592addf1fb88c4357367f229a8bc803f468227a8003b041e5dd091d89044dfa2

Sharing

Copy URL Twitter E-mail

General

Target

592addf1fb88c4357367f229a8bc803f468227a8003b041e5dd091d89044dfa2
Size

245KB
MD5

17d65f98072fd4477df9698d210d83df
SHA1

593b93e03723d83e5a39d7d7ab20e0272e804029
SHA256

592addf1fb88c4357367f229a8bc803f468227a8003b041e5dd091d89044dfa2
SHA512

28a4dfe177e69d95d54c638ae9f068c289ca6daccdaedc7ac1cc5477ddf03e851e652a5ce6d07dfa42bda8aba985128149d51cd021090f9bfafd1107430d91f5
SSDEEP

6144:SDfrALhMRBrMk8t9SUD8TU2gKmy3nSWYa6tXv:UKMjrlXU4hb3nSWh65v

Score

N/A

Malware Config

Signatures

Files

592addf1fb88c4357367f229a8bc803f468227a8003b041e5dd091d89044dfa2
.exe windows x86

2da3930f67256d8df8da9084ed39bebb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
EnterCriticalSection
LocalAlloc
SizeofResource
WaitForSingleObject
LockResource
FreeLibrary
WaitForMultipleObjects
IsDebuggerPresent
GetCurrentThreadId
GetGeoInfoW
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
SystemTimeToTzSpecificLocalTime
DisableThreadLibraryCalls
LocalFree
OpenProcess
CreateFileW
lstrlenW
UnhandledExceptionFilter
SystemTimeToFileTime
GetUserDefaultUILanguage
TzSpecificLocalTimeToSystemTime
LoadLibraryExW
GetSystemTime
FindResourceW
FindResourceExW
LeaveCriticalSection
WideCharToMultiByte
GetLocalTime
CompareFileTime
HeapDestroy
HeapSize
GetUserGeoID
GetNumberFormatW
CreateProcessW
DeleteCriticalSection
HeapReAlloc
ProcessIdToSessionId
LoadResource
GetQueuedCompletionStatus
SetUnhandledExceptionFilter
FileTimeToSystemTime
GetProcessHeap
GlobalFree
RaiseException
CloseHandle
GetFileAttributesExW
PostQueuedCompletionStatus
CreateIoCompletionPort
GetStartupInfoA
VirtualAllocEx

ole32

StringFromCLSID
CoTaskMemFree
CoCreateInstance
IIDFromString

oleaut32

VariantInit
VariantCopyInd
VariantClear
UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi

psapi

GetModuleBaseNameW

user32

PostMessageW
GetSystemMetrics
EnumWindows
GetActiveWindow
DestroyIcon
GetWindowThreadProcessId
LoadIconW
GetDesktopWindow
AllowSetForegroundWindow

crypt32

CryptProtectData
CryptUnprotectData
CertFreeCertificateContext
CertNameToStrW

rpcrt4

UuidFromStringW

mscms

CreateColorTransformA
IsColorProfileTagPresent
InternalGetPS2ColorRenderingDictionary
CheckColors
GetPS2ColorRenderingIntent
InternalGetPS2CSAFromLCS
SetColorProfileElementSize
ConvertColorNameToIndex

sti

DllCanUnloadNow
DllUnregisterServer
StiCreateInstance
DllGetClassObject
GetProxyDllInfo
StiCreateInstanceW
DllRegisterServer

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MZwuwI
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KcPaf
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Pn
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 213KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2da3930f67256d8df8da9084ed39bebb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

psapi

user32

crypt32

rpcrt4

mscms

sti

Sections

.text Size: 18KB - Virtual size: 17KB

.MZwuwI Size: 1KB - Virtual size: 19KB

.rdata Size: 3KB - Virtual size: 2KB

.KcPaf Size: 1KB - Virtual size: 6KB

.Pn Size: 2KB - Virtual size: 4KB

.data Size: 213KB - Virtual size: 285KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 18KB - Virtual size: 17KB

.MZwuwI
Size: 1KB - Virtual size: 19KB

.rdata
Size: 3KB - Virtual size: 2KB

.KcPaf
Size: 1KB - Virtual size: 6KB

.Pn
Size: 2KB - Virtual size: 4KB

.data
Size: 213KB - Virtual size: 285KB

.rsrc
Size: 4KB - Virtual size: 4KB