetProcAddress
MulDiv
LoadLibraryW
GetCommandLineA
GetProcessHeap
HeapFree
GetCurrentProcess
HeapAlloc
GetCommandLineW
VirtualProtect
ExitProcess
IsProcessorFeaturePresent

user32

RegisterClassExW
BeginPaint
GetWindowThreadProcessId
TrackMouseEvent
GetSystemMetrics
GetClientRect
LoadIconW
GetWindowLongA
EmptyClipboard
EndPaint
CreateWindowExA
SetFocus
FindWindowW
SetWindowLongW
CreateWindowExW
UnhookWindowsHookEx
SetWindowLongA
LoadCursorW
LoadImageW
RegisterClassExA
DestroyWindow
LoadCursorA
TranslateMessage
SetClipboardData
ShowWindow
SendMessageW
IsZoomed
GetWindowLongW
DefWindowProcA
MessageBoxA
DispatchMessageW
SetWindowsHookExA
SetForegroundWindow
SetWindowRgn
BringWindowToTop
PtInRect
PostMessageW
GetWindowRect
ReleaseDC
MoveWindow
InvalidateRect
GetDC
SetWindowsHookExW
CallNextHookEx
MessageBoxW
GetMessageW
UnregisterClassW
InflateRect
ScreenToClient
CloseClipboard
ScrollDC
LoadIconA
PostQuitMessage
OpenClipboard
DefWindowProcW

gdi32

CreatePen
StretchBlt
CreateCompatibleDC
TextOutA
StretchDIBits
GetObjectA
Polygon
DeleteDC
SetTextColor
DeleteObject
GetDeviceCaps
CreateRectRgn
SelectClipRgn
SelectObject
CreateDIBSection
CreateCompatibleBitmap
BitBlt
GetStockObject
SetBkMode

advapi32

CryptDestroyKey
InitializeSecurityDescriptor
CryptHashData
RegOpenKeyExW
RegQueryValueExW
SetSecurityDescriptorDacl
CryptDestroyHash
LookupPrivilegeValueA
RegQueryValueExA
CryptDeriveKey
CryptReleaseContext
CryptAcquireContextW
CryptDecrypt
RegCloseKey
RegOpenKeyExA
CryptCreateHash
AdjustTokenPrivileges
OpenProcessToken

shell32

CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW
ShellExecuteA
ShellExecuteW

winmm

PlaySoundW

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA

secur32

DecryptMessage
QueryContextAttributesW
AcquireCredentialsHandleW
DeleteSecurityContext
AcceptSecurityContext
EncryptMessage
InitializeSecurityContextW
QueryContextAttributesA
InitializeSecurityContextA
FreeCredentialsHandle

msvcrt

_CIcos
fopen

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98185bd6b0ebad7ee818067678290afa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

winmm

rpcrt4

secur32

msvcrt

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 1KB - Virtual size: 64KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 1KB - Virtual size: 64KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 1KB