bda835b4941685094f9452adb7b2f197c989ce7c9604c632ed40735547dcec6c

Sharing

Copy URL Twitter E-mail

General

Target

bda835b4941685094f9452adb7b2f197c989ce7c9604c632ed40735547dcec6c
Size

396KB
MD5

5375ed5ce201f20d2592d0744b707f64
SHA1

bfe9ce7337a9a7f18d661dbb0f19f9340caa932f
SHA256

bda835b4941685094f9452adb7b2f197c989ce7c9604c632ed40735547dcec6c
SHA512

cdee79587470ddda2a813dc810481d8f888033921e5f977c88c4e1bb6759875679423b650606683fb5f0c38156c3506914b6125e21068fc91838ec34116858bb
SSDEEP

6144:YRATUcV0pDLtllD273g6JgzVHee0fipjps5wdIH30ocDtFcpVPdQ:Yt4kDPlGgBZHedipjps5wwEJjcW

Score

N/A

Malware Config

Signatures

Files

bda835b4941685094f9452adb7b2f197c989ce7c9604c632ed40735547dcec6c
.exe windows x86

88c76a2f7ec1868176f083df19570dd7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
Process32First
LCMapStringW
LCMapStringA
SetStdHandle
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
RtlUnwind
HeapFree
VirtualFree
WriteFile
CreateToolhelp32Snapshot
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetVersion
GetCommandLineA
GetModuleHandleA
Module32First
TerminateThread
ReleaseSemaphore
FlushFileBuffers
GetExitCodeProcess
CreateThread
HeapDestroy
GetStdHandle
GetSystemDirectoryA
GetStartupInfoA
CreateProcessA
ExitProcess
GetLastError
CreateSemaphoreA
WaitForSingleObject
Sleep
OpenEventA
SetProcessShutdownParameters
GetVersionExA
GetCurrentDirectoryA
GetPrivateProfileStringA
CloseHandle
CreateEventA
HeapCreate
SetEvent

user32

CharLowerA
CharUpperA
CharNextA
GetDlgItemTextA
SetFocus
DialogBoxParamA
EnumWindows
IsWindowVisible
GetWindowThreadProcessId
GetWindowTextA
GetClassNameA
SetWindowPos
GetDesktopWindow
GetForegroundWindow
MessageBoxExA
MoveWindow
GetDlgCtrlID
GetDlgItem
SendDlgItemMessageA
EndDialog
GetWindowRect
SetTimer
SetWindowTextA
EnableWindow
CheckDlgButton
IsDlgButtonChecked
SetDlgItemTextA
KillTimer
FindWindowA
ShowWindow
SetForegroundWindow
SendMessageA
GetSysColor
DefDlgProcA
LoadIconA
LoadCursorA
RegisterClassExA

gdi32

CreateSolidBrush
CreateFontA
SetTextColor
SetBkMode

advapi32

RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA
DeleteService
StartServiceA
QueryServiceStatus
LockServiceDatabase
UnlockServiceDatabase
ChangeServiceConfigA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService
GetUserNameA
RegDeleteKeyA
RegOpenKeyExA

shell32

ShellExecuteA
Shell_NotifyIconA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uu5s
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0_s0
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.8__09
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.65__s
Size: 512B - Virtual size: 198B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0kk5s
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.llv1
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.775s
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.785s
Size: 512B - Virtual size: 230B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

._05s
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.85js0
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.85j00
Size: 512B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.85sj1
Size: 512B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kajq
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kjoq
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kjj0q
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.n_m
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.o__p
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.o__p0
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.o__p1
Size: 512B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.o__p2
Size: 512B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88c76a2f7ec1868176f083df19570dd7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 568B

.uu5s Size: 512B - Virtual size: 224B

.0_s0 Size: 512B - Virtual size: 212B

.8__09 Size: 512B - Virtual size: 200B

.65__s Size: 512B - Virtual size: 198B

.0kk5s Size: 512B - Virtual size: 162B

.llv1 Size: 355KB - Virtual size: 355KB

.775s Size: 512B - Virtual size: 236B

.785s Size: 512B - Virtual size: 230B

._05s Size: 512B - Virtual size: 236B

.85js0 Size: 512B - Virtual size: 232B

.85j00 Size: 512B - Virtual size: 242B

.85sj1 Size: 512B - Virtual size: 234B

.kajq Size: 512B - Virtual size: 224B

.kjoq Size: 512B - Virtual size: 224B

.kjj0q Size: 512B - Virtual size: 224B

.n_m Size: 512B - Virtual size: 224B

.o__p Size: 512B - Virtual size: 214B

.o__p0 Size: 512B - Virtual size: 214B

.o__p1 Size: 512B - Virtual size: 226B

.o__p2 Size: 512B - Virtual size: 226B

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 512B - Virtual size: 290B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 568B

.uu5s
Size: 512B - Virtual size: 224B

.0_s0
Size: 512B - Virtual size: 212B

.8__09
Size: 512B - Virtual size: 200B

.65__s
Size: 512B - Virtual size: 198B

.0kk5s
Size: 512B - Virtual size: 162B

.llv1
Size: 355KB - Virtual size: 355KB

.775s
Size: 512B - Virtual size: 236B

.785s
Size: 512B - Virtual size: 230B

._05s
Size: 512B - Virtual size: 236B

.85js0
Size: 512B - Virtual size: 232B

.85j00
Size: 512B - Virtual size: 242B

.85sj1
Size: 512B - Virtual size: 234B

.kajq
Size: 512B - Virtual size: 224B

.kjoq
Size: 512B - Virtual size: 224B

.kjj0q
Size: 512B - Virtual size: 224B

.n_m
Size: 512B - Virtual size: 224B

.o__p
Size: 512B - Virtual size: 214B

.o__p0
Size: 512B - Virtual size: 214B

.o__p1
Size: 512B - Virtual size: 226B

.o__p2
Size: 512B - Virtual size: 226B

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 290B