246d03d8a7d08b8f72de304e1c65757e88cd5dd37430ecb3c2275bc2080c05fe

Sharing

Copy URL Twitter E-mail

General

Target

246d03d8a7d08b8f72de304e1c65757e88cd5dd37430ecb3c2275bc2080c05fe
Size

236KB
MD5

af5d789924141c1ac5c03e6262849edd
SHA1

1e9fb1f611ba29745cdf05fca5a0010dcac41d74
SHA256

246d03d8a7d08b8f72de304e1c65757e88cd5dd37430ecb3c2275bc2080c05fe
SHA512

a6763083b5f8515414000186a92ce0dd8afdaab79541914acb334a2f6ae6b99d2c2cf363489b083be1905e9d13361542766f4010ffa84afc17fc42f07eb78221
SSDEEP

6144:zHhr5UpJzkyOnHEgnZEV5Ttcb73v83ouSlFK4g:rF5oQxHfnKHTtS303ouSlF3

Score

N/A

Malware Config

Signatures

Files

246d03d8a7d08b8f72de304e1c65757e88cd5dd37430ecb3c2275bc2080c05fe
.exe windows x86

ae5ca2fbd44dae7542d286fba43553bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_SYSTEM

Imports

kernel32

LoadLibraryW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
MulDiv
TlsAlloc
IsProcessorFeaturePresent
LeaveCriticalSection
EnterCriticalSection
HeapCreate
GetProcAddress
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
DecodePointer
EncodePointer
RtlUnwind
HeapFree
GetStartupInfoW
HeapSetInformation
HeapReAlloc
SetStdHandle
WriteConsoleW
LCMapStringW
GetStringTypeW
FlushFileBuffers
ReadFile
CreateFileW
CloseHandle
lstrcpyA
GetVersionExA
GetModuleHandleA
EnumDateFormatsA
LoadLibraryA
GlobalFree
InterlockedIncrement
VirtualAlloc
Sleep
GetVolumeInformationA
AllocateUserPhysicalPages
GetTickCount
GlobalLock
GetCurrentProcess
InterlockedDecrement
GlobalAddAtomA
FreeLibrary
GlobalDeleteAtom
MapUserPhysicalPages
lstrcpynA
GetCommandLineA
HeapAlloc
LocalFree
WideCharToMultiByte
MultiByteToWideChar
GetLastError
GlobalUnlock
GetModuleFileNameW
lstrcatA
lstrlenA
lstrcmpA
TlsGetValue

user32

EnableWindow
MapWindowPoints
LoadImageA
SetWindowTextA
IsWindowVisible
GetSystemMetrics
GetDlgItemTextA
UnpackDDElParam
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
DispatchMessageA
PostMessageA
AppendMenuA
FreeDDElParam
CreateDialogParamW
IsDlgButtonChecked
GetWindow
UpdateWindow
CreatePopupMenu
ShowWindow
CheckDlgButton
GetCursorPos
SetWindowPos
GetNextDlgTabItem
EndPaint
DestroyWindow
GetDlgItemInt
GetSystemMenu
ScreenToClient
GetWindowRect
PackDDElParam
InsertMenuItemA
PostQuitMessage
SendDlgItemMessageA
IsIconic
FillRect
LoadImageW
LoadBitmapA
GetParent
LoadIconA
IsWindowEnabled
GetClientRect
SetFocus
SendMessageA
BeginPaint
PtInRect
GetDC
TranslateMessage
SetDlgItemInt
TrackPopupMenuEx
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
PeekMessageA
ReleaseDC
GetDlgItem
EndDialog
DefWindowProcA

gdi32

PatBlt
StartPage
DeleteDC
GetDeviceCaps
StretchBlt
CreateFontIndirectA
SetBrushOrgEx
CreateDCA
SetAbortProc
CreateBitmap
DeleteObject
SelectObject
CreateCompatibleDC
Rectangle
StartDocA
FillRgn
CreatePatternBrush
CreatePen
GetObjectA
EndDoc
CreateSolidBrush
EndPage

advapi32

IsValidSecurityDescriptor
LookupPrivilegeNameA
GetTokenInformation
GetLengthSid
FreeSid
IsValidSid
AddAccessAllowedAce
AllocateAndInitializeSid
InitializeAcl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
LookupAccountSidA
IsValidAcl

ole32

WriteClassStg
StgCreateDocfile
CoCreateInstance

oleaut32

SysFreeString
VariantChangeType
SysAllocString
VariantClear
VariantCopy
VariantInit

ws2_32

send

avifil32

AVIFileInit
AVIFileOpenA

shlwapi

StrCmpNIA

comctl32

CreateStatusWindowW
ord413

gdiplus

GdipDeleteGraphics
GdipDrawEllipseI
GdiplusShutdown
GdipFree
GdipDeletePen
GdiplusStartup
GdipDrawRectangleI
GdipCreatePen1
GdipDrawLineI
GdipCreateFromHDC
GdipAlloc

secur32

GetUserNameExA
ApplyControlToken
RevertSecurityContext

dbghelp

EnumerateLoadedModules

oledlg

ord3

sensapi

IsNetworkAlive

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae5ca2fbd44dae7542d286fba43553bc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

ws2_32

avifil32

shlwapi

comctl32

gdiplus

secur32

dbghelp

oledlg

sensapi

Sections

.text Size: 76KB - Virtual size: 76KB

.rdata Size: 118KB - Virtual size: 118KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 28KB - Virtual size: 28KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 76KB - Virtual size: 76KB

.rdata
Size: 118KB - Virtual size: 118KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 28KB - Virtual size: 28KB

.reloc
Size: 7KB - Virtual size: 7KB